Due to the evolving and complex security requirements of K-12 schools, physical security solutions must be integrated with the network. Learn why this convergence is critical for student safety and network performance.
Technology has consistently driven change across most environments, resulting in new innovative services and better ways of completing everyday tasks. K-12 classrooms have embraced new learning initiatives through digital transformation efforts, including BYOD programs and elearning strategies. In order to make the most out of these digitally-centered curriculums, IT teams must be able to provide students and staff with a seamless experience so as to not hinder learning opportunities. This includes things like high bandwidth, roaming through and between school environments, and supporting devices that transition between home and school. K-12 schools are also popular targets for cyber crime, so extra care must be taken to protect these devices against viruses, data breaches, and malware.
In addition to bolstering efforts towards education, many schools are now using connected devices such as surveillance cameras, digitally controlled access points such as exterior and classroom doors, and facial recognition software to alert administrators and security personnel of potential intruders and to take measures to contain them. While these technology-based physical security tools offer important benefits in regards to education and safety, they also present new risks due to the expanded attack surface created by the connection of these new devices to campus networks.
Furthermore, these risks are heightened due to the value of the data stored within these networks, including PII, healthcare information, and financial information. With device usage continuing to play a critical role within schools, IT teams must consider new strategies to protect their students and staff. This ultimately means having an awareness of those devices which pose the biggest risk to networks, the information they hold, and the access they have to other digital resources. Compliance must also be a top consideration for IT teams when making decisions about these technologies and the safe storage of PII, K-12 schools are required to demonstrate compliance with various regulations such as CIPA, FERPA, and COPPA in order to protect students and their personal data.
Addressing the need for secure surveillance
For schools to create a safe environment, both physically and digitally, certain factors need to be understood, including the frequency of cyberattacks, the limits of IT resources, and a lack of awareness among students and staff when it comes to cybersecurity best practices. It’s the failure to address these challenges that opens the door for cybercriminals who are able to exploit vulnerabilities with the understanding that proper security controls are likely not in place.
The potential for cyberattacks increases when physical security devices are involved, especially surveillance cameras. According to Fortinet’s Q4 Threat Landscape Report, cybercriminals largely target these devices due to the fact that many lack the necessary security controls. In fact, four of the top 12 global exploits in the last quarter of 2018 were directly related to IP-enabled cameras.
Cyberattacks related to surveillance cameras are especially problematic within K-12 schools, which use these devices to provide real-time surveillance of students and facilities and respond to potential emergencies involving their students. When targeting IP-enabled cameras, cybercriminals have the ability to interfere with private conversations, gain access to cyber systems to steal information or launch an attack, and even shut cameras off, putting students’ safety at risk. In order to get ahead of these threats, IT teams must prioritize the convergence of digital and physical security. Other cyber-connected systems, such as physical entryways and digitally controlled physical countermeasures to lock down facilities and isolate intruders, present similar vulnerabilities and risks.
Digital and physical security in K-12 programs
Due to the complex security requirements of K-12 schools, isolated point products simply cannot keep up when it comes to securing these devices. This is compounded by the fact that many schools lack the security personnel required to keep up with the changing threat landscape, adding to the challenge of cybersecurity in these environments. The integration of physical security solutions, such as surveillance cameras and badge readers, with network security requires additional controls designed to recognize and respond to threats. By operating cameras on Next Generation Firewalls (NGFWs), for example, these devices would be protected against hacking attempts and other threats.
When consolidating physical security solutions into the network, IT teams need to ensure the following:
- Network bandwidth is capable of providing complete availability, including uninterrupted video streaming
- Fast, easy deployment of each device
- Firewall protection which spans to outer edges of the network to defend against external attacks
In order to achieve this level of protection, IT teams must also have an understanding of which solutions can safely be utilized in the first place. This means avoiding off-the-shelf cameras that cannot be integrated into the network, cannot provide historical information such as the location of a specific person, and lack network intelligence. By employing a fully-integrated high-performance surveillance solution like the FortiCamera, protection is guaranteed because all components are purposefully designed to work together within a highly-secure and cohesive system.
As the attack surface continues to expand and new devices are introduced into K-12 networks, schools must employ comprehensive, integrated, and automated security strategies that cover the entire spectrum, from physical products to digital solutions.
Without proper security measures in place, K-12 schools could face cyberattacks which put the safety of students staff, and networks at risk, as well as physical threats which cannot be properly controlled. Despite the benefits that physical security solutions can offer, it is critical that these products be integrated into the network to effectively defend against both cyber and physical threats, while ensuring that performance is never compromised. By converging physical and digital security, schools can adopt technology designed to keep students safe and improve learning opportunities, all while knowing they are secure against cybercriminals and other perpetrators looking to exploit school vulnerabilities.