campusreview. com. au on campus
Almost one in every three Australian education workers( 30 per cent) were unsure if the misuse of a mobile device had resulted in the loss of corporate or company data.
A lack of visibility over the users on your network and the data they are accessing is an accident waiting to happen. The results from the report should serve as a timely reminder to tertiary education providers that in order to secure and protect sensitive campus data, specific policies and procedures should be enforced for both students and staff.
staff, students NOT THE SAME Whilst a university strives to provide students with an open and flexible learning environment, policies and procedures still need to exist for staff, especially those who have access to more highly confidential information on the network. So the question remains, how can you effectively strike a balance between staff and student access? And how can you ensure the security measures extend to # GenMobile workers without hampering productivity?
In today’ s modern university campus, IT teams need to manage teachers and academics the same way they would manage employees at an enterprise level – with more stringent controls, including ensuring personal devices that access the academic network always use passwords and those passwords adhere to a strong policy.
Whilst this may seem like a basic security principle, findings from Running the Risk revealed that one in every five education employees do not password protect their personal or BYOD devices. Of those not using a password, close to half( 48 per cent) were not worried about the potential threat.
Another important factor universities and their IT teams need to consider is how to best support # GenMobile with services.
According to # GenMobile, wifi matters, with close to 60 per cent preferring fast, consistent wifi at the expense of other connections.
Universities need to be smart about how they respond to this request.
Universities need the security and connections available to facilitate a stable wifi network, regardless of the number of people connecting at the same time, without slowing down. Universities also need to provide # GenMobile guests, teachers, students and causal staff with secure connections to wireless once they enter the campus, without requiring IT support. This process needs to be automated and user initiated. IT should not have to write a how-to-connect manual for every possible device a student might bring to campus.
Move fast, reap benefits Australian universities need to take notice of # GenMobile, in particular the services they are demanding, to help them work and collaborate remotely and seamlessly. Those institutions that prioritise secure networks and provide services such as fast, smart, secure wifi, are set to reap the benefits. One university leading the way at ensuring its technology not only offers students and staff the best network, but also provides necessary visibility for the IT department and safety for all users, is the University of New England.
UNE’ s management team completed a comprehensive review of its IT infrastructure in early 2013 and made the decision to upgrade from an 802.11g wireless network, to the latest 802.11ac networking standard.
The 802.11ac enterprise mobility solution provided by Aruba is being implemented throughout UNE campuses and represents one of the largest deployments of its kind within the Asia-Pacific education sector.
This network allows # GenMobile students and workers to access wifi that’ s smart enough to allocate necessary bandwidth to teachers collaborating on rich media, prioritising wireless demand to those using the network for work purposes such as video demonstrations in lectures, over those using it for personal reasons like updating Facebook.
EmbracE AND managE Forward-thinking universities have recognised that a variety of non-technical factors are at play, such as demographics, industry and geography. These can play a huge role in a security threat, so this added context, including behaviour, should be factored in when determining how universities protect sensitive data.
Development of a solid strategy around user behaviour is crucial, and the following five-step checklist will help universities ensure they are fostering productivity and growth whilst protecting sensitive data.
1A basic security policy that details core protection controls and employee usage of technologies is absolutely essential for every university. Even for a small education institution, formalising an approach to information security is crucial. Such a policy should cover roles, devices, locations and other contextual attributes. 2Universities should implement enforcement rules that extend from applications to devices to the network. Such an approach should integrate services across mobile device management, firewalls, IPS and policy engines to deliver common policy enforcement for all sensitive information. 3IT departments must measure and monitor user behaviour to ensure that security policies are mapped to business objectives. This will ensure that policies secure corporate information and systems without affecting usability and productivity. 4Even the most well-thought out security frameworks will fail without the requisite employee training. All teachers, academics and casual staff using the network should be educated on why security actions are important and how they can assist in improving corporate security. 5Finally, ensure that IT has a mechanism for feedback and a service-level agreement in place for how to respond to employee input and requests. Often times, IT is able to improve the effectiveness of automated workflows and security policies simply by listening to employee feedback.
The future starts now In a contemporary, connected world, universities need to nurture creativity amongst both staff and students whilst at the same time minimising the risk of lost information or compromised sensitive data.
Universities that can adapt to the behaviour of the # GenMobile workforce will ultimately reap the benefits, not only from a data protection perspective but also in terms of productivity.
Embracing # GenMobile’ s desire for freedom, flexibility and collaboration can bring major benefits; however, managing the risks associated with the new way of working should form part of a solid security plan. n
Mark Verbloot is systems engineering director, Aruba Networks, Australia and New Zealand.
33