With digital transformation, schools and universities have increasingly been the target of cyberattacks. Lower resources, and the vast amounts of sensitive data about students, parents, and staff have made them targets for criminal organizations. Through phishing, ransomware, and malware outbreaks, these groups demand ransom payments to unlock encrypted data or restore access to critical administrative and student systems. Politically motivated groups can also attack schools by disrupting educational processes and administrative functions.
In February 2022, while relying on a global endpoint, detection, and response (EDR) solution, South East experienced this firsthand. A large-scale incident compromised staff credentials and sensitive data, underlining the need to speed up its quest to obtain better cybersecurity. An audit firm assisting the recovery process then put the school’s IT team in contact with SentinelOne to transform its cybersecurity approach and protect critical information assets.
Crippled Operations
“Fortunately, we were not held for ransom,” Brian Belinsky, Manager of Information Systems at South East Cornerstone Public School Division, says. However, the breach had significant operational consequences as the school was forced to disable its virtual private network (VPN), disrupting the staff’s remote access for over 18 months.
Initially, the school could only run essential services for both staff and students, along with some applications through the provincial school information system. Still, this limitation drastically reduced the range of services and applications, affecting students’ academic activities and impacting their lives.
When the attack happened, the school was in the middle of improving its cybersecurity stance. An audit firm was brought in to promptly assist the IT team in mitigating the breach, initially discovered during a penetration test—a simulated attack performed on a system to evaluate its security. The school issued a request for proposal (RFP) for a comprehensive security operations center (SOC) solution that included network detection and response (NDR), network monitoring and response (NMR), and endpoint detection and response (EDR) capabilities. “Based on the firm’s recommendations, we decided to replace our solution with SentinelOne to enhance our security posture,” Brian explains.
Quick, Easy Roll-out
The audit firm managed the initial deployment of SentinelOne’s Singularity Endpoint across 7,000 computer endpoints and 200 mobile devices in a matter of days. The integration with the NDR solution was smooth, and the system soon operated flawlessly. “This combination significantly streamlined our operations and improved our security posture.”
With Singularity Endpoint, the school could leverage artificial intelligence (AI) capabilities to better defend from cyberattacks at the endpoint itself, while integrating threat intelligence, and detection and response capabilities all in a single platform.
Brian’s team could reduce manual effort by simplifying cybersecurity management and operational workflows and put themselves in a better position to quickly address and mitigate security incidents.
SentinelOne’s comprehensive solution also included SentinelOne Singularity Mobile, an AI-powered mobile security solution designed to provide autonomous threat protection, detection, and response for iOS, Android, and Chrome OS devices. “We had to protect both corporate cell phones and personal devices with multi-factor authentication (MFA) to access our internal system. We looked at various vendors and found SentinelOne Singularity Mobile to be the best fit.” Initially, the school deployed the solution to about 200 corporate users and 1000 personal devices with no issues—Brian expects greater adoption from personal users soon.
Deploying Singularity Mobile enhanced the school’s protection by providing additional connectivity with existing data security applications, data sources, and centralized management systems (CMS). The unique data analysis capabilities for real-time threat detection, user behavioral analysis, and predictive analytics allowed Brian’s team to obtain deeper insights into the security environment and help the school better understand and mitigate risks. This helped it build a more robust and proactive defense strategy.
Increasing cybersecurity in the school posed a challenge in terms of internal stakeholders’ awareness and compliance. “Many experienced educators view technology as an ancillary tool rather than understanding its broader implications. We’re fortunate to have SentinelOne showing us the depth and range of services that it can mitigate so we can really up our game.”
A Safe Online Environment for Students
“For us, the true benefit of SentinelOne lies in the peace of mind it provides,” Brian says. “Without it, the anxiety and uncertainty about whether sensitive information is protected would be significant. SentinelOne helps us ensure that our data remains secure, allowing me to rest easier at night. While many of our end users might not be aware of the specifics, knowing that their information is safe is crucial.”
SentinelOne allows Brian’s team to carry out its mission of creating a secure environment and protecting data among all stakeholders, especially students. Cyberattacks can take down school networks and online learning platforms and disrupt their educational activities. This has a significant impact on students’ education, particularly in a world where online learning has become prevalent.
Also, educational institutions are subject to various legal and regulatory requirements to protect student data, such as the Family Educational Rights and Privacy Act (FERPA) in the United States. Failure to protect data adequately can result in legal consequences and loss of funding, a critical aspect of K-12 schools like South East Cornerstone.
