The benefits of an independent internet and security solution in Education

Firewall and filtering that you control

Firewall and filtering that you control

It is becoming increasingly essential for schools in the UK to have an independent internet and security solution. To have an independent internet solution means a school has control of both web filtering with access to and from their network. This enables them to alter and update filters and firewalls immediately as a threat is detected, blocking undesirable websites and therefore safeguarding the students.

But more crucially it allows the school to respond immediately to the needs of the teachers and learners, with the move to mobile devices and cloud based resources the need to be more flexible and responsive is critical. Many APPS and web based resources use non-standard ports and protocols that are blocked by centralised local authority firewalls and outdated corporate style security policies.

Imagine the situation; a teacher plans a lesson at home using maybe an iPad, kindle or similar. They arrive in a lesson connect to the School Wi-Fi and the APP or resource is blocked. The lesson cannot be taught leaving frustrated staff and pupils. The understanding teacher then asks the IT support team to unblock the APP in question for the lesson tomorrow. A call is raised to the LEA, and then logged and eventually a response is given. This response is often a negative one due to either the inflexibility of centralised solution or a security policy preventing them from allowing access. Leaving the teacher unable to conduct the planned lesson at in school.

With an independent internet and security solution the above situation would likely have been resolved within an hour if not minutes, removing the frustration of staff but also demands on IT support team.

This control over school filters can even open up some possibly controversial websites that could benefit teachers, students and learning. Currently in the UK the majority of schools have strict filters for social media websites due to the issues that can occur between pupils etc. However, Social media can have some real benefits for education. John Bidder from ‘Get Logged in’ discusses the benefits of social media within schools;

Typically using media which is social in nature brings benefits that are to do with timeliness, speed, insightfulness and having an authentic ‘ready’ audience. Social media is one channel that more and more schools are using to get the conversation of what children are learning going – even into the home with parents. However, to achieve any of this you first need to be able to access these tools and that’s where autonomy or a flexible filtering management set up is so important. 

Additionally, a transparent proxy is useful for schools looking to implement BYOD. A transparent proxy would be applied to devices as they join the network. Therefore, children, staff or guests entering the school with their own iPads, phones or laptops, will not need to change any settings on these devices to access the internet in school, yet they’ll be immediately safeguarded from any online threats without compromising the security of the main school network.

The key message is no two schools are alike, every School has different needs and views on levels of control. Each school needs the ability to respond quickly to the demands of the need computing curriculum, mobile devices/BYOD and cloud resources. To do this schools must be in control and be able to make their own decisions to implement change quickly.

The ‘Heartbleed’ and what it means to our customers

It has recently emerged that a major security flaw at the heart of the internet could be exposing internet users’ personal information and passwords to hackers. It is not clear how much damage the bug may have caused, but it is one of the largest security issues facing the internet so far.Heartbleed

The bug exists in a piece of open source software called OpenSSL which is designed to encrypt communications between a user’s computer and a web server.

This issue got the name Heartbleed as it affects an extension to a Secure Sockets Layer called the Heartbeat. This is one of the more extensively used encryption tools online and believed to be used by about two-thirds of all websites,  amounting to about half a million sites. If a website has a padlock symbol in the browser then it is likely that it is utilising SSL.

The bug is believed to be that serious a website has been established for it: Heartbleed.com. This website outlines all aspects of the problem for anyone who may have concerns over there personal and private information.

The issue was uncovered by Google Security and Codenomicon who said it was created by a programming error. OpenSSL is open source, therefore, researchers were able to investigate the code in great detail which highlighted the issues. This is a very difficult task to carry out as code can be very complex and it can be time-consuming to locate such problems.

Virtue Technologies do not consider our customer UTMs to be at risk at this time as the relevant attack surface of the UTMs is not directly available from the internet on the standard SSL port. The exploit predominantly targets web servers rather than end-user environments.

However, Sophos released an update which included a fix for this vulnerability and as a precaution we have deployed this to all our UTM customers.

In the following video Elastica’s CTO Dr Zulfikar Ramzan walks through the mechanics of the Heartbeat (Heartbleed) flaw (at a high level), how an attacker can exploit it, and its underlying ramifications;

 

 

Education and Innovation Conference and Exhibition

EICE-Image

Last week Virtue Technologies attended the Education and Innovation Conference and Exhibition.

EICE

The event was held in the beautiful Manchester central building and enjoyed by more than 2,500 visitors. It went on for two days and consisted of 130 exhibitors and over 60 inspirational speakers.

During our time at the exhibition, we engaged with various representatives from different schools, providing demonstrations and advice surrounding technology in education. Speakers were joined by visitors for talks about issues facing schools in regards to technology and education. There was focus on educational resources quickly becoming more internet-based as the digital revolution gathers pace. Classrooms of the future were fully demonstrated and provided a lot of food for thought.

Phil Lawson, Managing Director of Virtue Technologies, commented;

“As a North West based educational ICT provider, we feel there is a lot of importance in the success of a North West based event. The industry is very London centric with a huge focus on BETT as the “go to” education event.”

IMG_20140227_112724

“I felt the speakers were exceptional and there was a varied range of discussions across many technological areas which added real value to any attendee. The exhibition, whilst smaller than BETT, was very focused and specific to the needs of the attendees.”

The EICE was a great opportunity for attendees and businesses to come together and discuss the importance of IT in education.

Virtue at the Sophos Security Council

sophos_logo_PA4_rgb

Virtue Technologies was yesterday invited to attend the Sophos Partner Security Council. Attendees included just a small handful of key partners with Sophos represented by the UK Channel Manager, VP Product Management and Senior VP and General Manager for Network Security.

Sophos arranged this event for two main reasons;

1. Sophos want to enable key partners to feedback  what we and  our customers want to see in future product releases or changes to existing products – it also gives us a chance to discuss any issues. The new acquisition of CyberRoam was discussed to provide some insight as to how the two companies and their products were going to merge.

2. Sophos then provided visibility of the product roadmaps for SophosCloud, Endpoint Security, Network Security (UTM) and MDM.

Keep an eye on our blog as there are some very interesting developments on the way…

Sophos acquires Cyberoam Technologies

cyberoam sophos logo

It was announced recently that Sophos has acquired Cyberoam, a leading UTM company headquartered in Ahmedabad, India.

This acquisition combines two highly successful companies in network security and positions both companies to succeed further whilst enabling Sophos to increase on their commitment to your network security. Cyberoam will provide complementary technologies expanding on Sophos’ already significant product portfolio.

Sophos combines leading security technologies in endpoint, mobile, encryption and data protection, e-mail, web, server, and network which all focus on small/midmarket companies, schools and colleges. Combined, Sophos and Cyberoam will have more than 2,200 employees, with more than 600 focused on network security, including more than 350 in Research and Development.

This decision for the two companies to come together benefits both Sophos and Cyberoam enabling them to expand and accelerate on the success that they are already enjoying.