As cyber risks increase, schools should adopt a proactive strategy rather than waiting for something bad or unexpected to occur. Here are 3 security strategies schools can take to protect their ICN Internet service.
1. Install a Next Generation Firewall
We ask our education customers to consider the answers to four important questions when they search for a firewall.
- Do you have the visibility into your network that you want and need?
- Are you protecting your network and endpoints with advanced features?
- Are you decrypting traffic?
- Are you aware of what is in your network?
Our education customers can select from two types of firewall manufacturers: Palo Alto or Fortinet. Both platforms are great investments that will help protect our customers and add visibility, intelligence, automation, and flexibility. Customers receive a secure configuration and deployment, timely updates for quick patching, high availability with redundancy and uptime, and 24/7 local support.
2. Subscribe to DDoS Mitigation Service to Protect the Network
Some years DDoS attacks are smaller and more frequent, while in other years they are larger with less frequent attacks. But the potential sources of DDoS attacks continue to grow with the Internet of Things and connected home devices rapidly increasing. It is not uncommon for attacks to be in the terabits per second these days. In fact, the largest DDoS attack that ICN mitigated was 2.38 terabits in size.
With ICNβs DDoS Mitigation service we monitor our customersβ Internet traffic utilizing software as it comes and goes from the Network. When the software solution identifies bad traffic, it intervenes and diverts the traffic to the ICN scrubbing appliances to drop the bad packets and return clean traffic back to the customer. When the software identifies the attack has stopped for a certain period, it will release the routes from the scrubbing appliances back to the normal traffic patterns. This entire process occurs with little, if any, noticeable impact to the customer's service.
It is almost impossible to fully prevent a DDoS attack given the critical nature of Internet connectivity to conduct any school or business activities these days.
Below are 4 suggestions on ways to help schools better prepare if the unforeseen occurs.
- Limit your attack surface by restricting the ports, protocols and applications that are not utilized.
- Segment your network utilizing firewalls.
- Have sufficient Internet bandwidth to ensure your connections are not oversaturated in case of an attack.
- Utilize a DDoS mitigation service from an upstream network or cloud provider. This will pay big dividends in network, web server, and website availability.
3. Keep Training the Human, Take Steps to Reduce Human Error
Staying up-to-date on the latest security technology helps protect your schools, teachers, and families from unwanted attacks. There are many different training options available.
Read our list of free resources.
Palo Alto offers:
- Security Life-Cycle Report: A Security Lifecycle Review (SLR) provides a customized security assessment of the applications, Internet of Things (IoT) devices, vulnerabilities, threats, and risks in your environment.
- Best Practice Assessment: This quick and easy assessment provides a barometer of your security implementation. Customers can use this tool to understand how to better protect their network by looking deep into your security policy adoption. Efficiency will be enhanced with action recommendations.
- Palo Alto Networks Cybersecurity Academy: This is a free curriculum, ranging from introductory to advanced cybersecurity courses, used by more than 2,000 universities, community colleges, high schools and middle schools.
- Palo Alto Networks Cyber A.C.E.S.: This encompasses programs that provide youth, ages 5-15, with educational resources that help them protect their digital way of life.
Fortinet offers:
- K-12 School Districts: Fortinet announced a free education-focused version of its Security Awareness and Training service for all K-12 school districts and systems in the U.S.
- Security Professionals: To address this growing talent shortage by helping security professionals upskill to become more advanced experts in the field. Learn more about the cybersecurity certifications.
- Regular Employees and Teleworkers: Fortinet offers free awareness training for everyone. There are two no-cost non-technical courses (NSE1 & NSE2) targeted towards everyone who uses a computer or mobile device β from teleworkers to their families.
If you have ICN Internet service and are interested in adding a few layers of protection, talk with your ICN Account Consultant to implement one of our firewalls and/or DDoS Mitigation service.