Aug 08 2017

IoT in Higher Ed Has Big Potential If Devices Are Kept Secure

By employing some basic security tips, colleges can explore the limits of Internet of Things technology.

For those in higher education, the Internet of Things shows major promise when applied in ways like smarter infrastructure and more efficient student services. Colleges like Carnegie Mellon University are even stepping up to research more ways to use IoT by leveraging partnerships with other universities to create a more robust platform.

With recent data indicating that IoT devices will make up half of all connected devices by 2021, it is safe to say that the Internet of Things isn’t going anywhere. But while IoT has great potential on college campuses, it also raises security concerns.

In ISACA’s “State of Cyber Security 2017” report, 59 percent of IT leaders indicate that they have some concern for the security of IoT. Roughly 30 percent of respondents say they are extremely or very concerned about threats to IoT devices.

These IT leaders have good reason to be concerned, with a 2016 attack on video cameras and other IoT devices marking the largest distributed denial of service (DDoS) attack on record. But, with an increase of IoT devices at higher education institutions inevitable, IT leaders need to be looking at how they can protect themselves.

Locating Vulnerabilities in Unexpected Places

Printing services has been one area that has advanced thanks to IoT. When the University of Nebraska–Lincoln closed down several computer labs to reduce overall operating costs, IoT printing kiosks fulfilled the needs of students.

Convenient, connected printers can be vulnerable to security breaches, though. Because college printers receive, store and print things like intellectual property and personally identifiable information, they are also juicy targets.

However, experts indicate that newer printers will have security features, including automatic updates, that boost protection. Elements such as storage encryption can help keep data secure even if a bad actor gains physical access to the storage. Storage sanitizing can also make sure that sensitive information isn’t kept on printers for longer than necessary.

The Basics of IoT Security

With an influx of complex, connected devices, universities also need to be concerned that their networks are prepared in both bandwidth and security protocols. At Carnegie Mellon, exploring what’s possible in IoT also means balancing the need for privacy and protection.

Experts offer some basic advice on planning for IoT security, with the caveat that university IT may never know just how many IoT devices are connected on their campuses.

The following steps should help establish a secure base:

  • Conduct a risk assessment. IT can perform an inventory of known connected technologies and conduct vulnerability scans.

  • Segment your network. Putting known IoT devices on a controlled network significantly reduces their risk of being compromised and limits any damage if they are.

  • Keep IoT devices updated. Like connected printers, all IoT devices should be properly patched and regularly updated.

Like many innovative technologies, the IoT has huge potential on college campuses if it is deployed strategically. By following expert advice and regularly monitoring network security, higher ed IT can make sure that the positives of using IoT outweigh the security risks.

This article is part of EdTech: Focus on Higher Education’s UniversITy blog series.