Sep 15 2023
Hardware

How to Minimize Common Device-Related Risks in Higher Education

Securing your university’s device ecosystem means considering today’s needs as well as tomorrow’s.
Tanya Candia
by

Tanya Candia is an international management expert, specializing in information security strategy and communication for public and private sector organizations for more than 25 years.

Devices are crucial in higher education for faculty, staff and students. After the scramble to purchase devices for them to use during the COVID-19 pandemic, higher education institutions often failed to think about what was to come. According to an EdTech X (formerly Twitter) poll, 43 percent of respondents are most concerned about cybersecurity when managing their device ecosystems.

An updated device security strategy should cover both your current needs and the future state as the number of devices grows. This will enable you to serve stakeholders without disruptions to service. There are four elements to consider that will ensure your device security strategy is successful.

Make Sure To Identify All Devices In Your Ecosystem

Full visibility into the device ecosystem will show what devices you have, where they are, who owns them and what security controls are in place. Classify them based on how critical they are to normal operations and the sensitivity of the data they access. For help with device visibility, consider tools such as Microsoft System Center Configuration Manager or VMware Workspace ONE to create a thorough inventory and classify devices.

Click the banner below to optimize your university’s device program management.

Device Management Visual CTA Device Management Visual CTA

In addition to your devices, know your policies, procedures and device security technology: Are they adequate to minimize risk? Pay special attention to:

  • Zero trust. The zero-trust model assumes that no one and nothing inside or outside the network should be trusted. This calls for strict access controls, continuous monitoring and identity verification.
  • Identity management. Implement multifactor authentication (such as Cisco Duo or Okta), passwordless authentication (ForgeRock) and step-up authentication (IBM Security Access Manager) when needed for access to especially sensitive data. Authentication and authorization policies should call for user identity verification before granting access to resources.
  • Encryption of data at rest and in transit. Be sure to consider user phones, laptops and USB sticks — in short, any device where the loss of data could cause damage or distress.
  • Patch management. Policies should ensure that operating systems, applications and firmware are updated with the latest security patches. Look to solutions such as WatchGuard Patch Management and make sure licenses can scale to accommodate future growth.

Better Your University’s Infrastructure For Future State Innovation

How fast and to what extent do you expect the number of devices to increase over the next year? Five years? What changes will you need to make to your network and wireless infrastructure to support this level of devices?

An important step in securely growing your infrastructure is to assess which security risks are likely to be most important in the future, both to your devices and to the network itself. Prioritize risks based on the impact they would have on your infrastructure and the mission of the university. Look to vulnerability assessment tools such as those from Fortinet and Tenable to identify known vulnerabilities in the operating systems, software and device configurations. Take needed steps to mitigate those vulnerabilities, and make sure that the solutions can scale as your device inventory grows.

Don’t neglect to segment the network, dividing it based on the sensitivity of the data and the requirements of different departments. This limits the ability of attackers to move laterally across the network, reduces the attack surface and contains breaches.

Device Management TOC

Related Content:

Discover budgeting best practices for higher ed device management programs.

Learn how technology protection programs can save higher ed IT teams.

Explore how higher ed institutions can optimize their device management.

 

Standardize Configurations and Applications for Improved Support

As the number of devices used by faculty, staff and students continues to grow, the burden on IT grows apace. In pre-pandemic days, the support team may have been able to handle a small number of devices with different configurations and applications, but exponential growth can make it virtually impossible to provide adequate support. By selecting and carefully configuring devices that can meet the needs of faculty and students, it will be easier to support, troubleshoot and manage them.

Standardizing also allows you to make sure your security tools, policies and procedures are effective and implemented consistently across the environment. This helps ensure you have visibility into all devices and their security posture. It also makes it easier to grow your infrastructure without introducing new, unknown threats or vulnerabilities.

LEARN MORE: How to protect your network with mobile threat detection.

Be Proactive in Incident Response Planning and Security Training

Higher education institutions should take proactive measures, such as backup and recovery planning, incident response planning, security awareness training, and vendor and third-party risk management. Backup and recovery plans should be tested regularly to ensure that they can accommodate growing device inventory and data requirements.

Incident response plans — with detailed information on roles, responsibilities and communication — must be regularly tested as well, with unannounced drills and tabletop exercises to identify gaps. Security awareness training should be conducted frequently and address current threats and timely phishing attack topics.

When it comes to vendor and third-party risk management, a growing device inventory poses an ever-increasing threat to the university due to cyberattacks and leaks related to third parties. Combatting this risk calls for expansive data-scanning technologies found in solutions such as SecurityScorecard ASI.

EXPLORE: Important security considerations for embracing artificial intelligence.

Continually Fine-Tune Your Device Security Strategy

The most effective device security strategy calls for continuous improvement. This means constant monitoring of your technology, policies, training and monitoring/assessment for effectiveness. When weaknesses are uncovered, mitigation efforts should take place as quickly as possible. This approach enables the university to adapt security measures to the evolving threat landscape and stay updated with best practices in cybersecurity, even as the number of devices continues to grow.

ET/Ikon Images; Getty Images: Kei, Ivan Slobodianiuk

More On

Related Articles

Close

Become an Insider

Unlock white papers, personalized recommendations and other premium content for an in-depth look at evolving IT

Subscribe Now