DNS-based filtering is vital for the safe provision of Internet access on college campuses - one place that offers Wi-Fi across the entire campus. It’s offered to guests, students, and faculty, which could be thousands of users connected to the university’s network. While many businesses have open Wi-Fi for customers only, university’s have the unique challenge of offering Internet access to thousands of people who could be using it for malicious purposes. For this reason, universities are major targets for attackers who use Wi-Fi services to exploit weaknesses and gain sensitive data from students and faculty.
Some users that don’t trust free public Wi-Fi might feel more secure on university Wi-Fi assuming that administrators are better at securing the network than a general business. Although this might be true at some universities, this false sense of security can represent a vulnerability for other universities. It can also be a reason attacker’s target university Wi-Fi. On a business Wi-Fi network an attacker usually only has a few possible targets. On a university’s Wi-Fi network, an attacker has potentially hundreds of vulnerable users to choose from and scans can be run all day, any day of the week.
On campus, attackers aren’t limited to just one computer or device. Oftentimes users (students, staff or visitors) will use multiple devices on an ongoing basis including laptop, tablet, smartphone, connected using just one account. An attacker can scan the network using custom tools or open-source free downloads such as Wireshark or Network Miner. It only takes one vulnerability for an attacker to upload malicious content or steal sensitive data.
Using these tools, an attacker can intercept and eavesdrop on data. If a user is connected to a server with poor encryption protocols, the data can be decrypted and read in plaintext form. Other attacks include phishing attacks using various techniques such as XSS or session hijacking.
Users can take the necessary steps to protect data, but the university must also provide the right cybersecurity, monitoring and filtering to stop attackers when they connect to the network. Users should always check that a connection to an application server is using HTTPS, but sites that use poor security algorithms leave users vulnerable. Attackers can still decrypt messages used with weak algorithms. Although users must take responsibility for their own cybersecurity and data safety, universities hosting public Wi-Fi systems should also add necessary protections for users. University storage contains much of the personally identifiable information for students and faculty, so any Wi-Fi network should be separated from the internal network.
It’s not only personal information that hackers are interested in acquiring. Universities are research institutions. Some of the discoveries being made and products being developed are valuable. Many private companies, individuals, and even foreign governments are keen to access the information stored on University networks. Wi-Fi networks are often seen as an easy way to gain access to login credentials and to install malware on university networks. Instead of allowing any activity on university Wi-Fi, administrators should take proactive control of the types of traffic allowed on the network and blacklist websites and applications. This administrative control can be implemented using cloud-based, DNS solutions that block websites based on a list of IPs blocked by Wi-Fi administrators.
With DNS-based solutions, Wi-Fi administrators can add a layer of security between any connected user and the Internet. Any IP address on the blacklist will be blocked when users attempt to access these disallowed applications. Because the solution is based on DNS lookups, network performance speeds up due to a reduction in disallowed content downloaded on the Wi-Fi network. Users connecting to content from the Wi-Fi network always perform a DNS lookup from a browser, and it’s this lookup where filters are added so users cannot bypass cybersecurity methods.
Providing a safe environment for all users is vital on a university network. The massive amount of sensitive data contained in network traffic is valuable to attackers, and the increased number of users and devices connected to Wi-Fi makes universities a prime target for malicious activity. DNS-based Filtering Solutions stops much of the content and malicious activity that exhausts bandwidth and reduces performance for legitimate user traffic. TitanHQ’s cloud-based cybersecurity solutions for Wi-Fi provides convenient, bulletproof protection for your users.
Contact us today for further information on our web content Wi-Fi filter for universities.
Sign-up for email updates...