logo

Three Top Trends in Higher Education IT

The toothpaste is out of the tube, and higher education will never be the same. The ability to work and learn online from anywhere has been popular with faculty and students. Now that the systems are in place, academic leaders won’t want to see the work and budget that went into overhauling their entire IT framework go to waste.

  • Published: 09-05-2022

  • Related Category: Training

  • Type of Content: Reports

  • Owner: Sonicwall


The toothpaste is out of the tube, and higher education will never be the same. The ability to work and learn online from anywhere has been popular with faculty and students. Now that the systems are in place, academic leaders won’t want to see the work and budget that went into overhauling their entire IT framework go to waste.

Now, CIOs and CISOs are asking themselves what’s next, and the answers aren’t the same for every institution. Some are focusing on restoring their environments to pre-pandemic conditions at the lowest cost possible. Others are evolving their IT strategy to best serve the current blend of online and virtual learning with an eye toward cost control. Still others want to digitally transform their entire institution, which calls for a flexible and scalable security approach.

But no matter which approach is taken, there are three fundamental challenges everyone is dealing with right now, and they’re going to be evergreen: connecting to multiple unknown endpoints safely, managing traffic securely at capacity, and delivering a consistent, reliable user experience.

Endless Endpoints + Anytime, Anywhere Education

THE CHALLENGE: Multiple endpoints, unknown to your network, being used by students and faculty to attend online classes. How do you ensure the right users get the right level of access?

The number of remote connections to educational institutions rose exponentially this past year – the greatest leap of all industries. If the higher ed network perimeter was becoming fuzzy before COVID, now it’s completely dissolved.

Protecting all these new endpoints with conventional security is difficult or impossible. It definitely would be expensive. Yet the need is there, as current evidence shows that higher ed blocks more access requests than any other sector due to restrictions on IPs, times, locations, versions, platforms and software. Despite attempts to tightly control access to academic networks, higher ed continues to suffer successful breaches. As more of the functions of educational institutions move online, the problem will continue to grow.

To protect their institutions, IT leaders in higher ed need to gain visibility into their networks and implement a Zero-Trust security model.

Visibility is a top concern among higher ed CISOs

Visibility is the number-one challenge CIOs are concerned about today. With the adoption of cloud services and the rise of the hybrid network, visibility was already a chief concern. Now that higher ed has shifted to a remote learning model, the need to see who’s using the network — and what they’re doing inside the network — is even greater.

VISIBILITY

Visibility can only work if there’s one unified view through a single console. The old way of clicking between screens and trying to normalize data from different vendors doesn’t work in a cloud or hybrid environment. It definitely can’t work when the user base consists of thousands of remote connections.

Higher ed IT systems need to filter content to and from remote users. They need to inspect HTTP and HTTPS traffic, apply granular policies on blocked and allowed categories, exclude trusted applications, and blacklist untrusted applications. They also need to expose which applications access the network and what vulnerabilities they contain, such as outdated patches or whether they’ve launched unauthorized processes. And the dashboard through which IT staff consumes this information needs to be fully interactive, with actionable intelligence, prioritized alert settings and end-user notifications.

Let the castle crumble. Zero-Trust Security is what works now

The traditional approach to security is built around the “castle- and-moat” model. Everything valuable is behind the “walls” of the network perimeter, and defense efforts are focused on only letting authorized users inside. Once inside, entities are assumed to be trusted.

In 2018, higher ed ranked last of all industries in cybersecurity performance.
In 2021, that has to change.

But in a world where the most straightforward transaction may involve hundreds of cloud-delivered services, there is no perimeter. History has proven that a person’s (or a thing’s) ability to gain access to a network isn’t concrete proof that the person or thing is trustworthy. We know that not all users act responsibly, and we also know that weak or stolen credentials are one of the most common tactics used by malicious actors to penetrate a network.

Zero-Trust is based on the least-privilege concept, where a user can only access the resources they need to perform their task and nothing more. User and device behavior is continuously monitored for abnormal activity, and the connection is ended if the behavior meets specific criteria. For further protection, the attack surface is reduced through micro-segmentation, which defines internal trust boundaries and granularly controls traffic flow to secure the infrastructure and prevent threats from spreading laterally.

>> Download Report to continue reading.



Related Reports: