Higher Education networks have become incredibly complex. Long gone are the days where students connected desktop computers to ethernet cables in their dorm rooms for internet. Now students can access the school’s wireless network at anytime from anywhere and often bring four or more devices with them on campus. Expecting to use their smartphones and gaming consoles for both school related and personal matters, they rely on constant internet connectivity.
While the latest technology streamlines processes and makes the learning experience more efficient, higher education institutions’ networks have not kept up with technology and cyber security requirements. Network security threats have become more common, and according to a recent Infoblox study, 81 percent of IT professionals state securing campus networks has become more challenging in the last two years.
Nevertheless, outside threats aren’t posing the biggest challenges, internal threats are.
More devices, more malware
IT administrators at universities have seen a surge in the number of devices connected to company networks, making the network more vulnerable to cyberattacks. Innovation in personal technology has played a large role in this. Students are bringing a surplus of devices with them to school beyond laptops like smartphones and tablets. For example, an Infoblox study found that students now use tablets (61%), smartwatches (27%) and gaming consoles (25%) on campus.
This spike in devices directly impacts universities network activity. Where a few years ago IT administrators only had to worry about managing the school’s devices, and potentially student and faculty laptops, that is no longer the case. The survey found that 60 percent of faculty, students and IT professionals use four or more devices on the campus network. This has made managing network activity incredibly complex, and has increased the risk of cyberthreat. Devices that are not native to the university network often do not maintain the same security standards that IT administrators are accustomed to.
Outdated security best practices
IT improvements have not been able to keep pace with the rate at which network activity is changing, making their networks an easy target for hackers and DDoS attacks. When devices using the university network are not properly secured, hackers can take advantage of this by breaking into the device, accessing the network and wreaking havoc that can cost universities millions of dollars.
For example, Infoblox’s survey found that 60 percent of faculty haven’t made network security changes in two years. In addition to not making updates to security best practices, 57 percent use outdated security measures like only updating passwords as a security precaution. Poor security practices also make it easier for hackers to compromise network infrastructure and access sensitive information.
A complex cybersecurity strategy that involves network protection can help to combat these types of attacks, but only 52 percent of current network management solutions have DNS provisioning capabilities and can provide remote network access control. This technique plays a critical role in identifying unusual activity on the network.
Lack of security awareness
Additionally, college students and faculty alike are not up to speed with the latest cybersecurity best practices and often make poor decisions that ultimately compromise network security. Thirty nine percent of IT administrators say users aren’t educated enough on security risks, which makes managing the network more challenging. Students are also unaware of the risks IoT devices can pose to the overall health of the network and don’t have the security knowledge to understand the nuances. For example, 54 percent of IT administrators say at least 25 percent of student’s devices come onto campus already infected with malware.
College students are known to be reckless when it comes to partying, but it appears this mindsight has also influenced their approach to cybersecurity. Infoblox’s survey also found that one in three college students have heard of other students implementing malware or making malicious attacks on the school’s network. Students clearly have little regard for how their network usage can impact the network, making the job of the IT administrator extremely difficult.
For better network security at higher education institutions, change needs to begin from within. The IT department needs to implement a next level network security strategy that can thwart the ongoing threat of DDoS attacks. Students and faculty need to be educated on security best practices when using devices on the university network. In the age of the Internet of Things, the number of internet connected devices connecting to the campus network will only increase, and the network needs to be fortified to support this influx from both a performance and security standpoint.
About the author: Victor Danevich is the CTO of Infoblox where he helps customers achieve Next Level Networking via hyper-scalability, implementing automation, and improving network availability with solutions that are built with security from the core.
Copyright 2010 Respective Author at Infosec Island