The kids are back to school and hopefully they’re heeding the right advice on how to stay safe in an educational environment, but students aren’t the only ones who should be concerned about security now that classes are in session. Educational organisations and school districts also need to ensure they’re following the right strategy to protect students, staff and data, from malware and other threats.
It wasn’t that long ago that many schools didn’t have much of an online presence. Few classrooms had computers and many of them weren’t connected to the Internet. But those days are gone and educational organisations are faced with a multitude of challenges to safeguard data from a wide variety of threats and vectors. Here’s a look at some of them and what protection options are available.
Issue: Many school districts are using older computers (and older operating systems) because they don’t have the budget for upgrades or replacements. This is causing performance issues for users because the AV products are hogging resources.
Solution: Many AV products today assume that users have a newer machine. And with so many signatures being added on a regular basis, the software gets heavier and heavier over time. One solution is to test several AV products on an older machine to determine which one has the least impact on performance. For PCs still using Microsoft Windows XP, keep in mind that Microsoft is ending support for that OS in April 2014. Whether or not you upgrade the hardware, it’s important to maintain a current OS in order to stay properly protected.
Issue: As education budgets tighten, so do the IT resources to manage and control the applications and devices used by students and faculty. IT administrators don’t have the time to proactively manage because they spend too much time reacting: patching machines, removing out-of-date applications and more.
Solution: A limited number of security solutions today integrate third-party patch management, and antivirus application removal tools that allow IT admins to make more valuable use of their time.
Issue: One challenge that school districts (not to mention many businesses) face is the management and security of a multi-OS environment. Threats come in many forms, some looking to exploit weaknesses in a specific OS. The more operating systems you have, the more potential holes you have to cover. There’s also the matter of finding a security solution that is strong across multiple endpoint flavours.
Solution: Look for a security console that manages across multiple operating systems, such as Windows, Mac, iOS and Android, in a single pane of glass. The wider the console can manage from an OS perspective, the less likely something is to sneak by and the more “in the know” you will be when it comes to what’s going on from a security reporting standpoint.
Issue: More students are bringing mobile devices to school, and more schools are leveraging the BYOD trend by providing learning materials and other information online. Managing who has access to what and when is becoming a serious challenge for many school districts.
Solution: Mobile device management has become an important feature for antivirus. Not only should students utilise their own AV on their devices, but school districts and other organisations should also make sure their AV solution has the ability to centrally manage Android antivirus as well as provide mobile security for iOS and other devices, ensuring that your network remains free of any threats.
Issue: Protecting students’ grades and other personal data is a paramount objective for any educational organisation. A data breach could cause significant harm—financial and otherwise—for a school district that fails to keep students safe.
Solution: A security solution should be able to track what’s happening in both directions, and alert IT administrators of any usual movement. A bi-directional firewall protects against both inbound and outbound threats and should provide optional rules for applications, ports and system services. In addition, Web filtering features should automatically block malicious URLs and phishing Web sites that users may stumble upon.