4. Strengthen your data privacy strategy. “Everyone is focused on protecting devices, but in the end, it’s really about the data. Hackers want to steal your data and disclose it. They want to destroy your data, either for money or for kicks. That’s why we are seeing an uptick in ransomware attacks against educational institutions,” says Randy Marchany, Virginia Tech’s information technology security officer. Marchany is also the director of the Virginia Tech IT Security Lab.
Not all data is made equal. A sound data protection strategy starts with inventory. “Is it payroll? Is it student data? You have to know what you have,” Marchany says. “You need to find where it is stored before you can protect it.” Delete anything you no longer need, then classify the remaining data that you need to protect in order of priority. Personal information, intellectual property and financial data should always be ranked as higher-value assets.
5. Secure DNS protection. Typically offered as a managed service, secure DNS offers an automated way to identify and block potential threats. Suppose a student or a faculty member inadvertently sets a malicious process loose in the system; before the system shares data with the threat actor, secure DNS can kick in to stop it.
“That’s a call outside of the network, and those calls are associated with a domain,” Globe says “A secure DNS provider will block that request if that domain is associated with malicious activity. It takes about five minutes to register and no more than 72 hours to get it up and running. You don’t have to be a skilled IT person to do this.”
MORE ON EDTECH: 5 tips you need to know to design a safer DNS.
Factors for a Robust Defense-in-Depth Deployment
Beyond these key layers, a powerful defense-in-depth deployment should also include some essential tools, such as anti-virus software, which is critical to any security protocol. But it’s important to understand the nuances. Many products rely on signature-based detection, which is helpful but not necessarily sufficient.
Forcepoint, for example, offers an anti-virus solution with heuristic features that can scan for suspicious patterns and activities.
Universities also need strong password policies, with rules in place to ensure passwords are sufficiently complex. Hold regular user trainings to support safe handling of passwords. Password lockers, also known as vaults, can also help automate password management. This can bolster security while lightening the IT department’s workload.