Page 19 - AASBO EDGE Summer 2023 WEB
P. 19

Zero Trust Has Emerged in Post Pandemic Security

        CONTINUED FROM PAGE 16




        In addition, roles for employees need to be tightly  Another  step:  Gather  and  actually  analyze
        controlled, and different roles should have clearly  security log events. ”Zero trust, just like any
        defined responsibilities that keep them restricted  other cybersecurity framework, requires constant
        to certain segments of a network.                      analysis to find its weaknesses and determine
                                                               where  to  reinforce its  capabilities,”  he  said.
        A third step calls for extending the principle of  “There’s a lot of data generated by cybersecurity
        least privilege to the firewall. Chuan explained:  systems, and parsing it for valuable information
        “Zero trust isn’t only concerned with users and the  can be difficult.”
        assets they use to connect to a network. It is also
        concerned with the network traffic they generate.  According  to  Chuan,  Ricoh  recommends  using
        The principle of least privilege should also be  Security  Information  and  Event  Management
        applied to network traffic both from without and  software to do a lot of the analytics legwork,
        within a network. Firewalls were designed to keep  saving time on the tedious parts so IT leaders can
        others out. Now they need to do a lot more. They  do more planning for future attacks. He added that
        need to be contextually aware of the traffic.”         remote monitoring of network infrastructure by a
                                                               trusted provider can also support this requirement.
        Chuan noted that security cameras store images  Chuan advised AASBO members: “People in this
        and could be hacked, sending information  room are going to have to do something. Schools
        elsewhere. “A firewall needs to stop that and alert  are targets. Unfortunately, hackers know schools
        someone,” he said. “Establish firewall rules that  are not on the leading edge of technology, which
        restrict network traffic between segments to only  has to do with funding and budgets. That’s what
        those absolutely needed to accomplish tasks. It’s  makes you most vulnerable.”
        better to have to unblock a port later than to leave
        it open from the get-go and leave an open path for  He  reminded  AASBO  members:  “What’s  most
        an attacker.”                                          important is how do we improve student outcome
                                                               so they can contribute later on in life.”
        Chuan said firewalls should be contextually
        aware  of  traffic.  Rules-based  firewall  setups  Chuan also recommended: “Before you buy tools,
        aren’t enough. He asked: What if a legitimate app  before you do an RFP, get an evaluation. You’ve
        or  Internet  of  Things    (IOT)  device  is  hijacked  got to ask for the right things that schools actually
        for nefarious purposes, or a DNS (Domain  need. Have an evaluation before you go shopping
        Name Service) spoof sends a user to a malicious  so you don’t invest in what we call dust shelf-ware.”
        webpage?
        “To prevent problems like those, it’s essential to  Joseph Chuan can be reached at: Joseph.Chuan@
        make sure your firewall is looking at all inbound  ricoh-usa.com
        and outbound traffic to ensure it looks legitimate
        for an app or device’s purpose as well as checking
        it against blacklists, DNS rules, and other data,”
        Chuan said.




                                                                                                                 19
   14   15   16   17   18   19   20   21   22   23   24