Apr 22 2024

Sandbox Technology Should Be One Piece of a School’s Security Plan

A multilayered security approach can minimize the attack surface of an organization’s network, keeping sensitive data safe from cyberthreats.

Seventeen years ago, the biggest concerns for a K–12 IT department were adware, popups and viruses. Today’s security threats are much more complex. We have to worry about scams, phishing emails and malicious code embedded in emails or even images.

People see education as an area where you may not need heavy security, but the truth is quite the opposite. Schools house sensitive data, including students’ personal identifiable information. On top of that, IT departments are often small teams wearing multiple hats. We get involved with a little bit of everything: infrastructure, classroom technologies, security policies, budgeting and planning with other departments.

As times have changed, we’ve had to adapt. The complexity and frequency of attacks have increased exponentially, and it’s a matter of keeping up with the latest trends.

Click the banner to discover how zero-trust security can keep your schools safe.


One of the most popular attack vectors is email. We use Check Point’s Harmony Email & Collaboration security suite, as well as Barracuda’s Spam and Virus Firewall. In addition, we use sandboxing technologies and threat emulation on multiple levels within our infrastructure.

Employ Sandboxes with Security Tech for a Multilayered Approach

The Check Point and Barracuda technologies function as a multilayered approach to email communications. We employ Check Point Quantum firewalls that screen data moving in and out of the district. These firewalls perform application control, threat emulation and extraction as well as traditional firewall functions. The idea is to catch as much as we can before it reaches users.

It’s all about making it as difficult as possible for attackers to gain access to your network. The more gateways and hurdles you put in front of them, the more difficult it becomes for them to breach your school’s network.

RELATED: Los Angeles Unified School District reveals how it turned the tables on hackers.

Secure the Perimeter with Sandboxing and Monitoring Technologies

We still operate very much as a brick-and-mortar organization: Our kids come to school. We do have a virtual option, but it serves a minority of students. So, we rely heavily on the Check Point ThreatCloud AI and the sandboxing technology on our perimeter.

At any given time, we have close to 4,000 users accessing the internet. We use sandboxing to filter traffic at this scale, but we also make sure that the real-time block lists are up to date. We look at all aspects of how data gets onto our network. The firewalls really do the heavy lifting for us when it comes to the edge or the perimeter.

We also implemented Check Point’s managed detection and response system, which uses analytics and connections, to our other security services to take a deeper dive into the data that travels across our network. It discovered things that we didn’t know about. That’s another example of a layered approach that puts another set of eyes on our network to help us secure it.

Do a Security Assessment Before Deploying New Technologies

Having that other set of eyes on your network can be crucial to improving your school’s security posture. Before jumping into sandboxing technology, you need to get a sense of the current state of affairs through an audit of your network. Some people shy away from audits because they have a negative connotation, but audits are a good thing because they point out what you don’t know. After an audit, partners can work with you on securing vulnerabilities.

An audit keeps you up to date, and you feel good when you start eliminating the vulnerabilities revealed.

It also allows you to report back to your leadership on what you’ve done. You can show them what you found and how you fixed it, and you have peace of mind that you’re secure in those areas.

UP NEXT: What can schools do to increase their chances of winning cybersecurity funding?

kate3155/Getty Images

Become an Insider

Unlock white papers, personalized recommendations and other premium content for an in-depth look at evolving IT