Page 71 - Security Today, November/December 2021
P. 71
"Zero Trust requires users to continuously re-verify and re-authenticate their identity as they interact with network applications and resources."
The use of VPNs and multi-factor authentication were useful in these situations, but even more effective has been the implementation of Zero-Trust Architecture. Zero Trust requires users to continuously re-verify and re-authenticate their identity as they interact with net- work applications and resources. Zero Trust can feel burdensome for the researchers, but its use is gaining traction. Its inconvenience is a small price to pay compared to the cost of compromised data, and new technologies are coming to market that make Zero Trust seam- less for those who must use it.
Managing Covid Data
The next great IT challenge for schools and universities will be addressing the evolving requirements for managing health care data. In the past, students provided proof of vaccination and medical records at the beginning of the school year. After that, few updates were necessary.
COVID has made managing health card data much more compli- cated. At many colleges and universities, students and faculty must provide proof of vaccination. At others, there is also the option to decline vaccination but undergo frequent testing. For K-12, updated records are necessary as students become eligible for the vaccine and/ or their parents decide to proceed with vaccinating them.
Cases of COVID must be reported, contact tracing enforced and quarantine policies observed, which vary depending on the exposed
individuals' vaccination status. Parents must be notified of any expo- sure risk to their child, while administrators protect the identity of the infected.
That is a lot to keep track of, and schools must have highly secure, fully encrypted platforms for maintaining this sensitive information. As mentioned previously, 2FA is an invaluable step toward verifying the identity of anyone submitting records, as well as administrators seeking reporting data.
Physical Security
No conversation about school cybersecurity would be complete with- out mentioning its inextricable link to physical security. The same cybersafety precautions that apply for remote learning are relevant for physical security equipment.
Security professionals are generally mindful of installation best practices for video and access control systems, but sometimes secu- rity measures for intercom systems are overlooked. During the past year, minimally occupied campus buildings relied heavily on inter- coms for staff to communicate with and buzz in visitors, maintenance workers, and delivery staff. Unencrypted audio communication over the network is a potential vulnerability, just like video and data. After all the work IT departments have put into hardening remote learning, it would be a travesty to suffer a network cross-breach from a haphaz- ardly installed intercom.
Students’ 2020 transcripts will be forever marked with an asterisk, indicating the challenges brought about by nearly a year of complete- ly remote classrooms. The pandemic’s influence on students’ grades are not the only ones we should care. Let’s hope in 2021, IT depart- ments earn straight A’s for all the cybersecurity lessons learned.
Wayne Dorris, CISSP, is the business development manager, Cybersecu- rity, at Axis Communications.
π
A HANDS-OFF APPROACH
TOWEL DISPENSERS SENSOR TRASH CANS SOAP DISPENSERS
COMPLETE CATALOG 1-800-295-5510 uline.com
ORDER BY 6 PM FOR SAME DAY SHIPPING
Untitled-9 1
NOVEMBER/DECEMBER 2021 | campuslifesecurity.com 19 10/27/21 9:43 AM