Help Protect Your Institution’s Sensitive Data with a Comprehensive Security Approach

Cyberattacks Pose Unique Threats to Higher Ed

Great educators use technology to create engaging learning environments, but with cyberattacks on the rise, digital tools can quickly become a barrier to education rather than an enabler. While institutions responded to the pandemic with impressive resilience and adaptability, blended learning environments and the increased use of technology in the classroom give attackers more vulnerabilities to target. In the first half of 2023, education was the most targeted industry, with each education organization experiencing an average of 1,988 cyberattacks per week.¹

Higher education institutions are at particular risk of attack because faculty and students often use their own devices and complete their work in multiple buildings on and off campus, creating more opportunities for breaches. Additionally, many institutions conduct leading-edge research, which makes them a prime target for attacks. IT staff working to protect faculty, students, and valuable IP from attacks need to monitor for threats across many distributed devices and environments.

The Cost of Compromise

Attackers are exploiting vulnerabilities using more sophisticated attacks. Ransomware is one of the fastest-growing types of attacks, in which attackers deploy malware that locks an institution’s systems or data until the institution can pay the required sum of money. The education sector experienced the highest rate of ransomware attacks across industries in 2023, with 79 percent of higher education institutions reporting a ransomware attack, up from 64 percent in 2022.²
In a cryptojacking attack, hackers inject malware that lets them use a device’s resources without your knowledge. The malware runs in the background and could drain your performance for weeks or months before you catch it. Other rising classes of attacks include ID and credential theft, control-flow hijacking, and software supply chain attacks.
These attacks inflict severe costs on colleges and universities in terms of financial loss, recovery time, and reputation damage.

In a cryptojacking attack, hackers inject malware that lets them use a device’s resources without your knowledge. The malware runs in the background and could drain your performance for weeks or months before you catch it. Other rising classes of attacks include ID and credential theft, control-flow hijacking, and software supply chain attacks.
These attacks inflict severe costs on colleges and universities in terms of financial loss, recovery time, and reputation damage.

• Higher ed institutions hit by a ransomware attack spend an average of USD$1.06M to recover data.²
• Almost a quarter of higher ed institutions need one to three months to recover their data after a ransomware attack.²
• Eighty-eight percent of higher ed institutions hit by ransomware reported that they lost business and revenue as a result of attacks.²

Plan Your Comprehensive Security Approach

To protect your institution against complex attacks, a comprehensive security approach should include hardware-based security capabilities, strong security practices and consistent upkeep, and support for additional security layers where needed. To help you build your approach, we’ll walk through each step and share how a PC fleet built on the Intel vPro® platform can help protect your sensitive data while improving productivity.

Choose the Right Devices

When it comes to protecting your data, there’s no substitute for choosing devices that are secure from the silicon up. Traditional security solutions are software only and are designed to detect threats at the application and operating software (OS) layers. More and more, attackers are using advanced attacks to penetrate beneath the OS layer to attack your hardware, firmware, and hypervisors. These attacks—such as ransomware, cryptojacking, and fileless malware that hides in the memory layer—are often detected by software solutions only after extensive damage is done.
Hardware-based security enables visibility at the silicon level, helping to detect threats at both the software level and underneath it. The Intel vPro® platform uses built-in hardware-based security capabilities to help protect every layer of the computing stack:

• Advanced threat protections powered by Intel® Threat Detection Technology (Intel® TDT) use AI to boost security performance at the hardware level and offload demanding security workloads from the CPU to the Intel® integrated GPU. This enables software-based security solutions to scan more frequently to catch hard-to-detect threats such as ransomware, cryptojacking, and fileless attacks before they land and expand, without impacting user experience. In a recent study, Intel® TDT improved threat detection efficacy by 93 percent when detecting top ransomware attacks.³
• Application and data protections provide hardware-powered, virtualization-based security for applications and the operating system and help to protect login credentials and data in flight, at rest, and in use. This feature also provides performance enhancements.
• Below-the-OS security technologies protect memory in the BIOS against firmware attacks and enforce a secure boot at the hardware level. These features are set up by the PC manufacturer, so IT departments and users can use them right out of the box.

These comprehensive security capabilities are built into each Intel vPro® platform-based device to help IT teams proactively protect PC fleets from complex attacks while prioritizing faculty and student productivity. For instance, security capabilities on Intel vPro® for Windows-based devices can help reduce the attack surface by an estimated 70 percent when compared to four-year-old PCs⁴ and decrease major security breaches by 26 percent.⁵

Practice Good Security Hygiene

Once you’ve deployed your fleet, it’s important to ensure your device patches are updated and maintained. This can be especially challenging for colleges and universities battling pandemic-related labor shortages. Across campuses, IT departments are among the most understaffed, and 74 percent of campus leaders say hiring IT staff is a moderate or severe challenge for their institution.⁶

For managed IT environments, the Intel vPro® platform offers enhanced management capabilities. IT administrators can remotely power systems up and down to deploy security patching or threat remediation and use an out-of-band keyboard video mouse (KVM) feature to remotely take control of devices and unattended systems to deploy security patches. These features can help institutions manage and sustain security in distributed environments—such as library workstations or off-site research labs—with dramatically reduced time and effort. Beyond fleet upkeep, institutions can help keep data secure by encouraging faculty and students to use good security hygiene. While defending against sophisticated attacks is important, many attackers use lazy or quick tactics to breach security systems with the least effort possible. For instance, a recent study found that 45 percent of people on a university campus picked up and plugged in an unfamiliar flash drive, giving would-be attackers an easy avenue to sensitive data.⁷ Teaching faculty and students about basic security practices—such as frequent password changes and not engaging with suspicious emails—can help shut down many attacks.

Layer in More Services for More Protection

As the threat landscape evolves and attackers find new ways to get access to your data, in the future you may want to add additional security services or solutions to protect vulnerabilities unique to your institution. The Intel vPro® platform supports additional software out of the box, allowing you to easily adopt solutions from independent software vendors (ISVs) without changing your hardware. Additionally, Intel works with ISVs to provide a multilayer security approach.

Deploy a Comprehensive Security Approach with Intel

With sophisticated attacks like ransomware and cryptojacking on the rise, institutions need devices that offer hardware-enabled security capabilities, streamline good security practices, and are easily compatible with security ISVs. The Intel vPro® platform offers built-in, comprehensive security capabilities that help IT teams proactively protect their fleet at every layer of the computing stack.