Web safety with data in mind

Confidential school information has become increasingly vulnerable as schools accumulate more personal data on pupils and teachers

This fact is not going unnoticed by highly skilled student hackers. In January of 2014 a student hacked into the personal files of a head teacher at Peterborough’s Thomas Deacon Academy and emailed 29 of her personal documents to all 2,092 of the school’s students.

Unfortunately, this is not an isolated incident. This and other data loss problems are exacerbated by the fact that school networks are now storing more sensitive data than ever before, such as health records and financial data. If these records are exposed, the consequences could be severe. Even worse, as has been demonstrated in many high profile data breaches, data loss is often not discovered until months after an event has occurred.

Legacy Web security can’t protect your school

Protecting pupils from inappropriate Web content and protecting private data on school networks is of paramount importance. Unfortunately, the sophisticated advanced persistent threats (APTs) and zero-day attacks of today’s threat landscape seem to be able to infiltrate many networks that organizations thought were secure. Adding to the challenge for schools is dealing with more and more pupils on mobile devices. Unfortunately, many of the Web security solutions now deployed in schools were created before the Web 2.0 environment and the mobile revolution even existed.

Now that we are moving toward the era of Web 3.0 and beyond, their ability to keep up with sophisticated threats is being further eroded. In addition many legacy solutions lack capabilities that schools require such as; the ability to easily encompass all mobile and BYOD users into the school security policies; bandwidth controls that can ensure network availability during peak usage; and visibility across the full Web stream necessary to stop advanced persistent threats (APTs) and prevent data loss.

What to look for in a Secure Web Gateway built for Education

First, it’s important to find a solution that was developed to meet the challenges of the mobile-enabled classroom and the new threat landscape.

The solution you choose should be able to easily encompass all mobile and BYOD users and authenticate them to the school Internet security policies so that they and your network are protected. Legacy Web security solutions monitor ports 80 and 443 only and lack visibility over the full Web stream. Advanced threats hide on unseen data ports, such as those used for streaming video data, using them to infiltrate the network. Having visibility across all data channels, with the ability to stop streaming data and block hidden threats, gives your school more protection against malware and data loss.

With more schools handling SSL traffic, it’s also important that your security solution have a flexible approach capable of decrypting SSL at the gateway, but also inspecting without decryption when the situation requires it. Many security solutions handle SSL by decrypting all traffic, leaving you open to man-in-the-middle attacks or regulatory and privacy violations. Finally, it’s imperative to choose a solution that offers robust data protection. One with multiple layers of defence can keep advanced threats from entering the school network, plus prevent private data from leaving. In addition to layers such as AV signature database and sandboxing, look for continuous infection monitoring to find infected computers fast, network baselining to analyze outbound data traffic and find anomalies, and quarantine of infected devices. It’s the only way to protect your school against APTs and other inbound threats, while ensuring your critical private data is protected.

For more information about iboss Web Security built for education, visit www.iboss.com