Security Resilience From the Classroom to the Cloud
You have likely heard us talking more about security resilience in recent weeks. Resilience has always been a key part of cybersecurity, but the last few years have really highlighted its importance.
At Cisco, we define security resilience as: The ability to protect the integrity of every aspect of your business to withstand unpredictable threats or changes, and then emerge stronger. Depending on the business, this will look a bit different for every organization.
For the Shawnee Heights School District in Kansas, it means empowering roughly 3,700 K-12 students with modern education technology including laptops and iPads, while still maintaining the security and integrity of the district’s data and infrastructure. Shawnee Heights has about 5,500 devices on its network every day, three-quarters of which go home with staff and students each night.
We recently spoke with Shawnee Heights IT Director and Cisco Gateway Cybersecurity Ambassador, Blair Anderson, to hear about how the district keeps these educational devices secure as they travel back and forth to unprotected networks.
Q: How are you able to let so many devices leave your network each day and still feel safe?
Blair: With Cisco, we have the security in place to keep our devices secured no matter where they go. I know that when they leave, we still have visibility into what’s happening and the threats they could be bringing into our district. We can remediate the threats before they even hit our network the next day.
Q: How have recent changes in technology impacted your security?
Blair: Digitalization has had a huge impact on Shawnee Heights. We have moved away from textbooks and deployed devices to all our students. That’s a big change. We’ve also seen a substantial increase in the amount of documents and data going up into the cloud. That creates a need for us to make sure all this information is secure, and that our users don’t get compromised.
Q: What exactly were you looking for in a security solution?
Blair: Several years ago, we did not have the security in place to keep these devices protected. They were coming back into the district with all kinds of threats, and we had to constantly reimage them. When we started looking at a security architecture, we wanted something that was in the cloud and that could keep our staff and students safe 24/7, 365 days a year.
We also wanted something that would run in the background. We didn’t want security pop-ups and alerts impacting our users and their day-to-day routine. At the same time, it was crucial for our IT staff to have in-depth visibility into what was happening on each device to easily detect, track, and mitigate attacks.
Q: How does Cisco help you safeguard the transition to digital learning?
Blair: Through a combination of technologies including Cisco Secure Endpoint and Cisco Umbrella, we can see and block attacks from multiple vectors — including the internet and email — whether a device is on or off the network. Most importantly, it’s all integrated through the Cisco SecureX platform, so we get a unified view into our systems and potential risks, and can also automate and accelerate our response. Cisco Talos is the brains behind it all. We learn so much from Cisco and the resources they make available to us.
Q: How has Cisco helped you become more cyber resilient?
Blair: Before Cisco, we didn’t know whether malware was on our devices until staff and students brought it to our attention. We didn’t have the insight to be proactive and prevent significant damage. Our staff and students were bogged down with continual security disruptions, and it was very stressful because it took away from what they needed to get done in the classroom.
Now, we know exactly when threats hit our district, and can keep our staff and students safe before they even notice something has happened. Since integrating Cisco security products, we haven’t had any major threats affect our staff and students.
In security, you always have to be thinking about what’s next. Cisco frees up time for our IT staff to focus on higher-level projects that will move us forward from a technology standpoint.
Q: In addition to deploying the right technology, what else can organizations do to be more security resilient?
Blair: Everyone has a role to play in security. My colleagues and I often communicate with staff and students about what we’re seeing and the security we have in place. It’s critical that everyone knows what we’re doing and why, so they can work alongside us to protect themselves, each other, and the district from cyberattacks.
I am always learning too. Being involved in the Cisco Gateway community has allowed me to gain valuable knowledge to help keep Shawnee Heights cyber resilient — while also sharing my experience with others.