Various industries face seasonal demands on their IT resources, with periods of intense activity followed by quieter times. For educational institutions, this peak often occurs in late August or early September.
Data and network security usually sit at the top of the priority list for IT professionals in this space. This may be because educational institutions have gotten a reputation as being one of the easier targets to hack.
Unfortunately, educational institutions have a great deal of data that requires protection—from personally identifiable information, student records and protected health information to financial information, research data and employee data. And, for those that suffer a data breach, the fines and other penalties can be severe under such key regulations governing data protection in educational institutions, such as FERPA, HIPAA, GDPR and GLBA.
More from UB: Here are 3 ways your procurement office is changing
Why are educational institutions so seemingly ripe for the picking? Most are known to suffer from underfunded cybersecurity departments—meaning they are usually understaffed and must rely on outdated technology like virtual private networks that are not equipped to fend off what today’s sophisticated cyber-criminals can throw at them. Here’s why:
- VPNs represent a single access point with unlimited lateral attack surface.
- VPNs require physical appliances that necessitate expensive, ongoing maintenance.
- The required physical boxes are a potential point of failure for the whole network to crash.
Also, while virtual learning is not as prevalent as during the pandemic, it proved that teaching and learning from almost anywhere is possible and effective. However, progressive educational institutions that continue to advance virtual learning have learned the hard way that VPNs are inadequate for handling the demands of remote access.
There is light at the end of this tunnel—innovative technologies are entering the market that are designed for today’s work environment and threats and also often offer greater affordability and ROI. Software-defined perimeter (SDP) solutions are a prime example. Here’s why:
- SDP introduces highly available zero trust network access (ZTNA) tunnels that enable connections at the application level.
- App-level connections take away the excessive network access afforded by VPNs and eliminate lateral attack surface
- Software-defined solutions remove the need for any physical boxes, minimizing maintenance expenses considerably and eliminating unnecessary points of failure across network environments
Of course, even if the long-term benefits are undeniable from a security and even cost-savings perspective in both the short- and long run, most still do require an initial investment and even modest investments can feel as if they are completely out of reach to notoriously budget-conscious educational institutions.
Grant opportunities and funding sources
There are several grant opportunities and funding resources available for educational institutions to enhance their cybersecurity, including:
- E-Rate: Universal service program for schools and libraries
- Elementary and Secondary School Emergency Relief (ESSER) Funds
- State and Local Cybersecurity Grant Program (SLCGP)
- Cybersecurity and Infrastructure Security Agency (CISA) resources
- State grants and funding programs
- DHS grants
- National Science Foundation grants
- Cybersecurity Education Training Assistance Program (CETAP)
- Private grrants and foundations, such as the Bill & Melinda Gates Foundation and the Michael and Susan Dell Foundation
Don’t worry. There are also many resources that are intended to help you increase your chances of securing funding—walking you through the process, from identifying needs to how to prepare a strong proposal. Check out Grants.gov for step-by-step guidance.
Also, please note, the Cybersecurity & Infrastructure Security Agency has created a free School Security Assessment Tool (SSAT) to see how your organization measures up with best practices, and even make recommendations on where and how to improve your overall approach.
So, what should you do once you have the budget and/or funding?
Modernize your security with software-defined perimeter
The ideal software-defined perimeter should focus on enhancing security, simplifying network management and improving the performance of applications across distributed environments, such as hybrid or multi-cloud deployments. Key features should include:
- Zero trust network access (ZTNA): Assumes that no user or device, whether inside or outside the network, should be trusted by default
- Application-level micro-tunneling: Lightweight, application-specific tunnels (micro-tunnels) that only allow access to specific applications or services
- Multi-cloud and hybrid support: Designed for flexibility, supporting secure connectivity across on-premises, hybrid, and multi-cloud environments
- Simplified management and deployment: Easy to deploy and manage, with a centralized console that provides visibility and control over all network connections and resources
- High availability and fault tolerance: Built-in features for HA and fault tolerance, ensuring that critical applications and services remain accessible even in the event of network failures or disruptions
- No VPN needed: SDP does not require persistent tunnels or open ports, which can be exploited by attackers – it uses outbound-only connections that are less vulnerable to attack
Now, what else can you do?
Leverage SQL server container technology for easy scale-up
Along with critically necessary security enhancements, emerging SQL Server container technology also needs to be on the radar of IT professionals operating in this industry. SQL server containers unlock unmatched scalability and resource utilization.
IT teams need to look for solutions that let them spin up customizable, highly available SQL server availability groups in Kubernetes (K8s) in seconds. In addition, the solution should provide the ability to create cross-platform hybrid AGs containing instances and containers.
In other words, with such a solution you can take your organization’s most critical SQL server workloads to a flexible, containerized environment without sacrificing any uptime. For the education sector, this means the agility to scale your SQL server environment in real time to meet seasonal demand in a way that continually ensures optimal resource utilization. This means capturing cost savings and man-hours to distribute among other pressing needs at your organization.