Ensuring secure, connected learning for Australian students
Remember the old days when rows of students would copy down notes from a textbook? My kids live in a different world – surrounded by numerous technologies, both provided by their schools, or brought with them from home. Laptops, tablets, smartphones and many other connected devices have revolutionised the way we educate the next generation of Australians, necessitating changes to our national curriculum as well as to the education environment itself. But while we have changed the means and the methods of contemporary education, changing the way we protect students and the information they use on a daily basis is a challenge that many schools are yet to overcome.
A 2017 study from research organisation Telsyte estimates that the average Australian household in 2017 had 13.7 Internet connected devices, and further predicted this number will rise to 30.7 by 2021. This trend is mimicked in Australian schools, with education institutions embracing interactive devices such as smart boards and virtual reality (VR), handheld gaming devices and wearable technologies like smartwatches. All of these devices are part of the Internet of Things (IoT) and allow the user, be they student or teacher, to control, monitor, enhance and personalise their in-school experience. They help to create environments that foster collaborative learning, enable remote study and multi-person presentations, but they also create opportunities to be compromised by any number of external threats. To protect against these risks, schools need to not only secure the devices currently on their networks, but must also secure new ones as and when they come online.
A major threat to IoT connected schools is of course malware. Because of the way students and staff use connected devices, schools are often the first to see new malware threats emerge. Many of the threats come in the form of often overlooked types of Malware such as Adware which slows down computers and takes up screen space. Potentially unwanted programs (PUPs) such as spyware, adware, and dialers, and are often downloaded in conjunction with a program that the user wants and make up roughly half of all detections. Trojans, Ransomware and other high risk forms of Malware make up about 2.5% of the total. As with both businesses and consumers, malware represents a real issue for schools who embrace IoT technologies, as it can infect the entire connected system through just one entry point.
It is also an ongoing threat, with cases of malware-based crime steadily increasing. The 2017 State of Malware Report by Malwarebytes revealed a sharp increase in cybercrime, and highlighted that malware detections in ANZ had doubled in the fourth quarter from 2016 to 2017. The study also identified a 15% increase in adware detections in Australia and New Zealand during the same period, making it the number one cause of malware detections for ANZ.
It is not surprising when you consider how simple it is to fall victim to such malicious cyber attacks. When using any one of his or her personal and/or communal devices connected to a school’s internal network, students and staff will browse the web and potentially pick up malware from infectious sites or targeted channels. Once infected, they will then use the same devices for emails or uploading coursework, which will further spread the ‘infections’ to other users on the same network.
As well as being infected by online sources while they are working on the school network, because these bring-you-own-devices (BYOD) are portable, they are also exposed to external corruption that can then threaten the secure network when they return to campus. This is an issue that Melbourne-based Peninsula Grammar experienced first-hand.
Situated on the Mornington Peninsula, Peninsula Grammar is a premier co-educational school with almost 1400 Kindergarten to Year 12 students. As well as supporting the BYOD devices for most of these 1400 students, the school was also responsible for staff laptops and desktop systems around campus for more than 200 staff.
Peninsula Grammar’s network was protected with traditional antivirus solutions. However, during the June 2017 school holidays, many of the student’s devices were aflicted with multiple malware infections. Once those students returned to school, not only were their devices restricted by the school’s firewall, thus preventing them from accessing the school network, but it also took considerable time and resources for their in-house IT team to rectify the issues. The dedicated team invested upwards of 30 minutes per student to decontaminate each infected device, supporting an estimated 20 students in the first week and a further 40 to 60 within the first month after the holidays.
With a flood of frustrated students and staff streaming into the tech support team, it was clear that the school’s existing antivirus was not up to the task of protecting its infrastructure or users. The majority of laptops were running outdated virus protection solutions and could no longer access online content effectively. Hijacked browsers, Potentially Unwanted Programs (PUPs), and other malware ground machines to a halt, resulting in classroom downtime and more IT man-hours spent on remediation.
To remedy the situation, Peninsula Grammar’s IT team looked for an alternate solution that would also future-proof the facility against any further threats of infection. The team deployed Malwarebytes, using the Management Console to help clean thousands of items from infected BYOD devices.
This is just one example of the importance of endpoint protection and its ability to help keep students and school environments safe from a plethora of cyber-attacks. Ultimately, the solution helped to reduce infections by over 90%. It also aided in reducing IT support time, freeing up resources and using this freed up time to can proactively educate the Peninsula Grammar students about safer ways to surf the Internet.
Properly deployed and managed endpoint protection is a key step for schools that want to be better prepared to combat cyber security threats. These solutions leverage multiple layers to protect staff and students whether they are working within a secure environment or joining that network via their personal devices.
Technologies such as Web Protection, which blocks known bad websites (or adverts from known bad sources); Application Behaviour monitoring; and anomaly detection, which look for suspicious activity on the computers themselves, are also vital tools in securing school environments.
Some takeaway tips for schools to consider when protecting themselves and their students from malware attacks include;
- Invest in an endpoint security solution that uses multiple layers to protect staff and students whether they are working within a secure environment or not. Protection of PC, Mac, IOS and Android devices is critical,
- Monitor and categorize all IoT devices on the campus. Flagging new or unknown devices can help restrict the many threats that may occur in an educational environment and consistent vigilance from a centralized system will help to identify and remedy risks as they occur anywhere on the network,
- Segregate your network so that staff devices, student devices and unmanaged IoT devices are on separate VLANs. That way if an infection does occur it’s won’t spread as far or as fast,
- Automate remediation to free up IT time and offer proactive education to students and staff who use IoT connected BYODs on campus.
- Always back up your important information.