Higher education institutions scores of precious records, from personal information to intellectual property, that malicious actors would love to get their hands on.
While universities are working to update their cybersecurity strategies, nearly 59 percent of universities are running outdated, vulnerable software, compared with 18 percent of healthcare institutions and 6 percent of banks, according to a recent survey by RiskRecon, a cybersecurity risk management firm.
To mitigate the chances of future university data breaches, here are three steps IT leaders can take to protect their networks.
1. Assess Network Security Early and Often
Testing for network vulnerabilities regularly is crucial in order for universities to keep their data safe.
The rate of software vulnerabilities in internet-facing software at universities is 10.6 times greater than at financial institutions, according to the RiskRecon survey.
These vulnerabilities are 13.5 times greater for high-value systems than in other industries, emphasizing the importance of constantly knowing the state of campus networks.
There are several resources available to universities seeking to run network assessments to find these vulnerabilities.
Outside parties such as CDW can offer universities free network security checks to find and compile lists of weaknesses that institutions may not be aware of.
2. Patch University Networks Automatically
Infrequent patching is a common cause of security breaches, making it a crucial action item for IT teams. Nearly 60 percent of breaches across industries were possible because of vulnerabilities that had not been patched, Dark Reading reports.
Patching can be burdensome, especially at colleges with smaller teams, which is why automatic patching software can be a valuable asset.
At Northwestern University, for example, CISO Tom Murphy rolled out a robust endpoint management system that can push out patches quickly.
“The question was how to deal with a flaw that could potentially impact every modern computer. We were dealing with very large numbers of endpoints,” Murphy told EdTech in a previous interview.
Universities can forgo the patching process altogether by switching to the cloud. When The Ohio State University replaced its in-house email infrastructure with Microsoft Office 365, it took pressure off of its IT team.
“We don’t have to worry about the back end,” Senior Director of Infrastructure Bob Corbin and Senior Solutions Architect Brant Thomas told EdTech in a previous interview. “We don’t have to patch them or see why one server crashed. That’s all taken care of.”
3. Adopt Network Practices That Prevent Lateral Movement
When networks are not segmented, hackers can gain access to data files through a weakness in an unrelated web application and move into a university’s data center from there.
Through network segmentation, hackers who are able to find and exploit similar weaknesses will be unable to find their way to the intellectual property and personal information they are looking for.
To construct a segmented network, IT teams should start by establishing a roadmap of their networks and mapping out application dependencies, while making sure not to oversegment their networks, according to Lynn Mackie, a principal security architect for CDW.
With these three steps, universities can create a network security plan that can withstand the onslaught of attempted security breaches.