education Archives

Posts

Please don’t tell me it’s Window’s Defender!

February 3, 2022/in Cloud, data, Education, IT Security, Latest Tech, Microsoft, Security /by Maciej Owsiany

Cyber-attacks happen and are increasing in frequency. Certain sectors are naturally susceptible to these attacks; banking, government, healthcare, and energy sectors will always be targets due to the nature of what they do. But did you know that the Education sector is also very high up the list?

Around 20% of all educational institutions have been specifically targeted by cyber criminals, and a MASSIVE 83% of UK schools had experienced at least one cyber security incident. There are many other scary statistics that can be quoted, and you would think that with this information being readily available for review, schools and other institutions would take cyber security seriously; you would think wrong.

It’s just not good enough

Here at Planet IT, we have many dealings with the education sector, whether that be providing fully managed support, running security health checks or just the facilitating the procurement of specific classroom hardware, we have seen how vulnerable a lot of school environments are. We talk to schools daily and something that keeps coming up is the widespread use of Microsoft Windows Defender as the sole endpoint security solution. Something else that keeps being apparent on most calls we join is that the on-site IT team are too busy being reactive and fighting fires to spend the time being proactive and looking at the bigger picture.

Microsoft Windows Defender is a consumer-grade antivirus that is native to Windows 10 and comes preconfigured. There is an anti-ransomware element to it, but the testing we have done in the past shows that it is not capable of detecting most live ransomware threats:

So, what should you do?

Well, you should start with an industry-leading endpoint / server security solution such as Sophos Intercept X Advanced which will detect ANY Ransomware attack using the CryptoGuard element (this detects any file encryption attempts and rolls them back using Windows Shadow Copy if any encryption has started by the time it is stopped). This combined with the award-winning Endpoint Protection / Server Protection means that your endpoints and servers would enjoy a very high level of cyber security protection.

With any good security solution should come a good EDR product. EDR stands for Endpoint Detection & Response. This provides additional reporting and threat mitigation tools for your environment.

But does this really happen?

A real-world example that I have seen first-hand – we have a large private school as a customer. They were hit by ransomware which took down some critical file servers AND compromised the backups. With Sophos Intercept X Advanced with XDR (Sophos’ EDR offering), we were able to see that not only did Windows Defender not stop the ransomware from running but didn’t even detect it as a threat.

Also, with the recent Log4j vulnerabilities, and further back the Hafnium vulnerability, XDR was a requirement to investigate customers’ environments to easily check if they were open to attack due to these vulnerabilities. With Hafnium, XDR could report what hosts were vulnerable but also if they had been compromised and the location of the remote consoles that had been deployed by the bad actors. We at Planet IT saw at least 2 instances of Microsoft Exchange servers that had been compromised, and our job was made easier with XDR.

What if my team just don’t have the time to manage XDR.

The downside of adding XDR to Sophos Intercept X Advanced is that you need the resources to respond and investigate detected threats. Sure, Sophos Intercept X Advanced will of course detect and block any threats it comes across, but any advanced solution like this requires the time to configure and monitor to ensure you get the value from the product.

This is where MTR comes in; MTR (or Managed Threat Response) is a managed SOC (Security Operations Centre) provided by Sophos themselves, and will give 24/7 threat detection and activity reporting among many other benefits that are essential for any security conscious educational institution. With the Sophos MTR service, you can focus your time on ensuring your local infrastructure is running well safe in the knowledge that your Sophos environment is being looked after competently.

Planet IT recommends Sophos Intercept X Advanced with XDR and MTR Standard as the minimum level of protection for any educational institution.

Why the move to an OPEX budget model in education might be driving your business manager up the wall

February 3, 2022/in Backup, Cloud, data, datacentre, Education, IT Security, Latest Tech, Microsoft /by James Dell

For the longest time IT in education has been on a hamster wheel of improvements tied to the yearly capital bids cycle. IT managers rush to get improvement plans and strategy budgets in for their cut off, knowing all too well that 50%+ will be dropped before they even make it to governors. The other 50% won’t make it through the process.

This capital expense programme is built from the necessities of the past. IT infrastructure had typically been the second most expensive item on a schools books after the building itself. No school, college or academy in the past could afford to stretch it’s upgrades over the operational spend of the business unless they committed to long terms lease agreements or payment plans. While good intentioned, these plans often leave the organisation dragging upgrade cycles to 5 years plus rather than their natural 3 years.

With all the changes that 2020 and 2021 have brought, this model has to change, and the main reason for that is the cloud.

The Time For The Cloud Is Now

Now this is not some fantasy of a cloud lead future. This is the reality of a world leaving behind the need for a private datacentre or server room and pushing for the convenience, security and integrity of managed public cloud.

This however leaves a challenge for all of those who are in financial roles in educational establishments. The model of spend once, wait 5 years before investing again, will not and cannot continue to work. Modern IT is mostly based around the per month or per usage model. Think Microsoft 365 and Azure, one is based on your user count or usage count per month and the other is based on the real-world usage of the last 30 days.

But we used to spread the cost..?

Now on legacy, I will grant that you could have purchased Microsoft services on a campus agreement. However, that is asking you to look into your magic 8 ball and hope you guess the right amount of usage for the next 12 months and then pre purchase Azure credits to cover that. This is a massively inefficient approach and misses the key benefit of cloud services – flexibility.

In a real world example you would expect an educational providers usage on a cloud based IaaS (Infrastructure as a service) to look something like:
• September – December (Mild Usage)
• Jan – Mar (High Usage)
• April – July (Diminishing usage as students slowly drop off timetable)
• then late July – Aug (Very low usage)
Now if you are paying for this upfront you need to work out what your average monthly spend should be and then try and guess how much you need to cover this.

This just won’t work, you will either hit your campus agreement renewal needing to pay overages or hit the renewal with hundreds if not thousands of wasted pounds. With Monthly flexible billing you don’t have this issue, you get a bill for what you actually use, now if it’s a critical system you can reserve the instance and gain some savings, but you have the flexibility.

This is a new approach for us. How best to do it?

Back to the question in hand and how does your organisation cover these costs?
Well to start with, your business manager needs to change how IT is funded in the budget. Moving the value that would have been placed on an infrastructure refresh into operational spend. They then need to find a way to increase this pot by 5-15% a year to cover cost increases. Now there is still a need for the capital bid, but these should be used for laptops, switches and firewalls and not servers and server licensing. With this shift IT becomes less of a burden as the spend is predictable and you are not looking at £500k investments every 5 years, but instead £80k a year spend on cloud services.

I often get asked how we work with our education customers to move to the cloud and for me the approach is simple; it’s about understanding. So many business managers have endured years of the CAPEX process and are used to the funding model. What our job is as technical professionals is to illustrate the savings in cooling, powers, facilitates and security that a move to the operational model brings and then work from there to deliver the best experience for the organisation.

If you are an IT manager today about to enter capital bids season, then think like this; bid for the money for your big server replacement but don’t propose legacy equipment and designs. Engage with Planet IT and we can support you in submitting a CAPEX to OPEX bid a support your move to the cloud.

Need more help to get it right?

2022 will be the year that most businesses make a major jump to the cloud. Don’t allow your educational establishment to be left behind and looking for answers, we have successfully worked with a large number of educational providers over the last 18 years to modernise and improve their IT for the better, we can do that for you too.

If you want to talk to one of our educational team about how we can help you with your capital bids or moving to the cloud, then please call 01235 433900 or you can email [email protected] or if you would like to speak to me directly you can reach out to me via DM or at [email protected].

Education in Focus: Biggest IT Refresh Year Ever

May 11, 2021/in Backup, Cloud, Education, IT Security, Latest Tech, Microsoft, Security /by James Dell

There comes a point in the academic year where exams ramp up, teachers, lectures and support staff are focused on getting student’s through their end of year exams and keeping the momentum up until the summer break.

Meanwhile in the cool dark of the server room, the IT Support teams across all academic settings are preparing for the calm before the storm.

This year, while we may not be seeing exams like we previously would, the IT Teams in our educational establishments are preparing for their busiest summer refreshes ever. The woes of 2020 are behind us and the shift to classroom learning returning for 2021/22, the push is on to make the infrastructure improvements that were put off during COVID.

Saying all that, budgets are likely to also be tighter than ever. So how can IT teams get the absolute most out of their IT projects?

To help we have put together 5 top tips for smashing your summer projects in 2021

Plan Early

When it comes to any form of IT project the further ahead you are planning the better chance of success you have, so start early!

Engage vendors and technology partners. Test the market and understand your options. If you are looking 6 months ahead of where you need to be, then when do you have to make the choice on the technology or the vendors you are going to use? Be armed with all the information you need so you can overcome the challenges the project throws at you.

Have a contingency plan

As you begin to plan your project, look at the what if’s…

For example, if you are replacing a server infrastructure, what happens if the new servers fail? Or before you have moved the data, if the old servers fail, do you have a backup? Have you tested it?

By implementing a rock-solid contingency plan you are positioning yourselves in such a way that you can overcome whatever challenges come your way.

Choose a partner you can trust

Remember you are not in this alone.

Whatever the chosen project you are undertaking there are partners who will help you achieve the goals of your organisation. However not all partners are equal. Not all partners have the same approach.

Find a partner who has the certifications and accreditations with the vendors you want to work with, i.e Dell Gold Partner or Microsoft Gold Partner with certified engineers. Don’t settle for “the local firm” as 9 times out of 10 they will get out of their depth very quickly. They’ll can end up making the challenges of delivering IT in education much worse.

So, pick a partner you can trust, and you know when you’re up against it, will have your back!

Only choose best of breed technology and don’t settle for last generation.

Lots of companies see education as an opportunity to move stock which the corporate world no longer wants – for example, servers which are now end of sale or software which has been pushed into its last few operational years.

You should never settle for anything other than the best in breed technology for your establishment. If budgets constrain that, reduce the scope of the project or limit the technology used. Don’t settle for old, refurbished or reconditioned equipment just to hit a financial goal. In the long term, you will pay the price when the equipment cannot be serviced and needs replacing before the business has got the full value from the solution.

Maximise gains using operations leasing

When making purchases in education, you have a great opportunity to access low cost or even free finance offerings for all of your large purchases. So, leverage these deals to extend your budget.

Limit the capex spend and get the best solution you can and prevent the project delays of stretching upgrades over 2-3 years which really need to be done today.

Using these top tips, your organisations should be able to avoid the pitfalls of so many education providers in the past and make sure you take step in the right direction when making your upgrade this summer.

Just remember you are not alone. At Planet IT we have a team of specialists who can not only support you with the decision making and selection of new equipment, but can support with the role out, implementations and upgrades to your systems.

If you want to talk to one of our educational team about how we can help you with your summer projects then please call 01235 433900 or you can email [email protected] or if you would like to speak to me directly you can reach out to me via DM or at [email protected].

Education in Focus: Cyber Attacks on the rise while protection remains behind other industries

March 24, 2021/in Education, IT Security, Latest Tech, Security /by James Dell

2020 was far from an easy year for the education sector, with the strains of COVID-19, the forced move to remote learning and the constant moving goals of exams, assessments and certifications looming over the industry. IT improvements and IT budgets were shifted from infrastructure and enhancements to purchasing laptops and enabling learning over video. These changes have had a dramatic impact on all educational organisations. Unfortunately, we are starting to see the repercussions of this, with several educational organisations being hit by cyber-attacks.

Another Attack

This week we have seen the latest attack on the University of Northampton, this is unfortunately just another in a long line of victims of the last few years.

As many of you who have read my articles are aware, I have a long history in the education sector, working across schools, academies, and colleges. From this, I have a very first-hand experience of how budgeting works in education. I know its effect on the choices that we make when it comes to selecting solutions and ultimately protecting educational establishments.

When I read stories like the one about the University of Northampton, it churns my stomach. This is because I know that the ladies and gentlemen who work in the IT teams of these organisations will have been doing everything they could to protect the system. However, they are always constrained by the limits they have finically and with their current technology stack. Having personally experienced several attacks first-hand, the IT Team usually takes the brunt of the fallout from these events. In truth, it’s business management and senior management, who’s lack of understanding, allows these incidents to happen.

The real-world cost of an attack

When these kinds of cyber attacks in education occur, we all see the headlines and the public outcry about the fact these threat actors get into and disrupt educational organisations. What is very rarely discussed is the organisation’s cost.

The cost itself is not just that of recovering from the breach. Depending on what equipment has been affected and what can be recovered, the cost anywhere from £10,000 to £500,000!

However, on top of this, you have to add the cost of staff not working. The organisation not being able to deliver teaching and learning can easily cost an organisation over £50,000 a week.

We then have to consider the cost of the damage to the organisation’s reputation and any fines that may come in from the ICO if data has been lost. These costs can total into millions.

The worst part of all of this is that insurance will not always cover these costs if you have the wrong cover type. In a real-world example, we are aware of a case where an educational organisation had a total cost of an outbreak at £2.5 Million, this figure should be enough to make your senior management sit up and pay attention.

Where to start…

The question then is, how do we get our educational sector partners to a position where they can protect their data, deliver teaching and learning and ultimately avoid cyber attacks in education?

The answer is about prioritising spending and focusing on ensuring that a security landscape is in place that covers all bases and protects against all foreseeable attack vectors. We start this with solid anti-virus and anti-ransomware technology. Endpoint protection must be paired with a robust Endpoint Detection and Response product (EDR) or an Extended Detection and Response product (XDR). These technologies will give you a strong endpoint protection roster.

Then layered on top of this, you need to look at device encryption, which must be centrally managed. Then, on top of that, we need to pivot and look at the ingress points on your network, this being your email and your firewall. Both should be robust next-generation products that use both Unified threat management and a traditional stateful firewall approach.

And then there’s the human element

When we have tackled the technical delivery needed to secure the network, we need to look at your staff and the human firewall element of protection. From this regard, we should be looking at Phishing training, security awareness and data protection training.

When you have all these pieces in line and configured to best practice, then there is a good chance that you will mitigate most risks towards your organisation. Now, that doesn’t mean your senior management can wash their hands of cybersecurity. Proper cybersecurity protection is reviewed and maintained regularly, and this also means patching all your other IT systems; it’s a busy and full-on task to undertake. However, if you do it correctly, it’s advantageous knowing that you are keeping your learners, staff and visitors safe and protecting against the effects of a cyber-attack on the business, individuals and the wider community

If you would like to have a conversation about how we can review your security landscape and work with you to build a robust cybersecurity landscape for your organisation, then CLICK HERE to book a meeting with me, or you can email me at [email protected] and together we can work to align your organisation against the current and future risks.