The University: So Much at Risk
From a security perspective, colleges and universities are a microcosm of the world around them. They maintain sensitive information about their population (past, present and future). They maintain networks and establish (or fail to establish) policies about their use. They have hundreds, sometimes thousands of employees, including academics, researchers, service personnel, physical plant workers and even police, serving a large clientele base.
At the same time, security personnel in the education sector face a conundrum: They must allow, indeed, facilitate the free and open flow of ideas and information that is essential in an academic environment, while protecting sensitive personal and business records, and intellectual property.
What's at Stake
Universities are custodians of many thousands, in some cases, millions of sensitive records. The responsibility and the risk in the event of a successful breach is staggering when you stop to think about it:
Personal financial information. Students and their families provide information about their finances for purposes of determining tuition assistance and scholarships. They trust that this confidential data will remain private.
Payment records. This information specifies what students have paid and what they owe. Besides the privacy issue, this data, as well as the personal financial information held could be used for spear phishing attacks and other scams.
Credit card information. Students use credit cards for everything from paying tuition and fees to purchases in campus stores and cafeterias/restaurants. As a consequence, colleges and universities are subject to the strictures of PCI DSS, with all its highly prescriptive security controls.
Protected health information. Many large universities support major medical centers that are responsible for protecting patient protected health information (PHI) under HIPAA .
Personally identifiable information (PII). All of the college entities conducting various transactions with students, their families and the population at large collect personally identifiable information of every type - names, addresses, email, phone numbers, etc. These records carry a vast and heavy protection burden, as a moral responsibility and the risk of huge expenditures and reputation damage in the event of a major data breach.
Student records. Academic information is protected as private, to be released only with students' permission. Other private information may include counseling sessions and other sensitive matters.
Research data. Universities are home to some of the most critical and sensitive research, both theoretical and applied. Scientific and medical investigation, including development of pharmaceuticals, make university labs and research centers attractive targets for espionage by firms seeking a competitive edge. In the same vein, much of the most important defense-related research is conducted at universities under the aegis of defense contractors and/or the federal government.
Threat of Information Breaches
Information breaches are a continuous problem, and strike both very large and very small institutions. The 2011 Verizon Data Breach Report, which analyzes some 800 breach investigations by Verizon and the U.S. Secret Service, found that nine out of 10 breaches involved external agents (a 22% increase over the 2010 report), indicating a continued, even growing need for protection against outside attacks. Half of the attacks involved some type of malware (an 11% increase), again underscoring the need for improved network security.
Large and small institutions alike are victimized by both mass, automated attacks that exploit targets of opportunity, and intentional targeted attacks exploiting unpatched or previously unknown (zero-day) vulnerabilities.
The cost of information breaches is staggering. The Ponemon Institute reports that the average total cost of a single data breach is more than $7 million.
Colleges and universities are complex and diverse environments in every respect. The significant and varied data are often spread among the various entities that generate them, requiring security solutions that control legitimate access to information while detecting and blocking malicious traffic. Rule sets must be restrictive enough to protect sensitive information assets while open enough to permit full academic freedom. Information security must be flexible enough to be applied to every college IT environment, from student dorms with laptops, smart phones and Internet-connected video-gaming devices, to the most sensitive research facilities.
Corero Network Security Solutions
Corero Network Security provides superior solutions that protect educational institutions against intrusions aimed at stealing the vast and diverse sensitive information entrusted to institutions of higher learning.
Corero’s First Line of Defense® is an organization’s new perimeter. It stops the latest breed of cyber-attacks, including DDoS attacks, zero-day exploits, remote exploit insertions, server targeted threats and access attempts from malicious IP addresses and unwanted geo-locations, all of which easily bypass traditional network security defenses and compromise enterprise networks.
Intrusion Prevention System
Corero's Intrusion Prevention System (IPS) solutions provide continuous, comprehensive protection against external attack, leveraging unique technology that discerns between legitimate and malicious traffic, providing more accurate detection and fewer false positives than other IPS products. Corero uses stateful protocol inspection and inspection of payload data files to determine if suspect traffic is behaving correctly or represents a threat.
Corero IPS features bidirectional traffic inspection, enabling response behavior analysis, in order to stop application layer attacks and detect compromised computers communicating with their command-and-control servers.
Corero solutions provide a high level of visibility into network activity, and helps meet internal audit and regulatory compliance requirements through its Network Security Analyzer (NSA), a security information and event management tool. NSA provides robust and highly flexible logging, reporting and forensics capabilities.
Corero's IPS features a highly flexible and granular policy control, which allows university security personnel to craft rules that reflect the college environment's unique and diverse entities and the applications that generate network traffic in and out of the campus. So, Corero's IPS enables the free flow of information where it is needed while protecting data in sensitive network environments.
DDoS Defense System
The expanding and diverse web presence of colleges and universities makes them vulnerable to distributed denial of service (DDoS) attacks. The growing prevalence of hacktivism should be a concern for higher education, as attacks may be politically or philosophically motivated, or in response to some real or perceived affront to the attackers' beliefs. A successful DDoS attack can cripple university websites, cutting off essential information and online services to its constituencies and the general public.
Corero's DDoS Defense System (DDS) products, leveraging Corero's award-winning technology, deliver nondisruptive protection against attack against the networks and servers that support universities' web services. It provides maximum protection for critical IT assets, detecting and blocking malicious traffic while allowing full access to legitimate users and applications.
DDS delivers unmatched DDoS attack detection and mitigation against both the well-known network layer flooding attacks and the more insidious application layer attacks that are nearly impossible to detect without patented DDS technology. DDS delivers on-premises protection that traditional network security technologies, such as firewalls and other vendors' IPS cannot.
In concert with DDS, SecureWatch PLUS DDoS defense configuration/implementation, 24/7 monitoring and incident response services provide the most comprehensive DDoS defense available on the market.
Colleges and universities can deploy Corero's IPS and DDS solutions inline in full confidence that they will protect all the information in their trust while maintaining full levels of performance and service for their constituencies, from students and employees to suppliers and partners. Corero appliances offer the lowest latency and highest reliability of any security products available on the market today. Corero's Core Platform, built on Tilera multicore processor architecture and CoreOS, provides real-world protection at real-world performance levels.