U.S. School District Prevented Insider Threats

In 2022, a large public school district in Texas with over 75,000 students was given a grade of “A” by the Texas Education Agency. A leader in educational excellence, the district provides unparalleled learning experiences designed to prepare and inspire each student to live an honorable, fulfilling life. To that end, the district’s Technology Operations department is focused on creating and sustaining a best-in-class infrastructure to securely accommodate the current and next generations of digital content and tools for all stakeholders. When the department’s new cybersecurity lead recognized a weakness in the district’s security approach, Akamai Guardicore Segmentation helped fill the gap.

The Texas school district had traditionally relied on firewalls and geofencing to keep its IT environment safe from external threats. However, it lacked a way to prevent internal threats — specifically, insiders with malicious intent. “If they could access one system, it would have been easy for them to access every other system,” explained the Manager of Systems Engineering for the district.

Lacking visibility into legitimate communications between internal systems, the school district was unable to stop illegitimate, malicious east-west traffic. Recognizing the threat this posed, the Technology Operations department — comprising network engineering, systems engineering, and cybersecurity — understood the need for a comprehensive solution to mitigate risk. “We would be remiss if we didn’t put in place a solution to ensure the full security of the information associated with our students and staff,” the manager continued.

After evaluating its options, the school district selected Akamai Guardicore Segmentation. “It was one of the better solutions on the market,” the manager said.

The Technology Operations department audited its environment to identify the applications and systems to be protected by Akamai Guardicore Segmentation. “We started with our tier-one applications, but the mandate was to protect all of them with the solution,” the manager continued.

Guided by Akamai, the district easily and quickly ringfenced priority applications — including Active Directory and SQL Server — with precise segmentation policies to eliminate unwanted data flows between systems. The auditing and deployment process fostered cross-functional collaboration. “It was a group effort to determine how we would label devices, build out ringfences, and more. In that way, Akamai Guardicore Segmentation gave us common ground for working together closely.”

Once a ringfence was in place, the school district was alerted to potential issues. “No traffic could get through unless we allowed it,” explained the school district’s Manager of Systems Engineering. As a result, the district felt assured the Akamai solution was immediately protecting those applications.

“Once we had a sense of traffic to and from an application, we would move to blocking mode if necessary. Akamai Guardicore Segmentation provides a straightforward pathway to phase in protection across our environment,” the manager said.

Though some applications are not candidates for ringfencing, the school district still benefited from newfound visibility into communications between those applications and others, such as Active Directory. All groups within the Technology Operations department can see data flows from and to any application that is ringfenced, essentially gaining visibility into what is happening with all systems in the environment. “Akamai Guardicore Segmentation provides an up-to-date view of how things are running and a simple way to identify unwanted traffic. Moreover, we can easily configure the solution to allow or block traffic as necessary,” said the manager.

That visibility enables the network engineering, systems engineering, and cybersecurity teams to work together as needed to address issues as they arise. “When we are alerted to suspicious traffic, the Akamai solution provides the context we need to come up with a resolution that prevents what is unwanted while ensuring our environment operates as needed,” the manager explained.

According to the school district’s Manager of Systems Engineering, Akamai Guardicore Segmentation is continually helping to thwart cyberattacks: “Malicious IP addresses hit our systems on a regular basis. The Akamai solution provides a view into unusual activity — such as unusual port activity on a web server — empowering us to block access and potential attacks.”

Plus, by working seamlessly with other security tools, Akamai Guardicore Segmentation further elevates the district’s security stance. For instance, the school district uses a privileged access management (PAM) solution to provide outside vendors with needed access to specific systems. Rather than allowing Remote Desktop Protocol (RDP) access to those servers, the district requires its engineering department to use the PAM solution to remotely manage servers. And Akamai Guardicore Segmentation helps prevent that RDP access.

As the school district’s Manager of Systems Engineering explained, this combined security measure prevents people from remote desktopping into servers, as was possible in the past: “By using the Akamai solution to block RDP access, we can ensure no one remotely connects to our server environment.”

To date, the school district has implemented Akamai Guardicore Segmentation on 375 of its 500 existing servers, and it plans to protect every application possible with the microsegmentation solution. “We are constantly rolling out new applications — sometimes as often as one per week — and from the get-go, we secure them with the Akamai solution. This gives us more confidence as we deploy new apps since Akamai Guardicore Segmentation enables us to visualize how our apps are working and communicating,” concluded the district’s Manager of Systems Engineering.