Speed and performance might make you think of motorcycles with big shiny chrome parts, but that’s not what this post is about (apologies). Instead, it’s about the speed and performance of a secure Chromebook user experience.
Today, we’re going to talk about the steps that educational institutions from preschool to graduate school need to take to improve online safety for students and staff alike and about how information security teams in the education space can partner with Cisco to get better security for the Chromebooks that many of those students and staff use for their studies and their work. We’ll also discuss how enterprise IT security teams can partner with Cisco to ensure a secure and optimized Chromebook experience for their workforces, wherever they are working on the web and in the cloud.
Let’s look first at the education space.
Cybersecurity challenges in education
Cyberattacks put the safety and security of teachers and school administrators at risk, in addition to the privacy of students from kindergarten- to college-aged. According to Cisco Talos, education and manufacturing were tied for the most targeted verticals for ransomware attacks in Q4 2023, together accounting for nearly 50 percent of the total number of incident response engagements, closely followed by healthcare and public administration.
With recent world events and evolving technologies reshaping and expanding the structure of how and where teachers teach and students learn — whether in hybrid, remote, or in-person — the situation has created a broader attack surface with potentially more vulnerability points for criminals to exploit. So, whether the attack targets are human, hardware or who knows what else, educational institutions need cybersecurity technology and processes in place to protect themselves from these risks.
Even before the COVID-19 pandemic accelerated the evolution of how learning happens, educational institutions at all levels were embracing cloud operating systems and applications for their efficiency and productivity advantages, and this will continue. But the cybersecurity needs between institutions varies and, therefore, so do the policies and their enforcement. Ideally, the policies and their enforcement have a minimally obvious impact when it comes to the speed and performance of whatever devices students and staff use to get their work done securely.
Key recommendations from CISA on how to manage security risk in education
A key finding published in the January 2023 U.S. Cybersecurity and Infrastructure Security Agency (CISA) report titled Protecting our Future: Partnering to Safeguard K-12 Organizations from Cybersecurity Threats is that “cybersecurity risk management must be elevated as a top priority for administrators, superintendents, and other leaders at every K–12 institution. Leaders must take creative approaches to securing necessary resources, including leveraging available grant programs, working with technology providers to benefit from products that are secure by design and default, and urgently reducing the security burden by migrating to secure cloud environments and trusted managed services.”
The need for effective cybersecurity risk management continues into higher education. Colleges and universities have excessively large attack surfaces due to students and staff being connected to web-facing assets, such as domains and sub-domains linking to sensitive internal resources, to online assets that have replaced the tangible textbooks of even just a few years ago, and to cloud applications used to produce and deliver lectures and homework. As noted in Educause Review’s Three Cybersecurity Facts Campus Leaders Should Know:
- Higher education networks are especially vulnerable to attacks because of the highly collaborative nature of research and scholarship
- Data security is the number two concern of campus leaders, behind enrollment
Chromebooks have become an appealing option for bringing all these factors together into a single management and user experience.
Cybersecurity challenges in the enterprise
In enterprises of all sizes, the desired outcomes are similar, but the circumstances are different. Sophisticated attacks can bypass traditional defenses daily, leading to costly breaches and compromised data.
For enterprise information security teams, having flexible, cloud-delivered security that combines multiple security functions that extend data protection to devices, remote users, and distributed locations anywhere can be invaluable toward addressing these security challenges. Converging these functions — notably DNS-layer security and secure web gateway protection — into an integrated solution can deliver management simplicity, along with a positive and undisrupted end user experience that enables continued high productivity.
Chromebook and ChromeOS: Often the device & operating system of choice for education, the enterprise & beyond
Given their lightweight footprint, robust productivity capabilities, and relatively low price versus alternatives, Chromebooks have become the recommended or preferred device (outside of tablets or mobile phones) of many enterprises and educational institutions for employees, students, and staff for not just secure connectivity and productivity, but also for a fast and high-performance user experience. But Chromebooks don’t provide this security and positive user experience on their own. The combination is the result of close partnership and collaboration between technology vendors like Google and Cisco.
Introducing Cisco Security for Chromebook
With finite security resources, enterprises and educational institutions alike need to invest in the most impactful security measures to significantly reduce risk. DNS-layer security is one of the quickest, most effective ways to improve your security stack.
Knowing which employees or students are sending certain DNS or web requests is imperative for creating and enforcing security policies and logging detailed information about their identities and their usage of cloud resources. Being able to block malicious domains, IP addresses, and cloud applications before a connection is ever established can be critical toward protecting against malware infections, the loss of sensitive data, or other cyberthreats.
The Cisco Security for Chromebook client — standard with both Cisco Umbrella and Cisco Secure Access — provides DNS-layer security for the entire ChromeOS, and secure web gateway (SWG) protection for the Chrome browser, giving organizations and their Chromebook users the expanded protection that they need. With DNS-layer security, organizations can detect and block threats such as phishing, ransomware and cryptomining. Cisco Security for Chromebook is a Chrome browser extension that leverages DNS-over-HTTPS (DoH) to provide enhanced protection and performance for Chromebook devices.
Cisco is Chrome Enterprise Recommended
Cisco is part of the Chrome Enterprise Recommended program. This program was created to help enterprises find technologies that make working on the web and in the cloud even better. From optimizing with ChromeOS to integrating with Chrome browser, enterprises can count on Chrome Enterprise Recommended partner solutions to support their workforces, wherever they work.
What to do next
No matter the size or type of your organization, Cisco Security for Chromebook quickly delivers unique benefits to information security teams and Chromebook users.
Learn more:
- Register for our Cybersecurity in Education: Protecting Chromebooks from Ransomware webinar
- Download our At-a-Glance: Cisco Security for Chromebook, which includes pointers to Cisco Umbrella and Cisco Secure Access deployment prerequisites information
