Apr 08 2021

How VMware’s Solutions Secure Remote Learning and Work

Universities need more advanced endpoint protection and zero-trust solutions to safely enable remote work at scale.

America is fighting a pandemic on two fronts: a physical one and a virtual one. The cybercrime pandemic began almost immediately following the rapid switch to remote learning and work due to COVID-19. The FBI notes that reported cybercrime incidents grew by 400 percent in 2019 and 2020. To make matters worse, malicious actors have been leveraging the public’s fear of COVID-19 to create targeted phishing campaigns.

Colleges and universities found themselves especially vulnerable to these attacks as they moved thousands of students, faculty and staff to a remote learning and work environment. A year after the great pivot, many colleges and universities still find themselves lacking the right IT support to protect digital classrooms and workspaces.

With VMware’s advanced endpoint protection and zero-trust solutions, however, post-secondary schools can effectively secure digital workplaces at scale.

STAY CYBERSAFE: Learn how VMware can effectively secure your institution's endpoints.

What Does Zero Trust Mean for Higher Education?

Coined by the analyst John Kindervag in 2010, the term “zero trust” references a security model that doesn’t automatically and inherently trust devices and services within the security perimeter. Instead, zero-trust architecture requires the creation of trust across five pillars: device, user, transport/session, application and data.

While devices and users can earn trust over time through consistent asset usage and actions, trust is never assumed. Sudden or unexpected behaviors can still trigger zero-trust security measures to help reduce total risk.

According to Tom Kellermann, head of cybersecurity strategy for VMware, the zero-trust model is evolving to meet the needs of cloud- and mobile-driven enterprises such as colleges and universities. “It goes beyond the ID and the endpoint,” he says, “and extends zero trust through the infrastructure to prevent any attacks from reaching the primary network.”

VMware is one company that specializes in cutting-edge zero-trust architecture. By combining the intrinsic end-to-end security of Workspace ONE with the VMware Carbon Black Cloud Endpoint Standard, post-secondary schools are better equipped to manage the evolving security threats posed by in-person and remote access points.

Securing Universities with the VMware Model

Kellermann puts it simply: “Higher education is a hotbed for security threats. While students and professors have good intentions, if their devices are compromised, hackers can gain significant network access.”

The sheer volume of devices and endpoints makes college networks even more challenging to secure, especially as institutions work on balancing remote and on-campus access. “In many cases, users are not sure if their devices have been compromised,” says Kellermann. “Even if it’s slow, or applications are crashing, to navigate this type of nuance, you need more context. You need to understand what’s happening between the device, the network and the outside world.”

One of few viable solutions is what Kellermann calls the “special sauce” of VMware’s zero-trust framework: behavioral detection. “It’s not about inhibiting privacy,” he says. “Instead, it’s laser-focused on ensuring devices are protected against common threats by detecting misconfigurations or identifying processes that shouldn’t be running.”

This allows IT departments to respond as threats are happening, rather than waiting until after the fact to discover what damage attackers have caused. “Teams can set processes to terminate automatically,” notes Kellermann, “or have an email sent that provides immediate visibility, which allows them to engage with endpoint threats directly.”

What’s even better? With Workspace ONE, auto-provisioning of endpoint protection is easy. Device installation is not required; teams simply turn on detection and response as needed.

The Changing Face of Compromise

Malware is evolving, and so are user expectations. This creates a security paradox for universities: How do they ensure critical assets are defended without creating friction for authorized users?

According to Kellermann, “most attacks are now fileless. They don’t have payloads. As a result, old-school anti-virus tools are not effective in thwarting these attacks. Schools need greater context to control and limit the attack surface that goes beyond hardening and configuring a system.”

MORE ON EDTECH: Secure higher ed's growing number of remote devices.

They also need a way to detect, deceive and divert digital adversaries without being detected. Kellermann notes “there’s a 118 percent increase in destructive attacks after they’re detected.” Teams need a way to decrease attacker dwell time — and to reduce the risk of worst-case scenarios.

This is especially critical as attack vectors evolve. Kellermann points to the rise in “home invasion” attacks that focus on setting up shop in post-secondary networks, rather than carrying out a data smash-and-grab. He also highlights the growing use of “island-hopping” incidents, where cybercriminals take over the devices of unsecured third-party partners and use them to gain access to the network. Some estimate 40 percent of attacks now leverage some type of island-hopping strategy.

The New Standard: Seamless and Secure

Colleges need security tools that don’t compromise the end-user experience. “The workspace of the future is all about the assurance of the experience,” says Kellermann. “It’s about extending zero trust through the infrastructure without inhibiting the environment. Vigilant digital transformation can protect the user from the environment, and the environment from the user, while still prioritizing the user experience.”

VMware’s zero-trust solutions offer a seamless and secure middle ground. Kellermann compares the approach to an unobtrusive security officer in an upscale retail store. “There’s always that guy in a suit who’s looking for behavioral anomalies,” he says. “There’s no reaction if things are normal, but there is a reaction if someone does something wrong. The issue is handled immediately. But if nothing is wrong, this protection is basically invisible. In effect, the environment protects itself. It’s hardening itself against new threats.”

MORE ON EDTECH: Learn these defense-in-depth (DiD) strategies.

VMware also helps post-secondary schools improve their security posture at scale. With access to secure data on user behavior and device context, VMware empowers universities and colleges to perform intelligent risk assessments and then implement security controls where they’re most effective with advanced data loss prevention, app virtualization and next-generation encryption tools.

Vigilant digital transformation is fundamental to protect students and staff both on and off campus. No matter what the future holds, VMware can help higher education institutions streamline access, secure key assets and respond to evolving threats.

Brought to you by:

DaniloAndjus/Getty Images

Zero Trust–Ready?

Answer 3 questions on how your organization is implementing zero trust.