WIXLIB

The Internet of Thingsin EducationImprove learning and teaching experiences byleveraging IoT on a secure foundationSolution BriefEducationIoTin Education

IoT fundamentally changes theeducation equationThe Internet of Things (IoT) has thepotential to transform education byprofoundly altering how schools,colleges and universities gather data,interface with users and automateprocesses. IoT refers to the networkingof physical objects through the use ofembedded sensors, actuators and otherdevices that can collect and transmitinformation about real-time campusactivity. When IoT is combined withtechnologies such as user mobilityand data analytics, it brings a newparadigm in education. IoT enablesinstitutions to: Create new ways for studentsto learn by supporting morepersonalized and dynamic learningexperiences such as immersivedigital textbooks and game-basedlearning. Change how teachers deliverlessons and test achievement withsmart audio-visual equipment,digital video recorders for lecturecapture, and online testing. Simplify operations for schooladministrators by proactivelymonitoring critical infrastructureand creating more efficient, costeffective processes for HVAC,lighting and landscape management. Provide a safer environment forstudents and teachers with digitalsurveillance cameras, smart doorlocks and connected school buses.IoT scenarios in educationIoT solutions promise to make schools and universitiessmarter as well as more successful at what they do.The IoT has the potential to redefine how students,teachers and administrators interact and connect totechnology and devices in classroom environments,helping enhance learning experiences, improveeducational outcomes and reduce costs. Examples ofIoT solutions for education include: Smart white boards and other interactive digitalmedia that can gather and analyze data for teachersand students for use in the classroom—or anywhereelse, at any time—optimizing instruction andimproving learning outcomes. Solutions such as smart temperature sensorsand smart heating, ventilation and air conditionequipment that reduce energy consumption andautomate operations management. Smart student ID cards, attendance-tracking devices,school bus tracking systems and parking sensorsthat monitor the physical whereabouts of students. Wireless door locks, connected surveillance camerasand facial recognition systems that provide securityfor teachers, students and staff. Research programs enhanced with more advancedand automated systems in major areas of study,such as medicine, agriculture and engineering.Solution BriefIoT in Education2

Challenges of IoTdeploymentThe IoT brings unprecedented flowsof data, presenting performance,operational and managementchallenges to the networkinfrastructure along with increasedsecurity risks from all end-points.To address these issues, networkadministrators at educationalinstitutions need to adapt traditionalnetwork designs to provide new levelsof network intelligence, automationand security.Schools and universities need a costeffective network infrastructure thatsecurely handles vast flows of data,but is also simple to manage andoperate. The infrastructure must: Provide a simple, automatedprocess for IoT device onboarding.Large IoT systems can containthousands of devices or sensors,and manually provisioning andmanaging all of these endpointsis complex and error-prone.Automated onboarding enablesthe network infrastructure todynamically recognize devices andassign them to the appropriatesecured network. Supply the correct networkresources for the IoT system torun properly and efficiently. Manydevices in the IoT system delivermission-critical information thatrequires a specific level of QoS.For example, some educational usecases require proper bandwidthreservations on a high performancenetwork infrastructure to ensureservice delivery and reliability. Provide a secure environmentagainst cyberattack and data loss.Because the many networkeddevices and sensors in the IoT leadto a corresponding abundance ofpotential attack vectors, securityis critical for mitigating risks ofcybercrime. Security is necessaryat multiple levels, includingcontainment of the IoT networksthemselves.Solution BriefIoT in EducationIT professionals are makingplans for more IoTIT professionals in a variety ofindustries are already planning forincreased use of IoT solutions in thenear future. According to the 451Research survey 2017 Trends inthe Internet of Things, 67 percentof responding IT professionals saidtheir companies had either alreadydeployed an IoT solution, or hadan IoT system in pilot. Twenty-onepercent of respondents said theircompanies planned to deploy IoTsolutions within 12 months, with 11percent claiming their companies’plans for implementing IoT were overa year away.3

The IoT compounds schools’ anduniversities’ exposure to cyber crimeThe growth of IoT in education also brings an explosion of cyber securitythreats, as the proliferation of sensors and connected devices greatly expandsthe network attack surface. IoT is especially susceptible because many IoTdevices are manufactured without security in mind, or built by companies thatdon’t understand current security requirements. Consequently, IoT systems areincreasingly the weak link for network security in educational institutions. An unnamed university’s network was attacked by its ownsystem of 5000 IoT devices, including connected vendingmachines and smart light bulbs, according the Verizon’s 2017Data Breach Digest. The hacked devices made hundredsof Domain Name Service (DNS) lookups every 15 minutes,causing the university’s network connectivity to becomeunbearably slow or even inaccessible.¹ White supremacists in 2017 hacked into networked printersand fax machines at a number of universities, includingUniversity of California, Berkeley, causing the machines toprint out racist propaganda.² The Mirai botnet, which crippled internet service throughoutthe U.S. East Coast and a large swath of Western Europe byremotely enslaving millions of IoT devices, began as a 2016attack on the computer network at Rutgers University. TheMirai software was designed to hijack poorly secured routers,security cameras and baby monitors.³Solution BriefIoT in EducationA Michigan high school studentwas caught in 2015 conductinga distributed denial of serviceattack (DDoS) that was designedto intermittently bring down theschool’s computing network. Thebotnet that caused the cyberattacktargeted networked IoT devicessuch as surveillance cameras androuters.⁴4

Building a secure IoTnetwork infrastructureProtecting IoT traffic and devices in school and university networks is a challenge that can’t besolved by any single security technology. It requires a strategic approach that takes advantage ofmultiple security safeguards.To help educational institutions take advantage of the benefits and mitigate the risks of IoTdeployment, Alcatel-Lucent Enterprise (ALE) provides a multi-level security strategy. ALE’s strategydelivers protection at every layer of the infrastructure, from the individual user and device out tothe network layer itself. It also provides an IoT containment strategy to simplify and secure deviceonboarding and deliver the right network resources to run the system properly and efficiently, all ina secure environment to safeguard organizations from cyberattack.IoT containmentIn-depth securityTo enable IoT containment, all users, devices andapplications within the ALE network are assigned profiles.These profiles, which define roles, access authorizations,QoS levels and other policy information, are relayed to allswitches and access points in the network.In addition to IoT containment, ALE networkingtechnologies provide layered security across multiplelevels of the network. Devices are placed in “virtual containers,” usingnetwork virtualization techniques that allow multipledevices and networks to use the same physicalinfrastructure, while remaining isolated from the rest ofthe network. In these virtual containers, QoS and security rules areapplied. By segregating the network with virtual containers, ifa breach does occur in one part of the virtual network,it does not affect other devices or applications in othervirtual networks. When a new IoT device is connected, the networkautomatically recognizes its profile and assigns thedevice to the appropriate virtual environment. Communication is limited to the devices within thatvirtual environment and to the application in the datacenter that controls these devices. Because all users also have profiles within the ALEnetwork, access to the IoT virtual containers can belimited to authorized individuals and groups. At the user level, profiles ensure users areauthenticated and authorized with the appropriateaccess rights. At the device level, the network ensures thatdevices are authenticated and compliant withestablished security rules. At the application level, the network can establishrules regarding each application or group ofapplications, including blocking, limiting bandwidthand controlling who can access which application. At the network level, ALE switches benefit fromsecure diversified code. It protects networks fromintrinsic vulnerabilities, code exploits, embeddedmalware and potential back doors that couldcompromise switches, routers and other missioncritical hardware. ALE smart analytics use deep packet inspection andother technologies to detect the type of data andapplications moving through the network, making itpossible to identify unusual network traffic patternsand unauthorized activity.IoT devices pose risks to assets across theentire network. By establishing containers viavirtual network segmentation, IoT devices andthe applications that control them are isolated,thereby reducing threats without the cost orcomplexity of separate networks.Solution BriefIoT in Education5