He says one way to strengthen that network’s security is to change that thought process.
“The first thing is don’t fall into that trap,” Kumar says. “You’re not different, you have regulations to deal with, you have BYOD, you have complex networks around campus. You’re just like every other commercial institution that is out there. Follow the best practices for how you successfully implement BYOD so it’s secure.”
Know what’s on your network
Chen says colleges should familiarize themselves with what information is on their networks.
He says when college familiarize themselves with their networks, they create a visibility of what devices are on the network and how that affects certain policies, such as BYOD.
“One thing they really need to wrap their heads around is needing visibility on the types of devices and what’s on their network,” he says. “They need to know what’s on their network, the types of devices, and how that bandwidth is currently being utilized.”
Consider the value of information publicized on the network
Sadik Al-Abdulla, Director of Security Solutions for CDW-G says colleges should think long and hard about what kind of information they publicize on their network, and consider how sensitive that information is.
“Decide what to expose to Cloud in the first place,” he says. “Understand where sensitive information is and where it’s flowing, whether or not you’re consuming Cloud services. The second step is if you’re explicitly permitting sensitive information in the Cloud services, it’s getting new consideration to pre-encrypting that information.”
“When you have an attack coming in, it’s not necessarily coming in from your firewall, it’s not just a device that was detected. You may have student devices that were at Starbucks or a hotel or other places and they may have gotten infected there, and there’s no awareness of that. Students pass assignment through USB all the time and if one of those files is infected, infections can pass through those pathways, which are often unmonitored by security systems.”
Pick great passwords
Al-Abdulla says colleges should pick powerful passwords to access different portals on their network.
When the password is strong, no intruders should pass through.
“The strength of the protection of that data comes down to how strong your users’ passwords are,” Al-Abdulla says.
Know where to get support
Al-Abdulla says colleges should pick an organized, experience team or staff members to turn to in case of a network emergency, and to have those people on speed dial.
“In a lot of cases, lack of an officially supported set of services results in the organic explosion of whatever people want,” he says. “I think trying to get ahead of that can actually mitigate risk in a pretty dramatic way. Even just as simple as having an officially supported file transfer service and making sure that it’s nicely integrated with the college systems can result in people not using completely unsecure services.”