Written by Bill Bennett, tech journalist
Cyber security is changing. In the past the focus was on building a defensive wall around known devices and fixed networks. That’s harder now that people can move around, choose their own devices and use external connections to work or study from home or elsewhere. Remote access technologies offer attackers ways of getting behind those defences.
N4L is rolling out Secure Access as part of the Te Mana Tūhono programme to upgrade school and kura Wi-Fi networks. Secure Access will help make your school or kura less vulnerable to security risks such as ransomware. It’s another Network for Learning tool to help protect you from online threats, keep your school’s student data safe and give you greater control over what happens on your network.
At the core of Secure Access is network segmentation. In addition, it leverages a ‘zero trust’ approach to cyber security. This is recognised internationally as best practice. ‘Zero trust’ operates on the principle of ‘never trust, always verify’. With a ‘zero trust’ approach, every device and person using an identified network or sub-network has to be known, verified and authorised before it can get access.
Today the emphasis is on knowing who is connected and what devices are using the network. With Secure Access each student and staff member has a unique login. This means administrators can identify who is using the network. It gives you control over who has access and who doesn’t.
Secure Access extends this by authenticating and authorising each device. Once a device is known to the network, it remembers the log-on details so users don’t need to log-in every time they connect to the network.
The network is divided into separate sub-networks for different groups of users: staff, students and guests. It’s possible to have different levels of access for ākonga at different age groups.
Dividing the network into smaller sub-networks for ākonga, kaiako and guests helps reduce the impact of a cyber attack. Without this, an attacker who manages to get access to the school network, might be able to find their way to sensitive information, such as personal information in the school’s student database or the school’s finances.
By segmenting users you can decide what ākonga, kaiako and manuhiri are able to do online. Staff members can have wider internet access, including being able to reach sites that might previously have been blocked to protect ākonga. Guests can, in some cases, stay unidentified but since it’s a separate network it doesn’t pose additional security concerns, especially when it’s mitigated by frequent password changes.
Cyber attacks are an unfortunate part of modern life. We can’t eliminate the risks, but we know attackers target the low-hanging fruit. A tool like Secure Access goes some way to making sure your school won’t be that low-hanging fruit. It will help you eliminate some insecure practices, such as shared passwords. It also gives you and your staff greater flexibility and control.
Secure Access won’t solve all your security problems, but it goes a long way towards making your network less vulnerable and reducing online threats. It provides an important extra layer of protection that will bring your school in line with international cyber security best practice. You can find more information on Secure Access here.
Bill Bennett is an experienced editor and journalist specialising in technology and business. He has worked for New Zealand and international newspapers including the NZ Herald and The Australian Financial Review. He is also a regular technology commentator on RNZ Nine-to-Noon.