Jul 01 2020

Solving Evolving Security Challenges for Remote Campuses

By integrating threat detection solutions such as those offered by Palo Alto Networks, universities can equip themselves with the security measures that remote staff and students need.

The higher education landscape in the U.S. has changed drastically since March. In many cases, students left their campuses for spring break and never returned. While remote learning may now be required for universities and colleges, it is a substantial change for most students, faculty and IT leaders. 

In addition to learning challenges, the rapid shift to virtual classes has introduced a number of IT threats. The sheer number and wide distribution of devices make it harder to provide end-to-end security.

“The perimeter is gone,” says Hunter Ely, a security strategist at Palo Alto Networks, the global cybersecurity leader. “The perimeter is now that space around each of your users or each of your branches; that’s where your perimeter is. You have to bring the security in, and you have to enforce using a zero-trust model.”

Because very few universities are considering reopening campuses at normal capacity in the fall, online learning will continue to be an integral part of the future of higher ed. With data dispersed in new and varied locations, it is important to pay attention to network traffic analysis jumps. As colleges and universities navigate this new normal, Palo Alto Networks is ideally situated to help higher education institutions achieve the level of security they need for students, instructors and staff — regardless of where they are physically located.

LEARN MORE: See what Palo Alto Networks can do for your university's technology needs.

From Hardware to Cloud, Improve Security

To make this happen, hardware-based solutions that sit on the physical network will need to be either replaced or augmented by cloud-based solutions. By integrating threat detection solutions such as those offered by Palo Alto Networks, universities can equip themselves with the next-generation security measures they need to protect against cyberintruders. 

“There are many ways to protect the network. What we’re doing is software-defined and cloud-delivered security, which is the way forward,” Ely says. “Where we’re focusing our time and effort is in building security services that are contextual to the person, device or network. That’s important because you don’t have to rely on traditional, on-premises methods to secure remote access.”

“You don’t have to route all your traffic through your firewall to inspect and make sure it’s secure,” adds Ely. “It’s all enforced at the cloud level.”

Why Automation Is Essential For Security

Given the number and variety of cyberthreats, automation is essential for protecting networks. While network traffic and user behavior analysis are the main components of network protection, Ely says the most important benefit that automation provides is efficiency. This is the basis of Palo Alto Networks Cortex XDR extended detection and response platform, which runs on integrated endpoints, networks and cloud data to reduce the noise. This frees up security staff to focus on actual threats.

“On their best day, budgets are not growing. On their worst day, budgets are at risk of shrinking,” Ely says. “So how do you face increasing adversaries without the ability to hire more people and purchase more tools? The only way you can do that is through automation.”

He adds, “User behavior analytics, network traffic analysis — all of this feeds into Cortex, which uses machine learning and artificial intelligence to contextualize and normalize all of this traffic,” allowing IT teams to easily distinguish patterns. 

MORE ON EDTECH: Learn how artificial intelligence can solve cybersecurity staffing shortages.

For example, the Palo Alto Networks security operations center receives over 100 billion events per quarter. About 99 percent of the events are considered low hanging fruit, Ely says — things like network time and server redirects. Less than 1 percent of these are identified as actual threats.

Using automation, the SOC team needs to work only a few hundred events per quarter. With Cortex XSOAR (formally Demisto), the team can focus on prevention instead of reacting to every threat. 

“Out of more than 100 billion events, we’re seeing 500 manual interventions per quarter for our SOCs,” Ely says. “That’s the power of automation.” 

Recognizing that remote learning will remain a large part of education, Ely notes that Palo Alto Networks will evolve its offerings to meet the changing demands of the higher ed sector. “We’ve got to listen to this community,” he says. “We’ve got to build products that meet their needs.”

Brought to you by:

erhui1979/Getty Images

Become an Insider

Unlock white papers, personalized recommendations and other premium content for an in-depth look at evolving IT