Posts

Schools recognise the need for enterprise-grade firewalls

In recent years, the changes to regulations regarding data breaches in Australia has highlighted the importance of keeping data protected. The education industry has especially has recognised this need and has moved towards the use of new next-generation enterprise-grade firewalls at schools and colleges.

The need for this change has been accelerated since educational organisations are now considered in the top five targets by hackers.   This is because schools and colleges store sensitive data, including student’s medical records, parents’ and staff members’ financial and personal data. As an example, a data breach that occurred in June 2019 at a college in Western Australia. It’s not only external threats schools have to worry about either. As students become more tech-savvy and as video explanations on how to bypass a firewall become more abundant on YouTube, schools find themselves having to deal with internal threats as well.  This, combined with the fact that many schools have limited technical staff, creates a ‘breach’ recipe for disaster.

The large fines and reputational risk that schools face as a result of a data breach in Australia has led multiple schools to replace traditional, non-enterprise grade firewalls with more capable next-generation, enterprise-grade firewalls in order to meet the highest level of data protection requirements. The Governance and Risk Committees of many schools are now requiring enterprise-grade firewalls in their schools.

With so many firewalls available on the market, what should schools look for in a firewall?

  1. Firstly, the firewall should be a globally recognised next-generation enterprise-grade firewall. This means the firewall manufacturer has a large support and development team that allows it to quickly address any issues as they arise (and before they arise). The manufacturer should supply to a large and diverse range of Industries as this ensures visibility of the latest threats.
  2. The next-generation enterprise-grade firewall should be feature-rich and must be capable of SSL decryption, signature-based application control, user identification, web filtering and threat intelligence. Without these features, the school will have limited visibility of applications being used, will find it very difficult to assess how students are spending their time on the internet, no control over web content students can access and no ability to stop zero-day attacks.
  3. Enterprise-grade firewalls are consistently scrutinised for industry best-practice. Schools should review reports compiled by industry analysts, such as Gartner, who constantly assess and compare firewall providers and their capabilities. Gartner, for example, is known for their ‘Magic Quadrant‘ (figure 1 below). For a firewall provider’s firewall to appear on Gartner’s Magic Quadrant, their firewall must be subjected to Gartner’s rigorous testing and assessment.
  4. Schools who are not sure how their current solution compares can have it reviewed by an independent provider or cybersecurity auditor. Good providers will perform a security assessment by placing a next-generation firewall alongside the current solution to compare the two. Penetration testing with vendor-agnostic software in order to pinpoint the weaknesses.

Schools’ duty of care to their students extends beyond their physical wellbeing to their digital protection. Schools invest in good quality locks, security alarms and cameras for their physical facilities. In a similar way, they also need to make sure they take that one important step further and ensure they secure their staff, students and students’ parent data.

For more information, do not hesitate to contact your ICT provider or Saasyan on +61 2 8001 6632 / sales@saasyan.com.au.

Our next blog in this series will discuss “Now you have your next-generation enterprise-grade firewall, why you need to look beyond their layer 7 design to ensure the cyber wellbeing of your students.

 

Saasyan Assure

Figure 1. Magic Quadrant for Network Firewalls

How to achieve school system interoperability

With the consumerisation of IT and the omnipresent nature of data, schools are looking for ways to achieve digital transformation and provide better value to their students, staff and parents. Most schools rely on a multitude of systems to function on a day-to-day basis. These systems include management systems,  timetabling systems,  learning management systems,  web filtering systems,  student/parent portals and many more. The problem is that these systems were not designed for interoperability and data interchange and in effect, are siloed. Moreover, the vendors of these systems have little appetite for the major redesigns that are required to achieve out of the box interoperability. Even if they do have the appetite, they cannot possibly provide native integration with all other systems in existence. This means schools are forced to synchronise data across systems manually or attempt to develop patchwork fixes.

The difficulty of schools attempting to develop ways to glue systems together themselves is that it is both inefficient and expensive. An in-house developer would be required to create scripts and SQL queries to keep systems in sync, but such developers are scarce and costly. Furthermore, developers may switch jobs and they are often the only ones at the school who are able to troubleshoot problems and fix bugs. Off the shelf enterprise service bus (ESB) software is available – essentially an ESB provides the middleware to connect apps without rewriting them – however, these can be costly and only provide the building blocks whilst lacking the “glue” to serve as an end to end solution. The glue needs to be developed by in-house developers.

Saasyan Reciprocity is different in that it can help ease the burden of data interchange between apps. This turnkey solution enables various, otherwise siloed apps to share data, as the software is designed to overcome technological and coding language barriers. It can serve as a unified source of truth for the systems of record it aggregates. Using Reciprocity connectors, schools can synchronise data between multiple apps and can consume the aggregated data through a central, modern and easy to use RESTful API.

Saasyan complements the school’s resources and acts as an extension of the school’s team in dealing with the integration complexities and the ongoing evolution of the platform.

Saasyan Reciprocity is a fully integrated, fully supported end to end SaaS solution that can be run from anywhere and can tap into any data source. You can use Reciprocity on-premise, in the cloud, or both. What’s more, it’s designed to support all apps, SaaS, on-premise, modern or legacy, through lightweight connectors. Easy to configure thanks to the intuitive admin UI, no programming expertise is needed to operate Reciprocity.

Moreover, its open nature allows more tech-savvy schools to repurpose their existing IP or efforts and develop their own connectors. They can leverage the core and a combination of the connectors they have developed in house and connectors provided by Saasyan to achieve a range of business objectives.

There are a range of different uses for Saasyan Reciprocity in schools:

  • Syncing contacts from SIS (Student Information System) to email delivery platforms such as Mailchimp or SwiftDigital. This eliminates the need for manual exports and imports from the SIS into the email delivery platform.
  • Creating AD (Active Directory) users and populate AD groups based on records in the SIS. This has been traditionally automated using PowerShell scripts which may lack error handling capabilities.
  • Auto creating courses in the LMS (Learning Management System) based on courses in the SIS (Student Information System).
  • Syncing timetables and assignments to teachers’ and students’ Office 365 calendars in a similar fashion to Saasyan Tempus https://www.saasyan.com.au/products/tempus/.
  • Enabling push notifications to collaboration platforms such as MS Teams and Slack. These platforms have feature reach APIs which Reciprocity makes very easy to leverage.
  • Driving/configuring/enabling IoT (Internet of Things) devices.
  • Reciprocity can also serve as a data lake. It makes it easy for the school to gather data from various systems of record and make it available centrally so that it can be leveraged by a parents’ portal, a school-provided mobile app and many more solutions that are part of the digital transformation journey many schools have embarked on.

For more information please contact Saasyan on +61 2 8001 6632 / sales@saasyan.com.au

Maximizing value through school timetables and calendars

Have you thought about how you can integrate your school timetable and all of the different calendars and scheduling systems that you have at your school? Many schools today, have taken various measures to deliver better value to their users. Want to know how? Read on to find out.

Pushing students’ timetables to personal calendars

One of these approaches has been to push the timetable to the personal calendars of students through Office 365 or Google Calendar. This essentially ensures that the students have easy access to the timetable data anytime anywhere.  Even last minute changes will be reflected the students and therefore they have no need to login to other systems to view their updated timetable.

Pushing teachers’ timetables to personal calendars

Teachers’ timetables can also be pushed through to their personal calendars through Office 365/ Google Calendar. This will give teachers quick and easy access to their timetables and will to need to login to other systems to access the latest timetable details. This will also make scheduling meetings with teachers really convenient as the teacher’s calendars will be the single source for their free and busy times of each day.

Easy bookings based on the timetables

You will also be able to book rooms and halls based on the school timetables. The room resource calendars will be up to date and will be regarded as the single source for the free and already occupied slots for the halls and rooms. This will prevent overlapping bookings and miscommunication. To make it easier, room resource calendars can be used to display the room booking information on wall mounted display panels so that students and teachers can easily see when they will be occupied.

Access for parents

Parts of the timetable can be made available to parents through the school extranet or the parents’ portal. This will enable the school to enhance the extranet or the parent portal by adding instant and real-time updates on the timing of classes and any extracurricular events.

Integration with other systems

Timetables can also be made available to other systems. One example of this would be Saasyan Assure which uses timetable data to precisely map the web activity of students to the period and the class during which it occurred.

The above examples show how valuable timetable data is and how schools can benefit from making it more integrated and more readily accessible. It also demonstrates how this approach to timetable info can increase the efficiency and cut down on time-consuming manual administrative tasks. Schools will no longer need to dedicate time to compile and send emails to notify students, staff or parents about last minute changes.

Are you using an Enterprise Service Bus?

Are you using an Enterprise Service Bus to connect disparate systems?

Increased adoption of technology at schools has led to the proliferation of siloed apps. Problem is – these apps do not integrate well. Schools house several apps: a school management system, a timetabling system, a learning management system, a web filtering system, a student/parent portal etc. The list keeps growing.

Can schools benefit from a solution that makes it easy to glue systems together? This got me thinking of the concept of an enterprise service bus (ESB) for schools.

ESB is a communication system between software apps in a service-oriented architecture. It allows an organisation to connect disparate systems together. It performs the functions of protocol transformation, message modification, routing, logging etc. Essentially, ESB provides the middleware to connect their apps without rewriting them.

The idea of a central bus on which everything passes gives the opportunity for additional layers of abstraction. Using industry standards to “plug” other applications, clients, and such into this bus makes it so that connecting new services, data sources, and/or clients with disparate needs is relatively easy.

Stay tuned, there’s more to come.