How To Enhance Cybersecurity on College Campuses
Author: Denis Tumuhaise
Today’s digitalized world has allowed unprecedented levels of communication and interaction with workers. Being able to collaborate and execute projects while thousands of miles away is becoming the new normal.
While all this technology is fascinating and game-changing, institutions still have to deal with the prevalent challenges of managing cybersecurity on college campuses. Cyber attacks pose big consequences, sometimes disrupting entire education ecosystems. This was seen during recent ransomware attacks on Buffalo schools that continue to obstruct school operations.
For the most part, cyber attacks that compromise cybersecurity are unavoidable. This is mainly because students or staff might unknowingly facilitate hackers whenever they connect to the school’s public Wi-Fi with unprotected devices.
To further show the gravity of the situation, the FBI released a public service announcement. This announcement cautioned educational institutions that “bad cyber actors would exploit increased use of virtual environments due to COVID-19”. So, how can administrators and educators effectively improve overall cybersecurity on college campuses?
Why Are Schools Susceptible to Cyber Attacks?
Higher education institutions rank second only to the medical industry in terms of data breaches, according to the Privacy Rights Clearinghouse..This comes as no shock as U.S. schools have reportedly lost approximately 24.5 million records in breaches since 2005, according to Comparitech.
When a cyber attack happens at a college, the authorities often look to blame students first. This assumption may be based on what our criminal defense lawyers at Spolin Law P.C. call the “school-to-prison pipeline“, which describes the disproportionate impact of education policies on people of color and other vulnerable populations who may be student
Unfortunately, the open and collaborative IT environment fostered by colleges makes them a top target of data breaches and cyber-attacks. Colleges aim to facilitate the free exchange of information. This means that their IT systems are relatively open, constituting thousands of disparate users. Many of whom bring their own devices (BYOD) to campus.
As such, most of these students use different applications, social media, and share substantial amounts of files. Additionally, college systems keep personally identifiable information (PII) from a massive array of data from students and staff, such as names, birth dates, social security numbers, and financial data relating to tuition fees and student loans.
Most colleges maintain outdated systems that are frequently siloed with single-purpose functions layered on as needed over time. Such systems aren’t easily integrated with other systems, thus inefficient– making management and updates challenging and costly.
Furthermore, some education infrastructure maintain a treasure trove of high-value assets. Many colleges and universities are often involved in developing new drugs, innovating computing solutions, and advancing technology in different sectors. This is very attractive for industrial espionage hackers who want to access such trade secrets to profit in outsider markets. The University of Wisconsin once reported facing 90,000 to 100,000 cyber-attack attempts per day to penetrate their systems from China alone.
So basically, with their accessible networks, large volumes of personal data, and research data, colleges present an expansive and porous attack surface, exposing them to multiple cyber threats and risks.
Who Is Responsible for Cyber Attacks?
Generally speaking, organized cybercriminals, unscrupulous corporations, and foreign actors are behind the most coordinated cybersecurity breaches on colleges. However, some students have also been known to attack college IT systems. Some carry out pranks, seek to damage the school’s reputation or highlight security weaknesses.
As mentioned earlier, most of the attackers primarily target intellectual property at colleges. For instance, Pennsylvania State University’s engineering department was once the subject of a multi-year cyber-attack tied to a foreign actor, centered on stealing research utilized by the U.S. Navy. At one instance, this cyber-attack disrupted Penn State’s entire network for three days.
What Is the Entry Point of Such Attacks?
Fundamentally, the primary source of risk on college campuses is the sheer volume of personal devices (laptops, tablets, gaming consoles, smartwatches, and smartphones) that students, teachers, and visitors bring onto campus. Another source of risk is the increasing number of IP-enabled Internet-of-Things (IoT) devices now connecting to college networks to streamline facilities management and cut costs.
What Are The Common Types of Cyber Attacks?
Ransomware attacks are one of the most common cybersecurity attacks on college campuses. Ransomware seems like a faster and easier way to get a larger payout than stealing PII or credit cards, which can be easily mitigated as time passes after their theft. Ransomware is typically employed to lock up an institution’s data, essentially holding it until a ransom is paid, most often in Bitcoin.
Other common cyber attacks that affect cybersecurity on college campuses are covered in this article.
How to Ensure Optimal Cybersecurity for Schools
Leveraging Remote/Cloud Desktops
The first line of defense for college campuses is prevention! And the most effective means of effecting prevention is by utilizing a remote desktop solution. Remote desktop solutions like V2 Cloud provide more permanent protection from ransomware attacks. In practice, IT teams can utilize one server to deploy and support all virtual desktops for education from a central location. This means that they no longer have to deal with agents and physical updates and patches at the user endpoint device.
Additionally, remote desktops offer significant reductions in on-premise VMware and infrastructure costs, budget predictability, high availability, and improved performance. For a more in-depth look into how remote desktop solutions can be beneficial.
- Adopting multifactor authentication techniques to mitigate the impact of password theft.
- Continually encrypting communications and sensitive data kept on college servers or networks.
- Offering campus users updated anti-virus protection software
- Continuously educating students and school staff about basic online safety.
- Instituting regular third-party security risk assessment
Cybersecurity Is Always Growing
Ultimately, stakes are higher than ever for college campuses that don’t take cybersecurity matters seriously. As attacks increase in complexity, there is a definite need to continuously be vigilant while exploiting the latest mitigation strategies and products available.
With more teachers and students studying online because of the COVID-19 pandemic, expect cyberattacks to increase. This is primarily because many educators will conduct classes in less controlled environments outside of the school. Thus, posing increased challenges for cybersecurity on college campuses.
However, a more viable and cost-effective solution is to utilize remote desktops/cloud computers as the first line of defense to minimize internal cybersecurity risks in schools. So, why not be best prepared with a more permanent solution to avoid education interruptions? Or simply provide remote computers for your staff to prevent data breaches.
How V2 Cloud Helped a College Deliver An Improved Higher Education Experience