Written by Ben Hammond | 02 January 2016 | Staying Safe Online
The internet is a hugely powerful tool, and one that we all tend to rely upon these days in many ways more than I’m sure any of us really appreciate. Consider all of the companies that provide you with one or more services, and how each of these companies will be reliant on internet based technologies such as storage, communication networks, to service delivery systems.
So the question is what are the dangers related to the internet?
- Protection of personal data, and prevention of your data being misused by third parties or criminals (Phishing).
- Cyber Bullying, use of internet communication systems to bully individuals.
- Unsavoury and unpleasant content being accesses inappropriately.
- Grooming and other dangers of communicating with unknown parties.
- SPAM, unsolicited email advertising.
- Malicious Code (Viruses), which can have many forms of impact, from slowing down your computer, to holding you ransom to being able to open your files and pictures.
- External attacks (Hacking) on internal systems.
In the Education sector there is an obvious focus on the points relating to the protection and wellbeing of the schools pupils, which tends to simply focus on elements such as Cyber Bullying and Filter Access to internet content. The main way to tackle these issues needs to be through a comprehensive program of education, combined with a granular internet Filtering Solution such as Lightspeed or iBoss, so that it is possible to implement tiers of control where access can be layered for staff and students with appropriate policies in place.
The main problem in school however (especially with the proliferation of mobile devices) is how control is implemented on non-school devices, as they are often able to access the internet via a 3rd party network (3G/4G). There are many Mobile device manager solutions on the market, such as MDM by Lightspeed, however I’m yet to see one that can sufficiently implement time based restrictions that mean the device can be sufficiently controlled ‘in school’.
The reality is however that Education is just as vulnerable as corporate and home users to other cyber risks, and to counter these risks all schools network infrastructure needs to be designed to be as secure as possible, using at a minimum each of the following solutions:
Firewall; a gateway device such as Cyberoam or Fortinet, that will provide protection against external attacks, and can also provide additional needed levels of security at the gateway, by implementing additional services such as: Gateway AntiVirus, Application Filtering, and Bandwidth Control. Not only ensuring the school or business is safe from external attack, but also minimises risks of infection or misuse by internal devices and users.
Anti-Virus; a managed AV solution is a must for any organisation, not only do virus cause much hassle and poor performance on both individual effected machines, but also in the network and internet connection. But many viruses are written with the intention to mine data which can or will be used to cause some kind of damage either to individuals or the organisation. There are many managed AV solutions out there from Microsoft’s own Systems Centre Endpoint Protection to specialist providers such as Sophos and ESET whose main focus is their AV protection.
Anti-SPAM; Not only does SPAM annoy you immensely because it can take hours to trawl through and find the relevant emails, but it can also be the cause of great alarm and is a common method of Phishing or hoax emails which are designed to cause harm through theft of information by tricking you into clicking on links and enticing you to enter your personal details and even passwords. A good anti-SPAM solution is highly recommended, such as MailProtector, which ensures all email are assessed and scored before they are delivered, and those that are suspected SPAM or contain viruses are quarantined before they are delivered to the email user. A good Anti SPAM solution will be able to send a daily digest report to summarise the emails quarantined to enable the user to identify false positives and release them themselves for immediate delivery.
Yes it is possible, practical and hugely prudent to minimise your risks by implementing each kind of solution, at each of the entry points you control, however the biggest risk to security will always be the user. An uneducated user, who simply assumes that they are protected (in school, at work, at home, on their mobile phone or tablet) by someone else or another organisation, is a risk. All users, students, employees, family members should be educated on the risks and risk prevention methods, there are many organisations that are setup to help schools and businesses to educate their users, such as www.childnet.com and www.internetmatters.org, education combined with implementation of tiered levels of protection (Filtering, Firewall, Anti-Virus, Anti-SPAM) is the only sensible solution.