Alain Penel, Regional Vice President Middle East at Fortinet explains that clever use of security policies and technologies can help public institutions secure relevance in a globalising world and can help them migrate to the next level.
In recent years the education sector has gone through a transformation. From a world of individual and largely isolated institutions, schools, colleges and universities have embraced technology to create a rich learning experience where borderless collaboration is the norm.
Public sector institutions in particular can benefit on several levels by integrating and securing their technology rollouts. By introducing virtual classrooms, an institution be it a public school or college, can – for instance – maximise the number of students reached by a single teacher – students could be at different campuses or could even login for lectures from the comfort of their own home. Virtual classrooms also open the doors for public sector institutions to attract a greater volume of students from other locations and geographies, as the physical appearance of the student is no longer a prerequisite.
In deploying technology trends have emerged including the use of rich and engaging educational materials, as the focus on computing applications has become widespread and teaching methods geared to take advantage of them have come into place. Concurrently, with the availability of Internet bandwidth and smart mobile devices, young adults’ lives have become much more centred around the Internet and the activities they carry out on it.
The instant availability of content, however, also exposes students to the worst ills of our global society. Websites that distort facts, promote violence or other unsuitable content are readily available, while cyber scams inundate Internet users in an effort to steal their money and personal information every day.
Still there are ways for institutions to harness the value of ubiquitous connectivity and the Internet while mitigating the inherent threats. This starts with a self-assessment of their own needs and challenges, followed by finding solutions to them based on current technologies and industry best practices. Let’s review the common ones:
Campus topologies and high density access
Regional schools, colleges and universities can have multiple faculties and departments located in disparate buildings. Deploying wired networks can be cost prohibitive and impractical in many situations. An attractive alternative is to provide wireless connectivity based on the latest international standards to allow rapid and cost-effective extension of existing networks across the entire campus.
Where wireless networks are deployed steps must be taken to ensure that users in high traffic areas like lecture theatres are well catered for. Channel interference, as well as channel frequency and access point overload, are also common issues that degrade the quality of wireless service and must be looked into. The solution includes the use of properly configured wireless networking equipment designed for high traffic conditions.
Students expect to be able to access the Internet from their personal mobile devices at any time and from any location. Institutions must make sure that their wireless networks, particularly those in high user density environments, can cope with large variability in client numbers, load and traffic types. In addition the security solutions put in place must allow the rapid and cost-effective extension of the network across large areas, between buildings and even in built-up areas. This is essential for optimal campus-wide service delivery.
User identification for profiling and segmentation
Different user categories (i.e. students, staff, visitors) need to have different levels of access to internal and Internet based resources. Schools can dictate this in a number of ways but the most common and efficient is through user identification at the point where users authenticate onto a network.
Having security policies that are based on identity and the type of device used allows an institution to define and implement solid boundaries. Some security solutions on the market allow two-factor authentication to be used in conjunction with robust identity management capabilities − this lets institutions give fine-grained authorisation to network-based resources. Notification of attempted policy violations to appointed staff completes the governance of acceptable usage policy implementation.
Wireless guest provisioning
It is generally a given that visitors to modern education institutions can enjoy access to the Internet. Ideally, this is provided free of charge and branded with the institution’s own landing/login page.
Consequently IT infrastructure is required to provide this type of differentiated service comprising of wireless access points, wireless guest management and welcome/login pages in addition to fine-grained, segmented security management.
Cost-effective bring-your-own-device (BYOD) security solutions that can manage the full diversity of user profiles − from purely unknown wireless guests through to high privilege administrators of IT resources connecting from a controlled desktop − can help institutions effectively control guests’ mobile device usage. Such BYOD solutions should be able to manage security profiles based on factors like the mobile device platform type and client reputation.
Demonstrable duty-of-care and acceptable use policies
Despite the fact that the majority of users of the schools’ networking and Internet access are over the age of consent, the need to provide a demonstrable duty-of-care remains. The core pillar of this responsibility is an enforceable acceptable use policy that defines e-safety and strikes a balance between accessibility and protection for each faculty, function and user category.
As a best practice, schools must detail the controls that are put into place, whether they are preventative, detective or corrective. Security policies must be flexible yet robust, incorporating up-to-date filters to categorised Web sites and applications, while allowing access to white-listed resources.
Globalising campuses
Intensifying competition in the education sector has driven institutions to search for lucrative overseas students. Many regional institutions have partner or extension faculties in other parts of the world, which enables them to extend their reach. . The key to the success of such strategies is fast yet secure wide area networking linking such sites together to share resources and create virtual classrooms that make geography challenges a thing of the past.
Budgetary challenges
In the public and private sectors alike, budgets are under pressure. The delivery and support of technical systems is usually relegated to secondary priority after front-line services with direct, visible costs such as staff, capital assets and buildings. IT directors can meet budget expectations better by using technology platforms that are not just cost effective at the acquisition stage but also easy to manage and support in the long run.
Institutions today are hard pressed to expand and upgrade their IT infrastructures − not just in response to student and staff demands, but to national education guidelines and the business pressure for expanding operations to overseas markets.
Marrying the above steps with strategic thinking can remove the triple constraints of cost, complexity and security slowing down such transformation, and help bring institutions to the next level.