search.noResults

search.searching

note.createNoteMessage

search.noResults

search.searching

orderForm.title

orderForm.productCode
orderForm.description
orderForm.quantity
orderForm.itemPrice
orderForm.price
orderForm.totalPrice
orderForm.deliveryDetails.billingAddress
orderForm.deliveryDetails.deliveryAddress
orderForm.noItems
VIEWS & OPINION The import


VIEWS & OPINION ‘privileged account Comment by ty


management’ in higher education


The importance of ‘privileged account management’ in higher education


rtance of


Comment by ANDREW CLARKE, EMEA director, One Identity


ANDREWCLARKE, EMEA director, One Identity


“Who got breached today?” It seems that rarely does a news cycle go by without a revelation of some company, government entity, or web service experiencing a major breach with implications for vast numbers of people. It was only recently that East Anglia University fessed up to two separate data breaches and issued an apology. It’s sadly a case that will become more common as nefarious actors do not


discriminate when it comes to their targets. The more data, the better – and universities hold a lot of data.


“Who got breached today?” It seems that rarely does a news cycle go by without a revelation of some company, government entity, or web service experiencing a major breach with implications for vast numbers of people. It was only recently that East Anglia University fessed up to two separate data breaches and issued an apology. It’s sadly a case that will become more common as nefarious actors do not discriminate when it comes to their targets. The more data, the better – and universities hold a lot of data.


The most severe breaches inevitably stem from powerful credentials (typically those logins used for administration) falling into the wrong hands. Though no one in their right mind would hand over the keys to their kingdom to a bad actor, these bad actors are sneaky. They’ll get their hands on a relatively harmless user credential through social engineering, phishing, or brute force and use escalation techniques and lateral movements to gain super-user access – and then all bets are off.


The most severe breaches inevitably stem from powerful credentials (typically those logins used for administration) falling into the wrong hands. Though no one in their right mind would hand over the keys to their kingdom to a bad actor, these bad actors are sneaky. They’ll get their hands on a relatively harmless user credential through social engineering, phishing, or brute force and use escalation techniques and lateral movements to gain super-user access – and then all bets are off.


One of the foundational pillars of identity and access management (IAM) is the practice of privileged access management (PAM).Whereas IAMis concerned with ensuring that the right people, have the right access, to the right systems, in the right ways, at the right times, PAM is simply applying those principles and practices to super-user accounts and administrative credentials. Examples of these credentials are the myriad of service accounts that are necessary for IT to operate. In higher education institutions, with large numbers of


administrators who need access to privileged data, PAMshould be viewed as perhaps the top practice that can alleviate the risk of a breach and minimise the impact if one were to occur. Unfortunately, we now have clear indicators that most organizations have not kept their PAMprogrammes on par with ever-evolving threats. One Identity recently conducted research that revealed some alarming statistics when it comes to this most important protective practice, including the fact that 88 percent admit to facing challenges when it comes to managing privileged passwords. And 40 percent leave the default admin password intact on systems, servers, and infrastructure, functionally eliminating the need for a bad actor to even try hard to get the access they covet.


One of the foundational pillars of identity and access management (IAM) is the practice of privileged access management (PAM). Whereas IAM is concerned with ensuring that the right people, have the right access, to the right systems, in the right ways, at the right times, PAM is simply applying those principles and practices to super-user accounts and administrative credentials. Examples of these credentials are the myriad of service accounts that are necessary for IT to operate. In higher education institutions, with large numbers of administrators who need access to privileged data, PAM should be viewed as perhaps the top practice that can alleviate the risk of a breach and minimise the impact if one were to occur. Unfortunately, we now have clear indicators that most organizations have not kept their PAM programmes on par with ever-evolving threats. One Identity recently conducted research that revealed some alarming statistics when it comes to this most important protective practice, including the fact that 88 percent admit to facing challenges when it comes to managing privileged passwords. And 40 percent leave the default admin password intact on systems, servers, and infrastructure, functionally eliminating the need for a bad actor to even try hard to get the access they covet.


A further 86 percent do not even change the admin password after it is used, which opens the door to bad actors and lateral movement once in the systems. The study of more than 900 IT security professionals also found that too many organizations are using primitive tools and practices to secure and manage privileged accounts and administrator access, and nearly a fifth (18%) use paper-based logs to manage privileged credentials.


A further 86 percent do not even change the admin password after it is used, which opens the door to bad actors and lateral movement once in the systems. The study of more than 900 IT security professionals also found that too many organizations are using primitive tools and practices to secure and manage privileged accounts and administrator access, and nearly a fifth (18%) use paper-based logs to manage privileged credentials.


The bottom line is simple, common-sense activities such as changing the admin password after each use and not leaving the default in place will solve many of the problems. But an upgrade to practices and technologies to eliminate the possibility of human error or lags due to cumbersome password administration practices will also add an additional layer of assurance and individual accountability. And finally, expanding a PAM program to include all vulnerabilities – not just the ones that are easiest to secure – will yield exponential gains in security.


The bottom line is simple, common-sense activities such as changing the admin password after each use and not leaving the default in place will solve many of the problems. But an upgrade to practices and technologies to eliminate the possibility of human error or lags due to cumbersome password administration practices will also add an additional layer of assurance and individual accountability. And finally, expanding a PAMprogram to include all vulnerabilities – not just the ones that are easiest to secure – will yield exponential gains in security.


22 www.education-today.co.uk.co.uk www Cybersecurity ty education


– It’s’s time to domore homework


Comment by VINCENT LAV


Systems Engineering Director, F5 Networks


AVERGNE, tw


With the new academic year in full swing, now is the perfect time to get cybersecurity locked into lesson plans.


The education sector is an increasingly popular target for hackers due to the sheer volume of rich personal and research-based data open to attack. Technology has a dramatic impact on the way we live and learn, putting relentless pressure on institutions to remain agile, accessible and secure. This becomes particularly important against a shifting backdrop of student hyper- connectivity, multi-purposing BYOD, and large-scale collaborative data sharing.


British university cybersecurity breaches have doubled in the past two years hitting 1,152 in 2016-17, according to new figures obtained by The Times. DDoS attacks are also rampant, taking out systems as well as online courses and exams.


Switched on institutions already know there is plenty of homework due to regain full classroom and network control.


Ensure priEnsure privacy by design vacy by design


Educators need to rethink their cybersecurity strategies to embrace the notion of ‘privacy by design’, ensuring that operating systems, browser software and apps are up to date and designed to safeguard against the latest threats. IT teams must evaluate where data is stored and ensure networks are built with security at the heart and that every connected device has the highest level of protection. Automatic device and system updates are crucial, as are constant virus scans. Setting a minimum-security requirement, as well as educating students and staff on safe password etiquette, should also be mandatory.


Always back-up and encrypt Always back-up and encrypt


More than ever, it is important to regularly initiate data back-ups using both physical and cloud-based storage. Advanced perimeter protection is all well and good, but there is often a failure to adequately secure vital data that sits within applications. Encryption is vital if a device is lost, stolen, or if a hacker breaks into a system to hold data for ransom.


Teach students howto be safe Teach students how to be safe


Children may be more connected than previous generations, but they don’t necessarily have the knowledge to stay safe. Educators have a big responsibility here. Robust awareness-raising programmes should be in place to drive best practice from the outset, including exploring the meaning and nuances of online privacy and security, discussing which types of information should remain private, and what to do if misuse is suspected.


Teachers also need continual training if they are to effectively practice what they preach. Key focus areas should include safe password usage, particularly avoiding login duplication across multiple sites like school systems and social media sites. Clear and continually updated policies should be in place to comprehensively detail post-breach response duties.


Continue to educate staff on best practice Continue to educate staff on best practice


Technology is already bringing unprecedented benefits to educators and students alike. It is our collective responsibility to ensure the march of progress stays firmly on track. Substantive, sustainable cybersecurity achievement is an ongoing process. It requires constant focus and is a subject nobody can afford to fail.


December 2017 2017


Page 1  |  Page 2  |  Page 3  |  Page 4  |  Page 5  |  Page 6  |  Page 7  |  Page 8  |  Page 9  |  Page 10  |  Page 11  |  Page 12  |  Page 13  |  Page 14  |  Page 15  |  Page 16  |  Page 17  |  Page 18  |  Page 19  |  Page 20  |  Page 21  |  Page 22  |  Page 23  |  Page 24  |  Page 25  |  Page 26  |  Page 27  |  Page 28  |  Page 29  |  Page 30  |  Page 31  |  Page 32  |  Page 33  |  Page 34  |  Page 35  |  Page 36  |  Page 37  |  Page 38  |  Page 39  |  Page 40  |  Page 41  |  Page 42  |  Page 43  |  Page 44  |  Page 45  |  Page 46  |  Page 47  |  Page 48