Cloud computing has revolutionized the way education is delivered. Where information used to be confined to the school library, there is now an entire world of content just a click away. Collaboration, instant assessments, adaptive and individualized learning capabilities, and analytics are all becoming readily available to educators because of the cloud. But your having access to the rest of the world can also mean there is a risk that the rest of the world might just have access to you. For students and faculty—and all those who access educational network and data assets—it’s a benefit that comes with a heightened need for privacy and security.
A critical factor in cloud security goes beyond the kinds of solutions that can be purchased and implemented. It’s about being educated and practicing online safety, and this applies as much to the end user as it does to the IT staff. From an IT perspective, this could mean validating the SLAs of the cloud provider to ensure that they meet the school’s security and privacy requirements, properly encrypting your data, and implementing a hybrid cloud environment that keeps your most sensitive information on-premise so it’s never out of your control. It’s important to properly educate students, faculty and staff by creating ongoing training and awareness processes (such as with yearly job reviews or as a new-hire training requirement) that instill a culture of security. Blocking and tackling security by having strong passwords, identifying phishing emails, and instructing them to never click on these or other malicious items that may show up in their inboxes greatly improve the security posture while mitigating risks.
Then of course, there are the cloud security solutions that can be purchased. One overlooked piece of this solution, however, is the underlying hardware and the role it plays in your overall security and privacy. Many new security applications are designed to take advantage of the latest hardware security features. That means that if you’re buying new security software but still using old servers, you might not be getting all the benefits you paid for.
A powerful security feature to protect key assets is Intel® Trusted Execution Technology, or TXT. TXT essentially ensures that you have a trusted state at boot-up. Once you boot up a new VM (Virtual Machine) in the cloud TXT guarantees that it is uncompromised. It’s possible to apply security policies to establish that certain workloads will only run on these trusted server environments, or that they can only be executed in certain secure locations. The latter is useful when your policies dictate that you cannot move certain types of data out of a specified region.
There are a number of cloud providers who use Intel TXT for enhanced security, so if you’re using the cloud, it’s a good idea to see if your provider is one of them. Whether you’re deploying your own cloud or using a public provider, it’s important to understand not only the security software capabilities that are being applied but also the hardware that it’s all running on.
Most schools are required to keep a minimum level of security in place, as dictated by regulatory compliance (this can vary by region, state, or country), but with the right tools, you can exceed the minimum compliance regulation requirements.
The cloud will continue to be utilized in education just as it will be in all sectors, and that’s good news for the bad guys who want to exploit it. The good news is that by optimizing your security, you can keep those bad guys out, and keep your students and faculty safe online.
Click here for additional cloud security solutions.