A few weeks ago, we reported how the new wave of phishing that uses new variants of COVID-19 as bait had hit the education sector hard. Many students at universities and colleges across the United States were victims of phishing attacks via emails pretending to be from administrators at their institutions.
Thousands of users among students and teaching staff, who traditionally have fewer resources than other industries such as the financial or industrial sectors, are targets of cyberattacks. Up to now, the cybersecurity measures implemented by the educational community have not been up to the same level. However, this trend is changing. For 1 in 10 partners surveyed, the education sector already accounts for 30% of their profits, according to data from Canalys.* A growing number of schools, colleges and universities are increasing their investment in cybersecurity because they are aware that they are already one of the preferred targets for cybercriminals. Given this situation, what measures should MSPs take to strengthen cybersecurity at educational institutions?
Delivering comprehensive and simple network security, secure Wi-Fi and endpoint protection solutions. Right out of the gate, IT managers at educational centers need a comprehensive network security platform with advanced firewall appliances and automated web filtering and malware detection services encrypted via HTTPS. Given that most network access within their perimeter occurs via Wi-Fi, they also need to have fully secure connectivity to their access points. Finally, they also require advanced endpoint protection, detection and response technologies based on a zero-trust approach, so that they can classify all binaries before they are executed and block threats of any nature.
Implementing a secure and easily manageable multi-factor authentication (MFA) service to access all educational platforms and apps. There are many SaaS platforms that already require multi-factor authentication, plus the use of mobile educational platforms is growing. WatchGuard AuthPoint is eminently suitable as it does not require SMS messages for authentication like most MFA systems. It uses temporary tokens and, thanks to its mobile DNA functionality, registers the hardware of the user's phone, impeding SIM cloning attacks.
The WISE cybersecurity program for universities
These measures are part of the approach that our partner, Global Business Solutions (GBS), has decided to apply at a local university, Northern Kentucky University, where it has relied on WatchGuard to develop a specific program using its solutions for small and medium-sized enterprises, but in this case, in the field of educational institutions, an area WatchGuard already has experience in working in France.
This program is called WatchGuard Initiative for Security Education (WISE). Apart from implementing these WatchGuard technologies, it has served to help bridge the cybersecurity skills gap through extensive specific training for students who have also been actively involved with WISE. Thus, WatchGuard partners like GBS are proactively working and collaborating with students and teachers to make cybersecurity everyone's business.
*Source: Canalys Candefero quick poll, March 2022