BYOD - Protecting Your School


Published on

The U.S. Dept of Education suggested in their 2010 National Technology Plan that schools begin to implement BYOD programs. But, a data security plan must be put in place for a BYOD program to be successful. Find out how Sophos UTM Wireless Protection can protect your school's network.

For more on Sophos UTM, visit:

  • Be the first to comment

  • Be the first to like this

No Downloads
Total views
On SlideShare
From Embeds
Number of Embeds
Embeds 0
No embeds

No notes for slide
  • What is BYOD – BRING YOUR OWN DEVICE- Used to describe the practice of allowing personal technology (laptops, Ipads, phones, etc…) access to privileged resources such as networks and/or data. Allowing personal devices to be used in this manner offers flexibility to the employees and can provide real cost savings to the business. - To ensure that this data is not lost and to ensure employees are using resources appropriately BYOD policies often include the use of Endpoint and Mobile Device Management solutions. This presentation focuses on parts of BYOD that are often of the most concern to educational organizations.
  • Part of the reason many schools are implementing BYOD programs is that it was suggested by the U.S. Dept of Education in their 2010 National Technology Plan. “The goal is to ensure that every student and educator has at least one Internet access device and appropriate software and resources for research, communication, multimedia content creation, and collaboration for use in and out of school. These devices may be owned by the student or family, owned by the school, or some combination of the two. The use of devices owned by students will require advances in network filtering and improved support systems.”
  • - In preparing for a BYOD program the infrastructure must be confirmed. Questions concerning roles, responsibilities, acceptable devices, funding, training, and parents’ opinions need to be answered. - Other considerations include goals for the policy, degree of control, and purchasing/supporting of devices.- Lastly, but equally important are, technical, privacy, and security considerations, administrative considerations, and legal considerations.
  • Some infrastructure questions: Do we need to add new equipment and how much will it cost? How will it connect to my existing systems? If I can use existing equipment does it have the proper features to ensure success? What effect will this new project have on existing network traffic and overall security? Many schools not only have tight IT budgets, but also limited IT staff who are reluctant to open the floodgates and welcome many unknown devices onto their network.
  • Staff acceptance is another important consideration. Some teachers may be intimidated by new technology, and reluctant to BYOD. A possible solution is to hold an event prior to rolling out BYOD for staff so they could see and touch various devices, (phones, tablets, etc..) and discuss ideas on how they could be used in the classroom.
  • The Sophos UTM Wireless solution is designed to provide simple, secure wireless connectivity to users. The solution consists of plug and play access points and the Sophos UTM controller.
  • - This slide shows our Access Points (the AP 10 on the left and AP 30 on the right).- The AP 10 is for up to 10 users with a maximum throughput of 150 Mbit/s. This WLAN solution is directed towards smaller office environments.- The AP 30 is for up to 30 users with a maximum throughput of 300 Mbit/s. This PoE aligned Access Point is available in the design of a smoke detector for a ceiling mount and is directed towards larger office environments.This appliance covers higher requirements for amount of users, signal reach and performance.
  • 3 operating-modes:- Disclaimer-page- Password of the day-WiFi-ticket management
  • Summary
  • -Cover small networks and remote locations with up to 10 users to large networks with up to 5000 users.- Software can be also installed on your own servers.- The same set of security applications, including features such as Active/Active Clustering, WAN Uplink Balancing or Active Directory Integration, is available on all Sophos UTM models.- Everyhardware appliance contains an integrated hard drive for local spam quarantine and log/reporting information.- The UTM525 and 625 models offer the highest availability through a redundant hard drive and power supply.
  • BYOD - Protecting Your School

    1. 1. BYOD - protecting your schoolPrepare your school’s network with Sophos UTM Wireless Protection
    2. 2. Agenda Q&A What is BYOD? How Sophos BYOD UTM can help Agenda Benefts BYOD Concerns & Preparation Considerations2
    3. 3. What is BYOD? • General term which may mean different things to different people • Big topic that covers more than just technology • Most people agree it means allowing personal devices to access business networks • Also used to describe programs where equipment is provided (1:1 initiatives) • BYOD concerns relate to both policy and infrastructure • Today, we’ll focus mostly on infrastructure concerns3
    4. 4. BYOD Benefits to SchoolsWhy the trend? • U.S. Department of Education suggested BYOD in 2010 National Technology plan • • Technology may enhance: • Creativity and Innovation • Communication and Collaboration • Critical thinking, Problem solving, Decision-making • Present concept of Digital Citizenship • Tech skills are essential for modern life and business • BYOD may save money • On equipment, apps, and management4
    5. 5. BYOD PreparationsWhat should you be thinking of if you’re planning a BYOD initiative? • BYOD Policy • What are we trying to accomplish? • What’s acceptable use for equipment and network? • Infrastructure • What do we need to support the policy? • Do we have the proper equipment or do we need to purchase? • Impact on community • Are teachers prepared to use and maybe support devices? • Privacy concerns, can all students afford devices, do parents support, etc…5
    6. 6. BYOD Infrastructure ConsiderationsThe Network • How many new users/devices are you adding onto your network? Twice as many? 3 times? • Will your current network handle that traffic? • What are the security risks? (How can we ensure that Guest and/or BYOD traffic is segregated? • Will current network and web security solutions be able to support BYOD policy? • How much extra work is this going to be for IT staff?6
    7. 7. BYOD Infrastructure ConsiderationsThe Network • Network & Web Security equipment should provide (at least): • QOS functionality to shape bandwidth • Content filtering to enforce CIPA • Application Control (Next Generation Layer 7 Firewall) • Ability to scale as demands increase • Reporting7
    8. 8. BYOD Infrastructure ConsiderationsYour Wireless solution and its capabilities • Does it support multiple SSID’s (wireless zones)? • What security policies does it offer? • What levels of encryption does it offer? • How easy it is to add capacity? • What are the Guest capabilities? • How much work for staff to deploy and manage?8
    9. 9. BYOD Infrastructure ConsiderationsYour Wireless solution and its capabilities • Wireless Solution should provide (at a minimum): • Multiple Wireless Zones • At least WPA2 encryption • Ability to integrate with security solutions • Usage reporting • Guest Options9
    10. 10. How can Sophos help with BYOD? • Sophos Mobile Device Management solution • Sophos Endpoint protection for Laptops • Sophos UTM Wireless Protection10
    11. 11. Sophos Wireless Protection • Easy deployment of Access Points • Simple setup and management of zones • Enterprise level encryption • Configurable Guest options • Integrated protection via UTM security suite • Easily scales to meet increased demand11
    12. 12. Sophos UTM Wireless ProtectionComponents Now also available Sophos AP 5012
    13. 13. Sophos AP 10 / AP 30Plug and Play Access Points for classrooms AP 10 AP 30 • Up to 10 users • Up to 30 users • 150 Mbit/s throughput • 300 Mbit/s throughput • 1 x 10/100 Base TX • 1 x 10/100 Base TX • IEEE 802.11 b/g/n • IEEE 802.11 b/g/n • 1 x detachable dipole antenna • 3 x internal antennas • Power consumption: < 8 Watt • Power consumption: < 8 Watt • Desktop/wall mounting • Desktop/ceiling mounting • Power over Ethernet (IEEE 802.3af) PoE-Injector included!13
    14. 14. Sophos AP 50Plug and Play Access Points for common areas • Dual-band/dual-radio access point • IEEE 802.11 a/b/g/n support • Support for up to 50 users • 300 Mbit/s throughput • 1 x 10/100/1000 Base TX • PoE+ compatibility (IEEE 802.3at) • Power consumption: < 10 W • 2 x 2.4G/5G detachable antenna • Desktop/wall mounting PoE-Injector included!14
    15. 15. Centralized ManagementBuilt-in wireless controller Sophos UTM15
    16. 16. Easy installation Guest Sophos UTM Staff Student16
    17. 17. Guest Portal Hotspot supportMost flexible UTM basedHotspot solution• Manage temporary Internet Access for guests• Options for:  Configurable Usage agreement and logos  Automatic ‘Password of the day’  Quota’s on time and usagePart of UTM Wireless Subscription17
    18. 18. Flexible access for the entire organizationSophos Access Points can be placed anywhere in your organization.Easily create multiple separate wireless zones.18
    19. 19. AdvantagesSophos UTM Wireless Protection Easy installation and management • Centralized configuration (all work done via UTM GUI) • Plug and Play Access Point simplify deployment Secure and reliable • Integrated UTM security for wireless devices • Best protection for wireless connections (separate zones, isolate client connections, configure quota’s) Flexible access • Easy Internet access options for guests • Multiple SSID support for varying levels of access19
    20. 20. Integrated securityOnce connected to the UTM easily integrates with other security features Strong Encryption Sophos UTM Integrated UTM Security20
    21. 21. UTM Security featuresOptional Subscriptions provide the security features you want UTM Endpoint Protection Antivirus • Antivirus • HIPS • Device Control UTM Wireless UTM Network Protection Protection optional • Intrusion prevention • Wireless controller Essential Network • IPSec/SSL VPN & RED • Multi-zone (SSID) support Firewall • HTML5 VPN Portal • Captive Portal • Reporting • Stateful firewall • Network address translation • PPTP/L2TP remote access UTM Webserver UTM Web Protection Protection • URL filter • Reverse proxy • Antivirus & antispyware • Web application firewall UTM Email • Application control • Antivirus Protection • Reporting • Anti-spam & -phishing • Dual virus protection • Email encryption21
    22. 22. Sophos UTM fit any size network Hardware Multiple UTM 110/120 UTM 220 UTM 320 UTM 425 UTM 525 UTM 625 Appliance + RED Small Medium Medium Large Large Large Large networks Environment network network network network network network + branches Network ports 4 8 8 6 & 2 SFP 10 & 4 SFP 10 & 8 SFP Multiple Max. recommended 10/80 300 800 1.500 3.500 5.000 10.000+ firewall users Max. recommended 10/35 75 200 600 1.300 2.000 5.000 UTM users Software Appliance * Runs on Intel-compatible PCs and servers Virtual VMware Ready & Citrix Ready certified Appliance * Runs in Hyper-V, KVM, and other virtual environments *Pricing based #IPs/Users22
    23. 23. ResourcesQuestions? • National Educational Technology Standards • schools/23
    24. 24. Staying ahead of the curve US and Canada 1-866-866-2802 NASales@sophos.com