Cisco Blogs


Cisco Blog > Education

#HigherEdThursdays – Cybersecurity for Higher Education: Is your network protected?

Cybersecurity is a hot topic and a major concern for all organizations.  No one is immune, and indeed, higher education institutions can fall victim to large breaches as well.  In fact, according to PrivacyRights.org, below are a few examples from the last 6 months:

Date Name

Records Lost

22-Apr-14 Iowa State University

29,780

27-Mar-14 The University of Wisconsin-Parkside

15,000

20-Mar-14 Auburn University

Unknown

6-Mar-14 North Dakota State University

290,000

26-Feb-14 Indiana University

146,000

19-Feb-14 University of Maryland

309,079

27-Nov-13 Maricopa County Community College District

2,490,000

Theft, intellectual property loss, and loss of individual’s personal data affect all organizations in varying degrees.  While higher education institutions face many of the same challenges as government and commercial organizations, they also have worries that are unique to their environments. Some of the higher education specific cybersecurity topics include:

  • Data Privacy & Security – Colleges posses the Personal Identifying Information (PII) of their students AND students parents, faculty and alumni – the numbers add up quickly.  In addition to the usual PII, this can also include: medical, financial, academic and other data.
  • Device Mobility – The average student currently has 3 devices and this is expected to grow to 5 devices in the next few years.
  • Application Protection & Control – Education specific applications have become a target for bad actors and file sharing sites cause concern of digital rights violations in Higher Education.
  • Digital Learning & Assessment – On-line classes and testing provide one-to-one learning opportunities, more choice, and cost reduction in Higher Education.  It must be secure
  • Protecting Intellectual Capital – Research universities have become a prime target for intellectual property theft.   They risk loosing valuable data and the possibility of losing grant funding.

Threats have become more sophisticated and protecting the enterprise with these topics in mind needs to be more sophisticated also.  It is no longer enough to harden access to the network and think you are OK.  Because the bad guys trying to steal your data are using so many different types of attack, effective defense requires a multi-level approach.

Cisco recently acquired SourceFire, and we have adopted their frequent question to customers: “If you knew you were going to be breached, what would you do differently?”  The 2014 Cisco Annual Security Report studied the web traffic of corporate networks and every one had connections to domains that are known malware threat sites or threat vectors – an indication that bad things are on every one of these networks and likely on most networks.  Think about the question again – what would YOU do differently?  That is what we all should be doing.

We recommend looking at the Attack Continuum of  “Before, During, and After” with the following actions for each phase:

  • Before an attack you want to harden your network, to enforce security policies with controlled, segmented access to resources.
  • During an attack you want to defend your network by detecting the threats and blocking them from getting in.
  • After an attack you want to contain the threat, determine the scope of the problem, remediate the damage, and get back to educating students.

The conventional perimeter protections such as firewalls, intrusion prevention, and anti-virus are still part of a good defense in depth framework, but more is now needed.  We offer many parts of the solution, of course, and have experts who work with universities to address their specific security needs. But no matter who you work with, please look carefully at what you can do differently to protect your students and your institution from these new, advanced threats.

Our upcoming whitepaper will focus on some of these trends, challenges and strategies for higher education. You can register to receive the whitepaper as well as a compilation of all the #HigherEdThursdays blog series upon completion.  Reserve your copy now.

Happy #HigherEdThursdays!

Tags: , , , , ,

#HigherEdThursdays: The Unique Nature of the American Research University

To understand the unique nature of the American Research University, public or private, it is important to have some historical context of the Academic Research Enterprise.hedt-reserch-use

As America pursued economic growth and other national goals, its research universities emerged as a major national asset — perhaps even its most potent one. This did not happen by accident; it is the result of forward-looking and deliberate federal and state policies. These began with the Morrill Act of 1862, which established a partnership between the federal government and the states to build universities that would address the challenges of creating a modern agricultural and industrial economy for the 20th century. Read More »

Tags: , , ,

#HigherEdThursdays – Meeting the Community College Boom

For the past five years we’ve witnessed a surge in demand for community colleges across the U.S. The reasons for this demand are varied. There are professionals who have been let go from work, there are adult learners who desire new skills and there are traditional students continuing their education in greater numbers.

Much of the growth in enrollment can be contributed to students going online to get degrees. According to Instructional Technology Council, online enrollment is up by over five percent between 2012 and 2013, , and with that growth come several challenges.

Both traditional and online learners demand that education be cost-effective. These students include digital natives who have learned with technology since their infancy, and they want customized education. Standardized instruction across classes is becoming a framework of the past. Read More »

Tags: , , , ,

#HigherEdThursdays: Virtualizing Dual Enrollment

May 8, 2014 at 12:25 pm PST

This time of year is always exciting -- with students going off to college, coming home from college, graduating, switching majors and sometimes changing schools. It’s especially exciting when we hear stories like that of the 16 year old Florida student who received her college degree days ahead of her high school diploma.

Reading that success story this week reminded me of the importance of colleges and universities offering dual enrollment to high school students -- and how technology can make it more accessible to more students.

One example that comes to mind is that of Coastal Bend College here in Texas. They are preparing their 3,700 students, from across four campuses, for jobs in the real world. They achieve this by providing hundreds of academic classes, as well as vocational and technical training. The College also partners with local high schools in order to provide dual-enrollment courses for students who are often rural and wouldn’t otherwise be able to participate. Read More »

Tags: , , , ,

#HigherEdThursdays: Changing How IT is Consumed on (and off) Campus

Universities are driving the need for IT consumption-based pricing models more than any other market segment.  This is natural given the unique characteristics of their IT environments.  First off they are at the forefront of the IT consumerization movement driven by new generations of students and work habits. With one fourth of the undergraduate population and half in most graduate programs changing every year, one can easily understand why this is the case. While BYOD has emerged in the enterprises over the past few years it has been a commonplace in higher education since campus networks were built in the 80s.  When public cloud-based applications emerged college students were the first to embrace them and driving some to a prominent position in the industry.  Facebook comes to mind.

It is not just students that make the universities very different than other markets.  On many campuses you find different layers of IT functions and associated decision making.  You have the central IT like all enterprises do.  But then you have some lines of business having their own IT function either at the college or department levels.  Most major research centers have their own IT groups especially if they house a supercomputing facility.  Some grant-funded projects make their own separate decisions on IT services unique for such projects or for very short terms needs.

So what are the pricing models the higher education market is asking for? The answer is of course consumption-based pricing models but the devil is in the details.  A simple subscription style “all-you-can eat” model may not be sufficient in most cases  (and it is not really consumption-based after all, is it?).  We see these in traditional enterprise applications that are converted to a SaaS offer. A utility style “pay-as-you-go” model while provides most flexibility might not have the cost predictability the universities require (remember long distance phone service?). Read More »

Tags: , , , , ,