College Gives BYOD Users Secure Network Access

By Guest Author Print this article Print
securing network access

A network access control solution enables Broward College to manage the thousands of students and staff who access the network from their mobile devices.

To further boost our network security, we're using ForeScout’s ControlFabric technology to integrate CounterACT with existing security software, starting with our QRadar security information and event management (SIEM) system. This allows our information security and IT teams to correlate CounterACT information with all logs sent in from campuswide servers. From QRadar, we take action based on the type of user, device or issue.

For example, we can act on any suspicious behavior we’re seeing in the SIEM or from issues CounterACT identifies. We can either isolate the offending system or inform the user, which includes the ability to send message pop-ups.

Some of the common policy violations include users visiting inappropriate or malicious sites, which results in an automatic notification from CounterACT telling them they are in violation of college policy, and they can adjust their use accordingly. This way, we can change behaviors while keeping a positive user experience and complying with university guidelines.

Policy Enforcement and Compliance

In education, IT policy setup and enforcement is also essential in maintaining superior network security. Not only does CounterACT help enforce our own policies, but it also allows the college to remain compliant with privacy regulations. These include the Payment Card Industry (PCI), Family Educational Rights and Privacy Act (FERPA) and Health Insurance Portability and Accountability Act (HIPAA).

In addition, like all colleges and universities, Broward must comply with the Digital Rights Millennium Copyright Act. CounterACT strongly contributes to our compliance by notifying the IT and information security teams when a user is committing copyright infringement or running peer-to-peer software. It also enables IT to take action on the software on the system according to our Acceptable Use Policy.

We can either remotely disable the noncompliant program or send a message directly to individuals informing them that they’ve violated a network policy. We then offer alternative programs or college-approved ways to download noncopyrighted material.

Having these capabilities helps us provide a secure network without disrupting the academic experience for the user. In higher education, students and faculty are our customers, and we like to make their network experience seamless and convenient.

Most importantly, we never want to infringe on academic freedom: We don’t want to interrupt what faculty or students are studying or researching. It’s a constant balancing act to keep everyone’s information safe, while enhancing their learning and resource accessibility. Our NAC solution allows us to accomplish that goal.

With such a large and changing network environment, deploying a NAC solution has allowed us to strategically plan for the future and more importantly, enable IT security to be proactive rather than reactive. BYOD security issues and policy compliance requirements will intensify in the future, and solutions like CounterACT give us the visibility, control and risk reduction to meet these challenges head-on.

Matt Santill is the chief information security officer at South Florida’s Broward College, one of the largest colleges in the U.S. His previous experience was primarily in corporate America, working with a Fortune 100 company and other publicly traded organizations.

This article was originally published on 2014-07-11
eWeek eWeek

Have the latest technology news and resources emailed to you everyday.