Tesorion Immunity
in the education industry

New techniques are interesting, also to cyber-criminals

The education industry in the Netherlands went through significant changes in the first half of 2020. In a very short period of time, a switch from mostly classroom education to mostly online education had to take place.

In the industry paper, you can read how you can protect yourself against cyber-criminality in the education industry.

How do I provide for a secure digital environment?

It is essential within an educational institution or training institute to keep the awareness of employees in the area of cyber-security up to date. Unfortunately, looking along when a password is entered because the PC screen is still being shared or sharing an account between several persons are still frequently occurring situations. These are situations that render the IT environment vulnerable.

In addition, schools also have to deal with an external threat, namely their own students. Fairly regularly, it happens that students try to manipulate, for instance, the test results or carry out a DDoS attack on the systems of the school. There is simultaneously question of an external threat: Cyber-criminals use, for instance, ransomware, phishing, and DDoS attacks to inflict damages on the education industry. An attack can cause disruptions in ICT facilities, identity fraud, and reputational damages. Threatening to disclose data is also a considerable risk.

New teaching methods lead to new challenges

In addition, new teaching methods and forms, like MOOCS (Massive Open Online Courses), adaptive learning, and developments like artificial intelligence (AI) provide for a more significant adoption of digitalisation within the education industry. Moreover, digitalisation ensures that new ways are created to better gear education and research to each other.

Students grow up with technology

Students grew up with technology. They consequently have a head-start in respect of teaching staff when it comes to online cooperation and/or the use of certain applications. They are more prone to use (new) applications if these contribute to maintaining, for instance, social contacts, sharing information more efficiently or learning specific skills. However, not every application is equally reliable and sometimes an app can also contain malicious software components.

Tested cyber-criminality methods, e.g. ransomware, phishing, and DDoS attacks, continue increasing.

This follows from the SURF Cyber-Threat Framework 2019/2020.

Let BYOD do the work for you

BYOD is an effective concept to make access to the network as easy and simple as possible for students and teaching staff. At the same time, it imposes a challenge for the IT organisation, because how do you make sure that all these devices easily gain access to an internet connection without adjustments being required on all of these devices?

Accessible, open, but foremost safe & secure

The aim was to provide easy access to the internet and network for everyone – even for users using their own devices, without any modifications being necessary. The top priority was for users to be able to get online quickly. Continue reading

Arjan Teuwsen, unit coördinator infra ROC Nijmegen, Jean Paul Houkes, ICT-medewerker ROC Nijmegen en Rutger Janssen, ICT-medewerker ROC Nijmegen

medewerkers ROC Nijmegen

With BYOD, you have to secure the IT network directly at the gate

This network security application recognises which user is joining the network and the device they are using and, according to the configuration, grants (or does not grant) access rights to particular network locations, applications, and sources. “The solution was the only one that offered a flexible and transparent solution for doing this. Continue reading

Gino van der Velden, Manager IT Operations bij TU Delft

Gino van der Velden TU Delft