In days gone by, educational IT departments followed the antivirus + firewall = network security formula. Unfortunately, those days are over. Because of the advent of cloud technology and the increased utilization of your network for mission-critical applications, the network security architecture discussion is no longer optional. The conversation must happen, period.
Here are 3 examples of technology projects that require a security discussion:
1. Network Switches
If you’re not discussing network security within your switch stacks, you’re leaving your organization open to significant vulnerabilities. Think about it: if you’re running reports on the types of traffic that are routed through your switches, you’re probably seeing an increase in encrypted traffic (we’ve heard some customers report that number as high as 85%). We’ve developed a culture in which encrypted traffic is automatically trusted, but the switches themselves are frequently unable to conduct analysis on encrypted traffic to determine whether or not that data is infected. Hackers are aware of this and are able to transmit infected files through encryption, so they’re given a free pass into your network, and your firewall won’t even notice. Note: Cisco switches are engineered with dedicated encryption analytics functionality, thereby solving this issue.
2. Energy Management
It’s rare for an energy management system to include a discussion about network security, and there’s a pretty logical reason for that: energy management isn’t typically viewed as a function of IT. That may have been true a few decades ago, but today this is very much a team effort among many departments, IT included. Think about it: an energy management system is installed and will likely run on the network through existing internal and cloud infrastructure. Because it may not be installed in the data center, IT may not even be aware that it exists. This is a major mistake. Who is going to manage the software updates and monitor the cloud connection for attempts to transmit infected files through that connection? What’s the sustainability plan to ensure the operating system is secure? These are some very important network security questions that Facilities likely won’t know to ask, but IT can’t ask if they’re not contributing to the project in a meaningful way. This is just one example of the 40% of Facilities projects completed in California in 2017 that introduced IoT solutions.
That’s right. The very equipment you’ve brought in to create a more secure environment could actually be contributing to vulnerabilities in your network. In fact, a recent university data breach was the result of an individual plugging into the administrative network through an IP-based security camera. We’ve already written an article discussing the ways security cameras can invite network breaches when implemented incorrectly, but if they’re not installed and managed around the security of your network as well as your physical location, you’re not actually achieving your goal of campus safety.
It’s Always a Network Security Conversation
These are just a few examples of the many areas of the network that are now vulnerable to security breaches, and the number is only growing because of the expanding list of network-based systems, ranging from paging systems and telephones to lighting and access control. There’s not a single IP or cloud technology used by your school district today that doesn’t have the capability of being used against the organization if you haven’t developed an active plan to prevent it from happening. Let’s be clear: we can create a secure network that includes full functionality. We just need to involve IT to make that goal a reality.
Keep learning about network security!
Watch this short video for the surprising answer to this question: