Cybercriminals do not discriminate in terms of victims or type of organisations. If there is data or money to be made from that data, it will be a target for cybercrime. While most high-profile breaches are at large financial or healthcare institutions, the education sector is no stranger to cyberattacks.
Since schools and universities hold valuable personal information on students, parents and staff, they’re in the criminals’ crosshairs. In fact, cyberattacks on schools and universities have become so commonplace that, since 2016, there have been over 353 security incidents of phishing, denial of service, hacks and even ransomware on US K-12 public schools and districts.
Today, many schools have a 1:1 student to device ratio, making it difficult for IT staff to properly manage and secure such a large quantity of endpoints. As schools embrace Digital Transformation and rely on computers and data systems instead of chalkboards and paper files, the risk of having that data compromised has increased considerably.
The challenge
Knowing the risks and seeing a decline in the effectiveness of its existing solution, Calcasieu Parish Public Schools, the fifth-largest school district in Louisiana, which includes 63 schools stretched across 1,094 square miles, began the search for a new solution to improve detection and remediation rates for approximately 36,000 workstations, tablets, physical servers and virtual servers.
The main challenge for Calcasieu Parish Public Schools was to keep 36,000 desktops, laptops and tablets, along with physical and virtual servers, up and running at peak performance while also remaining secure. The previous solution did not offer enough information about detected threats, including whether they were removed or not, which severely impacted system performance.
Speed was another issue. Because the legacy solution was more memory-intensive, programs took longer to start up and documents were slower to open.
“Users were frustrated with the lag time,” said Sheryl Abshire, Chief Technology Officer, Calcasieu Parish Public Schools.
Not having sufficient visibility and granularity into identified threats caused significant downtime and increased overhead in terms of investigative personnel, as well as frustration for end users as system performance was severely degraded.
Moreover, most security incidents were reported over the phone, by personnel that experienced problems and not via a centralised security console from where IT and security teams could have visibility across the entire infrastructure. The tipping point came when the CryptoLocker virus hit the district.
“We only found out because a user called to say their files were disappearing,” says Abshire. “We scrambled to shut down the system so only 10 of our users were affected. Otherwise, it could have been much worse.”
Adware was also a serious ongoing issue, as many computers would become unresponsive or experience significant performance drops because of unwanted applications constantly draining performance.
The solution
Following the ransomware incident, Calcasieu Parish Public Schools started evaluating endpoint security solutions from various vendors. A key factor in the decision-making process that led to the selection of Bitdefender’s solution was the consistent accuracy of results demonstrating the best overall detection and clean-up rate.
Additionally, the chosen security solution had the ability to secure virtual infrastructures, such as Calcasieu’s 200 Microsoft Hyper-V virtualised servers. As a result, the school district installed the security solution on approximately 36,000 desktops, laptops and tablets, as well as 20 physical servers and 200 Microsoft Hyper-V virtualised servers.
The entire deployment process took only a few weeks because of the solution’s intuitive and self-configuring security agents, which enabled IT and security teams to remotely deploy them within their infrastructure, with minimum downtime and performance penalties on the endpoint.
The results
After a week of operation, the new solution cleared more than 5,000 infections from 7,000 endpoints, before they had the opportunity to become full-blown security issues. This automated protection also significantly reduced the number of calls to IT.
Having a single, centralised Bitdefender security console from where IT and security managers can have full visibility and control over the security status of network devices, both physical and virtual. The school district had, for the first time, complete visibility into the organisation’s security posture and complete granularity over events and potential security issues.
This versatility and platform-agnostic security approach, coupled with a single security reporting console, enabled the school district to completely secure its entire infrastructure in a matter of weeks.
With the legacy system, the IT team often didn’t know there was a virus outbreak until somebody called to report that their machine was ‘acting funny,’ had slowed to a crawl or a file went missing. Now the team can be more proactive and get ahead of security incidents before problems spiral.
The adaptive, layered endpoint security solution continuously monitors the behaviour on installed applications to accurately identify, predict and even remove threats and cyberattacks. An added benefit for the school district was that adware and low-level threats that affected the security, privacy and performance of their systems were also immediately removed and prevented from being installed, ensuring the optimal performance of their systems.
Under the old solution, there was no notification of viruses or adware or security problems across the network. With no red flags raised, the IT team assumed everything was going smoothly, but that was a false reality.
With the sophisticated dashboard offered by the new solution, teams now have the granular data to see and prove that problems have been detected and purged or quarantined.
The school district has experienced a significant drop in IT phone calls related to potential security issues. It has gained unprecedented visibility and granularity into threats and the overall security status of their infrastructure, and it can now focus on making strategic security decisions instead of constantly putting out proverbial fires. Armed with a better understanding of what security threats it faces and how it could potentially impact the infrastructure’s security, the school district finally benefits from a security solution where reality matches expectations.
Advice
As the education sector becomes increasingly digitised and stores increased amounts of personal data, about both students and teachers, educational institutions require the same level of security as any other organisation. While it may be surprising, school districts are vulnerable to the same attack vectors and advanced and sophisticated threats as most businesses and organisations. Therefore, security solutions that offer visibility, coupled with high detection, prevention and remediation capabilities must be deployed.
Educational institutions need to prioritise their data security and secure physical and virtual endpoints by deploying a layered security solution capable of tackling even advanced threats coming from multiple attack vectors. Coupled with encryption, backups and a strong incident response plan, school districts need to operate like any organisation that has many endpoints that need to be secured.
With schools embracing virtualisation and the cloud, the right security solution for their infrastructure needs to be out-of-the-box compatible with any type of hypervisor, cloud configuration and workload without compromising security.
While visibility and security capabilities are mandatory when it comes to picking the right security solution, integration with the existing infrastructure as well the ability to tightly integrate with new virtualisation or cloud technologies is critical. The IT infrastructure of today’s schools is constantly evolving, and the chosen security solution must at least match – if not encourage and support – that transformation.
Abshire agrees that this increased visibility is vital to instilling confidence in the security of the school district’s massive infrastructure.
She added: “Before GravityZone Enterprise Security, it was like we were driving with obscured vision. Now that we see much more than we could before, we feel much better protected. It helps us sleep a lot better at night.”
Click below to share this article
