Network Resilience in Schools: How Out-of-Band Management Can Safeguard Educational Processes
With research showing cyber threats aren’t improving, campuses must implement solutions to get their networks back up and running quickly.
Note: The views expressed by guest bloggers and contributors are those of the authors and do not necessarily represent the views of, and should not be attributed to, Campus Safety.
From K-12 institutions to prestigious universities, networks are the lifeline of campuses. This critical infrastructure connects students throughout geographically dispersed areas to the resources and devices they need to learn or, in the case of faculty, teach.
Nevertheless, it can be difficult for campuses to maintain continuous access to the network, partly because of ever-increasing cyberattacks. Unsurprisingly, due to the large amount of personal student and faculty data, student loan information, and research data, education is one of the most targeted sectors by cybercriminals. Another reason hackers exploit campuses so frequently is that they are relatively easy prey.
Whether it is outdated software/firmware or simply the lack of layered defenses needed to secure their networks, campuses are regularly hit with cyberattacks that disrupt network access, disabling critical functions for long periods. With research showing that these cyber threats aren’t improving, campuses must implement solutions to get their networks back up and running quickly.
The Grim Reality of Campus Cybersecurity Today
The onslaught of cyberattacks targeted at colleges, universities, and K-12 schools is, put bluntly, quite grim. A global survey of 3,000 IT/cybersecurity leaders titled “The State of Ransomware in Education 2023,” conducted by cybersecurity company Sophos, discovered that 80% of surveyed school IT professionals reported that their schools experienced a ransomware attack in 2023 — a significant jump from the 56% described in the 2022 survey. Check Point Software had similar findings, with educational institutions having the highest number of cyberattacks in the first quarter of 2023. Specifically, there was an average of 2,507 attempts per college or university per week for a 15% increase from the first quarter of 2022.
The Cybersecurity and Infrastructure Security Agency (CISA) also saw an uptick in ransomware attacks against K-12 educational institutions, causing basic functions to become inaccessible – namely, remote learning. In these ransomware attacks, bad actors stole confidential student data and threatened to leak it if the institutions did not pay a hefty ransom. Ransomware is particularly costly for higher education. In fact, “The State of Ransomware in Education 2022” survey found that the average cost to remediate a ransomware attack was $1.42 million.
Educational institutions must also account for the consequences of network outages caused by cyberattacks, like ransomware. Campuses can be sprawling, with equipment located in different buildings. Should a network outage occur, it can take a long time for staff to remediate the issue. Educational processes become impossible without the network and the necessary resources housed therein. Productivity plummets as staff struggle to use financial/operations systems and learning management applications. In some cases, students can’t attend class or view online lectures.
In addition to the high recovery fees, outages can tarnish an educational institution’s reputation. Reputation is everything, especially for higher learning; a sullied brand can impact everything from enrollment to funding.
Enhancing the Resilience of the Campus Network
While educational intuitions must deploy robust cybersecurity measures to minimize cyberattacks, it is equally necessary to implement solutions that can quickly get their campus networks up and running when outages occur. In particular, campuses need resilient networks that can endure cyberattacks while preventing operations from being impacted too drastically.
Traditionally, campuses managed their networks through In-Band management. The In-Band method manages the network through the network itself. Naturally, there are several problems with this approach – chiefly, should a cyberattack cause a network outage, there is no way for engineers to reach the affected devices and remediate the issue.
Instead, educational intuitions should use Out-of-Band management to achieve network reliance, which allows them to operate independently from the In-Band network. This approach provides technical staff with an alternate way to connect remote devices without directly accessing the IP production address in the data plane. Likewise, an Out-of-Band network is independent of a campus’ primary ISP – meaning network engineers can manage, monitor, and access devices at distributed sites without inhibiting normal operations. Because an Out-of-Band network is separate from the production network, staff can remotely identify and remediate issues with edge infrastructure even if the network is down.
Best-in-class Out-of-Band management solutions provide engineers with always-on access, which empowers them to remediate issues proactively and significantly improve day-to-day operations. Some Out-of-Band offerings can detect and remediate problems automatically and send automated alerts via email and SMS to appropriate personnel. Other leading Out-of-Band management solutions can help engineers find network and environmental inconsistencies, preventing faults from becoming failures.
Proactively (and automatically) recognizing and remediating network problems through Out-of-Band solutions enables campuses to reduce operating costs and minimize downtime, ensuring educational processes continue without interruption. Furthermore, by resolving network issues remotely through Out-of-Band management and distributed remote console servers, schools don’t have to dispatch engineers to data center sites to perform configuration changes or troubleshoot manually.
Additional Considerations for an Ideal Campus Network
Educational institutions’ networking and IT teams constantly face challenges, from new cybersecurity threats to securing edge devices. Simultaneously, engineers must maximize network uptime while minimizing network downtime. Of course, upholding such network conditions is no small task. Recall that campuses can cover large areas, with networking equipment located in dispersed buildings that can be anywhere from a few yards to miles apart. These facilities, which, in many respects, are no different than small enterprises, require IT teams and network engineers to maintain large, local wireless and fixed WAN networks across multiple locations and even broad geographies.
Due to the unique nature of campuses, there are five essential architectural components, in addition to Out-of-Band management, that educational intuitions can leverage to create an ideal campus network. These elements, which will help the campus of tomorrow support new modes of IT and operational models, come from Cisco’s Campus Networking Requirements Pathfinder Report.
First, it is important to understand that the primary network access modes are wireless and mobility. Ensuring consistency with wired and wireless mobility is crucial, and campuses must treat traffic from both as the same by enforcing specific policies concerning operations, administration, security, etc. IP convergence of non-IP networks is also crucial, as non-IP infrastructures benefit from a single IP-based fabric. Therefore, IT teams must converge disparate campus infrastructures, permitting individual networks for each service to funnel into one.
Third, campuses will need chassis and per-slot bandwidth in the hundreds of gigabits to support resilience, high availability, and other IT demands. Likewise, campuses need a flexible network architecture because of emerging connectivity from new endpoints. Namely, this flexible network architecture must support connectivity requirements without introducing new technologies to address these endpoints. Lastly, campuses need automation to manage the ever-growing number of connected devices. Thankfully, leading Out-of-Band management has built-in automation to streamline provisioning and everyday network management.
Out-of-Band Can Help Campuses Prepare for Tomorrow
Cyberattacks, though prevalent, are not the only thing that can jeopardize the integrity of a campus network. The adoption of new technologies among colleges, universities, and K-12 schools over the past few decades continues to accelerate – especially during the pandemic. From cloud computing and 5G to IoT devices and distant learning, classrooms have transformed into digitally sophisticated environments that depend on always-on connectivity.
Nevertheless, the more complex these networks become, the greater the likelihood of disruptions. At the same time, by incorporating technology like IoT into the classroom, campuses widen the attack surface, creating more security vulnerabilities, which result in more network outages. To that end, campuses must use Out-of-Band management to prepare for this technological future while safeguarding networks from cybercriminals and recovering quickly from outages.
Tracy Collins is Opengear’s VP of Sales, Americas.
If you appreciated this article and want to receive more valuable industry content like this, click here to sign up for our FREE digital newsletters!
Leading in Turbulent Times: Effective Campus Public Safety Leadership for the 21st Century
This new webcast will discuss how campus public safety leaders can effectively incorporate Clery Act, Title IX, customer service, “helicopter” parents, emergency notification, town-gown relationships, brand management, Greek Life, student recruitment, faculty, and more into their roles and develop the necessary skills to successfully lead their departments. Register today to attend this free webcast!