Over the past decades, the world of education has been undergoing a digital transformation, moving from micro-computers to a promising hyper-connectivity. These services, whether public or private, now use computers and networks to manage, for example, administrations, data, admissions, examinations, research from the various laboratories linked to universities, etc.
As a result, education information systems are open, complex and heterogeneous, sometimes with relatively unclear boundaries, while hosting a large amount of information about education staff, current or former students, candidates, administrative staff, suppliers, etc. Documents containing examination topics, high value-added research projects that fall within the scope of intellectual property are also accessible through these databases. For all these risks, institutions often have insufficient human and financial resources to protect their structures, turning them into prime targets for ill-intentioned actors.
Types of threats
While universities are high-level targets, secondary or primary schools should also be considered. These schools are often linked together within the same academy, and some are poorly protected. Why? Old systems contain known vulnerabilities and have become prime targets for local malicious actors seeking access or modification of personal data. In parallel, many data is also available to institutions that may be of interest to hackers: notes, addresses of students or teachers, parents’ income, tax returns, school fees, scholarships, etc. By protecting these systems, we are protecting the privacy of many schoolchildren and teachers and ensuring the integrity of their results upon which their future depends.
Admissions to higher education have been carried out over the past decade through online admission platforms. Hosted by national, regional or university infrastructures, the integrity of these admission platforms must be guaranteed.
The admission management portals offer new selection methods that can create debates. The stressful situation around these platforms encourages attacks on these potential targets. Malicious actors wishing to compromise data or make these infrastructures unavailable at key moments can operate during days of results or admissions.
More and more higher education institutions are using IT resources for their examinations: Quiz, technical tests, national medical competition. Services may be compromised to prevent events from taking place.
In every University there are laboratories working to develop new technologies, both in the fundamental and societal fields. The data collected by these teams are key to innovation and future industry. From espionage, in order to accelerate the search for one’s own state or company, to sabotage, in order to slow down research in a particular field, research infrastructures are recurring targets of high-level malicious actors.
To encourage research (sharing and communication) between the various actors in mainland and overseas, some countries have opted to build university research networks linking all higher education entities. It is through these networks that critical data from the most sensitive research entities (computer, aeronautics, mechanical and aerospace laboratories) are transmitted. These infrastructures are therefore key points in the research system and make them prime targets. Such systems must be protected to ensure their integrity, availability and confidentiality of the data that passes through them.
TEHTRIS protects the education sector
To address these security issues and constraints on public or private education infrastructures, TEHTRIS has developed a platform whose configuration can be adapted to certain needs.
By being deployed within the education community, our TEHTRIS XDR Platform provides a real layer of security that will fight against generic attacks, such as ransomware, intrusions, known and unknown viruses, but also against more advanced attacks aimed at spying, sabotage or massive data theft.
The TEHTRIS XDR Platform is adapted to standard operating systems on the market, it is easily deployable and does not require any expertise for its operation. It will therefore be able to adapt without restriction to almost any system.
The implementation of the various modules provides a 360° view of the monitored system. Risky activities are thus equipped with real detection capabilities, intrusion attempts are pointed out as soon as possible, even before these attacks have had the slightest impact.