By identifying and addressing cybersecurity vulnerabilities before they can be exploited, educational institutions can take action to reduce their risk of data loss and minimize the potential impact of cyberattacks. Here are four approaches or steps to consider:
Employ Defense in Depth
Seeking to act anticipatorily and defend against all threats and risks to their data, many institutions choose to construct their cybersecurity plan around a multilayer—or defense in depth—approach. This methodology creates a secure environment that is likely to protect data, even if one layer is breached or compromised.
- Perimeter Security - The first layer in a multi-layer approach to cybersecurity involves the education and training of students, employees, and other faculty on cybersecurity threats and best practices. End users should receive instruction and support that is tailored to their level of cybersecurity experience and their role at the institution. Data access should be granted on a need-to-know basis, with no user having access to information unrelated to their position or responsibilities. All hardware associated with data storage should be secured against unauthorized access and backed-up in case of fire or natural disaster.
- Network Security - This layer focuses on establishing security protocols for internal networks, regulating access, and securing connections. Firewalls provide protection against external networks, while intrusion detection systems (IDS) and intrusion prevention systems (IPS) monitor for or restrict irregularities that may represent threats.
- Endpoint Security - Endpoints, an attractive target for cybercriminals seeking to penetrate network security, include network-enabled devices such as smartphones, computers, and IoT devices. Endpoint concerns revolve around the potential for users to access programs, which may compromise their device and threaten connected networks. All applicable updates and patches should be promptly applied, while institutions closely monitor and regulate which applications can execute on associated endpoints.
- Application Security - This includes applying patches regularly and creating application-specific security settings, detailing how each application can be interacted with by users. Application testing and code review can help identify vulnerabilities to be addressed, ensuring data remains protected within applications.
- Data Security - Security at this level ensures all data is protected at rest, in use, or in transit. Employing measures such as single-sign on and multi-factor authentication limit unauthorized transmissions, while utilizing the Secure Sockets Layer (SSL) and other encryption tools can safeguard data. Maintaining a secure backup protects data against corruption or loss.
Automate Software Updates and Patches
A common misconception is that more modern software applications simply provide newer technology that offers more innovative user experiences and an enhanced feature set. Many modern applications also deliver enhancements to help combat existing security vulnerabilities. This concept is even more important to consider when employing outdated legacy applications. When vendors provide limited support for legacy applications, development efforts related to ensuring the solution is secure and up to date is typically not a priority. For this reason, institutions should automate updates and patches. From major systems to minor endpoints, updates and patches should be applied as quickly as possible to ensure noticed vulnerabilities are eliminated before they can be exploited. Major ransomware attacks, WannaCry and Petya, internationally targeted outdated and unpatched systems with devastating results. Devices, software, and even internet browsers that are not updated or are unsupported could all be potential targets for cybercriminals.
Keep a Secure, Comprehensive Backup
Many ransomware and other cyberattacks could be deterred by searching for and promptly addressing vulnerabilities in the system or circumvented by maintaining a secure backup of all data. With this approach, you don’t have to worry about losing access to important data should ransomware, cyberattacks, or even a natural disaster occur.
Embrace the Cloud
While cloud-based deployments possess their own cybersecurity considerations, they can also provide unique advantages in securing confidential information. When properly utilized, the cloud can supplement a layered defense by incorporating multifactor authentication, data encryption, and allowing response to vulnerabilities in real time. Institutions can also supplement their physical security with cloud-based deployments, as cloud vendors are responsible for securing their hosting facilities.