Breaches are inevitable and skyrocketing. More device and network visibility is needed now.
Today’s institutions of higher learning are collaborative by nature and open by necessity. A connected campus is key to student success and the higher-education mission. However, device sprawl, the massive growth in BYOD and IoT devices, and the convergence of traditional IT and operational technology (OT) networks place new challenges on security teams, operational staff and budgetary resources. Today’s campuses are reflective of smart cities with IoT and OT devices in school sports venues, retail centers and police departments to students’ personal laptops, smartphones and tablets. Campuses are giant repositories of personal, financial, and often, protected medical data.
The IT security staff of colleges and universities must be able to see devices as they connect to the campus network and ensure they are secure, regardless of their location, whether in the classroom, lab, data center or cloud. Students connect an average of seven devices to the network, ranging from laptops to gaming systems.1 Facility IoT devices such as security cameras, vending machines and security access systems also need to be tracked and accounted for. In addition, unknown or preauthorized visitors connecting pose questions about the amount of risk willing to be tolerated balanced against the needs of students, faculty, staff and the institution as a whole.
As new devices connect to campus networks, the attack surface continues to evolve and expand. Breaches in the education sector jumped 103 percent in the first half of 2017 compared with the last half of 2016.2 In addition, regulatory standards such as PCI DSS for retail devices, HIPAA for medical devices and data, and NIST 800-171 for environments supporting U.S. federal government security requirements continue to pose challenges for institutions. In fact, non-compliance or a significant data breach can result in the loss of federal research funding and student aid, as well as significantly damage the school’s reputation.
While breaches may seem inevitable3 they don’t have to be. The ForeScout platform can automate detection and control of devices connecting to your institution’s networks to enable an unprecedented view of the diversity of the devices connecting and the risk they pose to a campus environment. Using the ForeScout platform enables a more comprehensive understanding of risk and the subsequent ability to control or deny access based on the threat a device poses to your institution. Organizations using ForeScout report the impact of network-and device-related security breaches to a significant degree – 42% and 38% fewer annual network-related and device-related impactful security breaches annually.4
To learn more about ForeScout’s approach to tackling this challenge, click here for our Connected Campus Solution Brief.
1 Aletha Noonan. October 2, 2015. Mapping the Path to a Connected Campus. EdTech. https://edtechmagazine.com/higher/article/2015/10/mapping-path-connected-campus. Refuel Agency. 2015 College Explorer Report. http://research.refuelagency.com/reports/college-explorer-2015/
2 Joshua Bolkan. September 20, 2017. Education Data Breaches Double in First Half of 2017. Campus Technology. https://campustechnology.com/articles/2017/09/20/education-data-breaches-double-in-first-half-of-2017.aspx
3 Corinne Lestch. Feburary 2, 2018) Higher ed IT experts point to security breaches as ‘inevitable’ — EDUCAUSE report. EdScoop. https://edscoop.com/it-higher-ed-experts-point-to-security-breaches-as-inevitable-educause-report
4 Robert Ayoub and Matthew Marden (December 2016). IDC White Paper. The Business Value of Pervasive Device and Network Visibility and Control with ForeScout.