Are university networks wide open to cyber-attacks?

Chris Sherry, regional VP at Forescout, explores how the IoT leaves institutions wide open to hackers, and explains how IT managers can strengthen the integrity of their cybersecurity strategies

The explosion of the Internet of Things (IoT) – that is, anything from laptops to printers to security cameras and heating sensors that connect to the internet – has meant that organisations and institutions today struggle to get a comprehensive view of all the IT endpoints that connect to their networks.

Universities are particularly struggling with this growing challenge, and the problem is often rooted in a culture of bring your own device (BYOD). What this means is that students, teachers and other personnel bring hundreds, if not thousands, of devices to campus – on average, three per person – and connect them to the wifi, unknowingly opening the entire network up to myriad of vulnerabilities.

For example, if one laptop brought in by a student attending a lecture becomes compromised by a hacker, that threat can then move laterally and potentially take down the entire system. Not only this, but given that many universities are at the cutting-edge of innovation, resources such as lab equipment, engineering machinery and medical tools are increasingly being connected to the internet in a bid to become more efficient and offer more helpful information to students and teachers. Even a printer in the library that hasn’t had its default password changed could open the door to a huge breach. 

Couple these challenges with an expectation to serve the needs of highly mobile, ultra-connected students, as well as provide faculty and staff with 24/7 access to the internet, and it becomes clear that schools, universities and all educational organisations have a real job on their hands. 

Recent research has found that 85% of IT teams agree a lack of full visibility is a significant point of weakness in any security infrastructure

Gaining knowledge of all devices on the network

The first step for IT and security teams looking to protect university networks is to gain full visibility over every endpoint that touches the network – after all, you can’t protect what you can’t see. Recent research has found that 85% of IT teams agree a lack of full visibility is a significant point of weakness in any security infrastructure and, on average, any organisation that then goes on to achieve comprehensive visibility over its devices will find 30% more devices than they were expecting.

This is because there are many different types of IT assets that may not have been considered to be IP-enabled that sit on the enterprise network. Operational technology (OT) such as building sensors, security cameras and even light switches are now becoming ‘smart’ in a bid to optimise energy efficiency amongst other things, and these all act as gateways for hackers if not securely identified, assessed and managed. 

By identifying computers, unmanaged personal devices, IoT devices and rogue endpoints in real time, IT security teams can locate vulnerabilities faster and mitigate risk before it causes serious downtime or data loss. 

Mastering management and protection

Once visibility has been secured, IT teams can consolidate the management of IoT, OT devices into one, central cybersecurity hub and create policies based on the needs and behaviours of different types of devices. 

To summarise, universities have the IT access, privacy and regulatory requirements of small cities. They support residents, visitors, business operations, retail outlets and more, as well as having the added responsibility of protecting the intellectual property of research facilities and other innovative resources. All of these things can make the job of securing the IT network challenging, but with the right tools in place, they can be met with ease – allowing time to be better spent on improving education. 

Forescout website: 

You might also like: Clickjacking is the most common form of hacking in education, survey reveals