Remote access via virtual private networks (VPNs) is a major technological advancement reshaping organizations worldwide, including educational institutions. The IT solutions of all educational institutions, ranging from primary schools to universities, face unique challenges in order to provide a more advanced learning and working environment, while also maintaining security requirements and optimal IT efficiency.
Common Applications in an Educational Institution:
Educational institutions require numerous IT applications, which are managed by the network support teams. These include:
- email accounts for students and faculty
- secure email access
- intranet set up and functionality
- web and mail services
- storage and management of sensitive data
- online examination management and results posting
- secure intra-departmental data transfer
- secure remote access to server rooms and on-site data centers; and
- maximum security levels preventing hacker attacks, and enabling secure login and sensitive information transfer
In addition to providing a secure mechanism to access the above list of necessary applications, IT administrators are also responsible for minimizing network downtime, monitoring uptime, and keeping service costs under control. In order to provide this, remote access technology is the optimal solution.
Reasons for Using Remote Access:
1. 24/7 Accessibility
Remote access through VPNs provides cost-effective 24/7 data access to students and staff from anywhere.
2. Reduced Security Concerns
VPN technology allows secure remote access to educational resources and individual desktops for faculty and staff members through encrypted connections, via Web Secure Proxy and secured authentication methods.
Innovative remote access solutions implement a security strategy that also includes firewalls, anti-virus software and intrusion prevention services to protect vital and sensitive information within the network.
3. Reduced Investment in Technology Infrastructure
Due to the potential for mechanical failure, hardware solutions are prone to break downs. Initial costs and costs to repair cause hardware solutions to be significantly less viable than pure software solutions. Additionally, software solutions enable IT administrators to resolve several problems remotely, thereby further reducing costs and resource use. The implementation of a software based solution has the additional benefit of optimizing existing server resources, which reduces total cost of ownership.
4. High Availability
Access from the client requires a Web browser only. This allows for specialty software applications to be made more readily and widely available to the students, staff and faculty. This high application availability allows for e-learning programs and superior online delivery methods after school hours.
The total enrollment in public and private postsecondary institutions increased 47% between 1995 and 2010, and a further increase of 15% is expected between fall 2010 and fall 2020. The growth in the number of students attending educational institutions puts network administrators under pressure to increase the amount of PCs and network facilities in order to accommodate their staff and students. An increase in terminals necessitates an increase in the number of servers; since these servers are the pillar of the institution’s Network, it is important that they be consistently reliable, as network downtime implies an interruption of essential services.
High-quality VPNs allow for workload balancing of cluster servers, meaning the division of a computer/network’s workload between two or more computers/servers. This process facilitates the system’s optimum performance, which results in faster data access. Load balancing also prevents failover, which occurs when a user cannot access a database in a cluster - either because they cannot access the database itself or they cannot access the database server.
A VPN is highly scalable and supports many different platforms. VPN technology provides remote access via any device, such as desktop computers, notebooks and tablets, and all operating systems are supported, including Microsoft Windows, Apple MAC OS X, and Linux. In addition, this technology allows educational institutions to purchase resources as needed. If the institution experiences significant growth, it can easily increase the capacity of their remote access solutions. Conversely, if their needs decrease, they can scale down.
6. Single Sign-On
Single sign-on is a capability that enables secure authentication across many services with only one password. It allows users to be logged into multiple services once the user has signed in to one. Single sign-on streamlines the authentication process for the user, while simultaneously protecting the institution’s resources.
Remote access technology has proven beneficial to several organizations as it optimizes resources, decreases administrative costs, increases productivity and enhances the learning process. Today, remote access technology for educational institutions is considered an essential part of a comprehensive IT security infrastructure.
Author: Hazel Farrugia
More and more, “work” is being defined as something people do, rather than the place people go. Today’s organizations are shifting away from the usual nine-to-five workday, and progressing towards the trend of remote working (also called telecommuting). Remote working enables organizations to gain a competitive advantage from higher productivity, better work-life balance and decreased costs.
However, IT teams frequently face several problems related to mobile workplace deployments. The most common pitfalls are:
1. Ignoring Common Threats
Security risks posed by malware have been on the top agenda of many security teams; however, a more frequent threat nowadays is mobile phishing. Phishing occurs when identity thieves collect user information such as name and password, Social Security number, date of birth, ATM PIN or credit card information, for use in committing fraud or other illegalities. Since it is more difficult to identify fake URLs on a mobile device, it is more likely that remote workers will succumb to a phishing scam, than their in-office counterparts.
2. Taking a One-Size Fits All Approach
Managing mobile device security is more limited, and normally exerts a level of inconvenience for users. For instance, mobile virtualization can allow users to work remotely without any data on their devices; however this may be overkill for the employee who simply wants access to corporate email.
3. Failing to Educate Users
As more organizations adopt the mobile workplace strategy, managing the employees who use mobile technology has become more arduous. IT teams should educate employees to participate in keeping corporate data secure.
4. Assuming Users will Follow Security Policies
The organization should draft, write and implement comprehensive and reasonable security policies to efficiently manage and protect information. IT teams should focus on protecting the company's highly-sensitive information assets, rather than the devices used by remote workers themselves. IT teams must also educate users on why it is important for them to follow the policies put in place.
For any business which has implemented a remote workforce strategy, or those wishing to deploy such a strategy, it is important that IT teams overcome these problems in order to protect the company’s resources.
If you would like to learn more about mobile workplaces, and find out which security issues need to be addressed, you can download our free eBook “How VPNs Help Providing Secure Mobile Workplaces”.
Data breaches are unfortunately becoming an inevitable part of life. In addition to the IT headaches, reputational risk and customer churn associated with a breach, the monetary costs are also a huge concern.
A data breach typically leads to fraud, which in turn can result in monetary losses from the victim. Furthermore, the FTC can fine a business up to $3,500 per data breach violation and the state may fine the business around $1,100 per record stolen. This means that if 10,000 customer records are stolen from a business, it will cost the most than $11 million.
Most organizations are willing to help compensate victims and help prevent further fraud with free credit monitoring. However, the obligation to compensate victims can severely dent a business’ budget and may result in closure.
It’s devastating to be notified that your information has been exposed at the fault of a university, health center or business. What is even more alarming is that there is not much you can do to prevent it as it is up to the organization to protect their data.
Have you had information stolen as a result of a breach? What were the costs to you or your business? What additional preventative measures should companies take to reduce the risk of breaches and the resulting cost? We are looking forward to your comments!
While there has been much coverage online about the Heartbleed bug, it hasn’t been clear exactly which websites have been affected by the bug. Our friends at Mashable created a list of popular websites that may have been affected by the bug as well as feedback from representatives at those companies. See our abridged version of the list below.
Websites that highly suggest you change your password as soon as possible:
Websites that don’t find it necessary to change your password:
Many websites that suggest you change your password are unclear whether their site was affected or not, but still recommend that users create new and unique passwords. For example, a Facebook representative stated, "We added protections for Facebook’s implementation of OpenSSL before this issue was publicly disclosed. We haven’t detected any signs of suspicious account activity, but we encourage people to .set up a unique password."Because the Heartbleed bug is still an unraveling mystery, we believe the mantra “better safe than sorry” properly applies here. We suggest changing your passwords for every site you have an account with.
We’ll continue to update our blog with any new information about the bug!
After we have already been to trade shows in the USA, Germany and Australia during the past weeks, we are now going to present our connectivity solutions to the Spanish audience.
HOB will be an exhibitor at the @sLAN in Madrid, which will take place from April, 23 – 24, 2014.
In the fast-paced IT industry it is especially important to always be up to date. That’s why we at HOB try to be present at as many tradeshows as possible. Being on the @sLAN in Madrid allows us to inform ourselves about the newest trends and opinions of the international IT market, without having to rely on information from a third-party.
The Spanish IT congress will host numerous IT companies, which will be presenting their latest innovations and products. This year, HOB will also present itself to the Spanish market and try to convince the visitors of its superior remote access solutions. IT trends that will be the focus of this year’s tradeshow are Cloud Computing, IT Security, Mobility, Big Data and Virtualization.
The @sLAN will take place from April 23 until 24 at the exhibition area Ifema – Parque Ferial Juan Carlos I in Madrid. If you are planning to visit the trade show, you can find HOB at booth number 22. At our booth, we will be presenting exciting live demos of our software solutions and provide you with additional information. Also, we will be having great giveaways for you. A special highlight for HOB will be the presentation of International Account Manager José Antonio San Juan Sampron, who will be talking about “Going Mobile – New Trends in the Enterprise Mobility Market.” The presentation will be held April 23, at 10:20 am in Room N110 CANAL.
We are looking forward to welcoming you at our booth and hopefully having many interesting discussions with all of our visitors!
For all of you who can’t make it to Madrid to visit us personally: HOB provides several opportunities to stay up-to-date about the newest IT security trends. On our HOB Trendtalk Blog, as well as on Google+ and Facebook, you can find information on topics about Secure Remote Access, Mobile Working, Cloud Computing and IT Security. Videos about those topics can be watched on our YouTube channel. And for those who like it short and simple, follow us on Twitter.
Like Cryptolocker, a new security culprit has been unleashed on the Internet. The Heartbleed bug is a vulnerability within the popular OpenSSL technology that allows hackers to easily steal a service’s encryption keys, thereby allowing them to steal other sensitive information including passwords and credit card numbers. This new bug was discovered by a team of security engineers at tech company Codenomicon and Neel Mehta of Google Security.
Fortunately, a fix has already been created. However, the onus is on the service provider to adopt the fix before they can be secure from hackers.
So what can you do to immediately protect your data?
Security researchers advise Internet users to first make sure that service providers have fixed the bug on their server—a new password for a service that has not installed the fix can easily be stolen. Then, change the passwords to all of your services, especially for sites that contain sensitive information like e-mail accounts and banking accounts.
Security researchers also recommend that users use highly secure passwords. Check out our previous blog, “The Importance of a Strong Password” for password strength suggestions.
Since March 8, a Malaysia Airlines jetliner has been missing with 239 people on board. The entire world has been following the search efforts to find the plane through news sites, blogs and social media.
According to an article by Computer World, people who search for news about the missing plane may come across a fake Facebook page dedicated to scamming users for their money.
The page has a share button as well as blue and white graphics—similar to a legitimate Facebook fan page. However, if a person clicks on the site, they will be presented with a link that claims to be a Yahoo! News article, then a YouTube video and a final lure designed to generate money for scammers.
The idea of the lure is to generate more clicks as apart of a Cost Per Action (CPA) scam. This is when advertisers charge companies according to the amount of clicks their advertisements received online.
As hackers and scammers become more innovative with their attacks, it is important to be extra aware and careful in terms of IT security. Hackers are on the prowl for unsuspecting social media users, insecure Wi-Fi networks and security holes.
We at HOB are appalled by the bad taste and brazenness of the scammers, and condemn their attempt to enrich themselves by abusing the sorrow of other people. Our thoughts are with the families of the missing persons and we hope that they will soon have certainty about the fate of their loved ones.
Readers, what are your thoughts on scammers taking advantage of the missing Malaysia Airlines plane? Please share your thoughts in the comments below.
From primary schools to universities across the country, educational institutions are increasingly leveraging technology in order to provide a more advanced learning and working environment. For example, secure remote access has significantly helped educational institutions optimize resources, keep administrative costs down, increase productivity and enhance the learning process. It has been gaining wide acceptance and is now considered an essential part of a comprehensive IT security infrastructure.
Secure remote access continues to benefit educational institutions in a number of ways, including:
Reduced Investment in Technology Infrastructure
Software-based remote access solutions enable the educational institutes to effectively decreasing their costs. Thus, the solutions fit perfectly into their existing IT infrastructures – without the need to invest in additional hardware. Secure remote connectivity optimizes existing server resources and reduces total cost of ownership. It can make the use of incompatible systems (e.g., Windows vs. Mac) a seamless interaction.
With secure remote access to campus PCs and computer labs, students can access course materials, files and software applications anytime from any location on or off campus via an Internet connection. This extends the classroom beyond campus buildings and hours and accommodates students interested in e-learning and distance learning. In addition, secure remote access services provide a level of convenience as students can use their preferred PC, laptop, tablet or mobile device.
Reduced Security Concerns
Many education institutions experience thousands of data breach attempts every day. According to the associate dean of research policy at University of Wisconsin, Bill Mellon, the amount of attempts to penetrate university systems has reached up to 100,000 per day. With that said, it is vital that universities implement remote access solutions as part of a security strategy that includes firewalls, anti-virus software and intrusion prevention services.
Ability to Quickly Scale Services to Match Demands
Many secure remote access solution providers allow universities and schools to purchase resources as needed. For example, if the institution experiences significant growth, it can easily increase the capacity of their remote access solutions. In an opposite circumstance, they can scale down services if their needs decrease.
Over the past few years, secure remote access has gained significant momentum in many industries, including education. Secure remote access has easily become an essential part of a campus-computing infrastructure that has the power to solve countless problems for universities and schools.
Readers, have you implemented a secure remote access solution for your education institution? Please share your experiences in the comments below.
The adoption rate of cloud computing and remote access solutions has been exponential in recent years, as many different industries have fully migrated to cloud solutions.
However, one industry has yet to fully adopt the cloud—the government. According to cloud computing expert, David Linthicum, the government has been resistant to full migration to cloud computing and remote access due to complexities of federal business processes.
Despite the complicated nature of security regulations, government research organization, IDC Government Insights, released a study that took a detailed look at the government’s 2014 IT plans. According to the report, the U.S. government experts to spend $118.3 million on public cloud solutions. This new budget is an increase of 32.8%. The implications of this budget proves that in the next year, the government will be more focused on developing an IT strategy that will allow the adoption of cloud computing.
We, here at HOB, hope to see an increase of the government’s use of cloud computing and remote access solutions as our products are designed especially to meet the growing security and compliance requirements. For example, our flagship product, HOB RD VPN, has extensive security perfect for critical government data.
HOB RD VPN supports government agencies in successfully integrating secure remote access solutions into their existing IT infrastructures – for 24/7 secure remote access to data and applications, at any time, from anywhere around the world and with any device. This software solution also enables encrypted data communication using SSL and supports various state-of-the art authentication mechanisms like Kerberos Single Sign-On. Additionally, HOB RD VPN allows government agencies to implement client-side SSL-certificates, e.g., on Smartcards, and supports the usage of one-time-password solutions within their compliance strategy.
Do you think the government’s adoption of cloud computing and remote access solutions will be successful? Please share your thoughts in the comments below.
Another chapter in the cautionary tale of cyber security vulnerabilities opens this week with the hacking of two major US newspapers – the New York Times and Wall Street Journal. The lead article in the Wednesday, January 30 issue of the New York Times covers the attempts and methods used by the Chinese military to hack into the their network. Reportedly, the Chinese military’s primary motive was to uncover the sources of an October article reporting on the wealth accumulated by relatives of China’s premier, Wen Jiabao.
Meanwhile, the Wall Street Journal also experienced hacks with connections to the Chinese government. The Journal reports that the Chinese’s intention also was to monitor coverage of China in their newspaper and to trace the sources of that information.
Products that feature secure remote access, strong encryption and reliable authentication methods may seem like an adequate solution for a company with vulnerable networks. However, the New York Times states that their own anti-virus capabilities did not dodge the attacks. Furthermore, these espionages exemplify the vulnerability of networks and the necessity of comprehensive security measures to prevent attacks.
In a ZDnet article covering hacker expertise, Hewlett Packard’s SVP of enterprise security products, Art Gilliland, explains the power of knowing a hacker’s next step and disrupting it rather than solely using security software to identify attacks. “This is a game of risk management,” Gilliland stated. “Companies need to be able to see and understand their exposure potential and prioritize what they respond to.” The New York Time’s security team followed a similar strategy by surreptitiously monitoring the moves of the hackers in order to determine more adequate defenses against them. Before the hackers could do any serious damage, the Time’s security expert team blocked the hackers from breaking back in.
Because hacks are inevitable, expansion of security policies and experienced security teams are necessary to prevent future opportunities for hackers. However, many companies do not have the budget or experience to create a team with a sophisticated attack strategy. This is when organizations that monitor cyber attacks may need to be brought in.
Has your business been a victim of cyber attacks? If so, did you have security technologies in place that allowed you to identify and thwart the attacks? How well did they work? Contemplate these questions now to prepare you for the very real risk of an attack in the future.