Business & Technology

Unified Threat Management for Higher Education

By Sowjanya O'Neill | January 25, 2018

Modern technology is transforming the higher education landscape. Innovations in education tech are allowing colleges and universities the ability to offer their students more unique, interactive learning experiences through digital curriculums, education-centric applications, and open educational resources (OERs). This technology has enabled universities to teach students and attract professors from around the world in virtual classrooms, while also enabling a higher degree of customization in learning for each student.

Aside from services offered by universities, students are also changing the ways they engage with their education, using multiple devices and applications to organize and collaborate.

While capitalizing on this technology certainly presents opportunities for students and universities, the open network required to enable and encourage this type of tech-based learning opens higher education institutes up to cyber risks.   

Top Cybersecurity Requirements for Higher Education

As colleges and universities seek to balance innovative technical capabilities with strong network and data security, here are three of the top cybersecurity features necessary for a strong security posture:

  1. Centralized Control Console

As universities attempt to mitigate threats from multiple attack vectors, they are deploying increased numbers of point solutions. However, relying on information each of these siloed tools produce can be burdensome on resources. This is because each of these disparate point solutions provide different intelligence and varying degrees of data visibility.

To effectively manage network security controls, university IT teams need to have centralized single pane of glass visibility into data movement across the network, and a simplified view of security alerts across disparate security devices. This is integral as IT teams do not usually have the manpower to cross-correlate this data and monitor each solution themselves. 

  1. Protection Against Zero Day & Evolving Threats

Colleges must also protect networks against the sophisticated cyberattacks and zero-day exploits used by cybercriminals to steal data – be it personal information of students and faculty, or proprietary research done at the university. These attacks can be disseminated through a multitude of attack vectors such as emails, web applications, or malicious links and attachments. Among the most prominent examples of this type of threat in the education space is ransomware, in which data is extorted for money. However, universities are also regularly targeted with phishing attacks and DDoS attacks using botnets to achieve their means.

Moreover, universities are also targeted by zero-day vulnerabilities, or flaws in their hardware and software, that are difficult to detect until it is too late and a breach has occurred. To mitigate each of these types of attacks, universities need both global and local threat intelligence to update their security infrastructure for protection against zero-day exploits.

  1. Optimized Spend and Resources

In addition to IT infrastructure and security solutions, colleges must also employ IT teams that can deploy each piece of technology and ensure it runs effectively. Building out this infrastructure and team on a limited budget is a challenge, especially given the cybersecurity skills gap employers are facing when hiring for these positions. As a result, IT teams with limited resources often put an emphasis on functionality, while neglecting security. However, in today’s threat landscape, security cannot be an afterthought.

To maximize limited IT resources, colleges need integrated and automated security infrastructure that allows rapid response to each incident, without having to wait for data to be collated and addressed by a busy team member. Additionally, these capabilities result in decreased cybersecurity costs, as integrated solutions are more cost-effective than disparate point solutions, or employing a large enough IT team to manage the network manually. 

Securing Higher Education

To effectively secure colleges and universities, there must be a strong security process in place that does not inhibit the use of applications and devices across campus, while meeting each of the needs stated above. Additionally, it must utilize automation to assist with, rather than complicate, the tracking and mitigating of security incidents across the network. This can be achieved through unified threat management.

Unified threat management allows universities to combine multiple security solutions into a single console to monitor and centrally manage network activity from one location. 

Fortinet’s unified threat management (UTM) solution for higher education incorporates firewalls, application protection, sandboxing, web filtering, endpoint protection, and more to mitigate the threats presented by open networks, BYOD, applications, botnets, etc.

Combining multiple security solutions from a single vendor into a connected UTM means that there is only one interface that university IT teams must manage, while minimizing downtime due to maintenance. UTM offers a single pane of glass view, with IPS and IDS, to view data movement and requests across the network, simplifying operations for IT teams. 

To ensure the most up-to-date security policies, while maximizing IT teams’ time, Fortinet’s UTM is automatically updated with threat intelligence from FortiGuard labs as well as intelligence from each tool within the UTM, providing both global and local threat intelligence. This intelligence protects university networks from known malicious attacks, as well as derivative zero-day threats. These automatic updates save IT teams the time it would take to assess and correlate data from separate solutions to make it actionable, before updating each solution with the necessary signatures. This allows for robust security without being a drain on university resources, or budgets.

Final Thoughts  

Today, higher education institutions have to be able to provide the networked, tech-enabled learning experience that both students and faculty expect, while simultaneously protecting private data. Between limited IT resources, BYOD proliferation, and constant new threats, higher education is in a uniquely complicated position when it comes to network security. Implementing a connected UTM helps universities find a balance between functionality and security, without draining resources.


Learn more about Fortinet solutions empowering 21st century classrooms

This blog originally appeared in EdScoop.