Nutanix Solutions Provide Assurance for a Secure and Compliant Digital Campus

April 12, 2021

Harsha Kotikela
Senior Manager of Product and Solution Marketing, Nutanix

With cybersecurity attacks on the rise, higher education institutions are increasingly vulnerable to Ransomware and other malicious infections. It can be challenging for these institutions to protect their educators and students when they’re consistently faced with a lack of resources and expertise in the area. IT departments, for example, weren’t expected to have the bandwidth of a full-fledged cybersecurity portfolio before COVID, which is necessary in today’s digitally-focused environments. Nutanix has identified four key priorities of the education industry to better understand its needs.

  • Transforming Academics: The mission for any educational institution is to transform academics to create leaders for the future.
  • Securing Students and Data: Ensuring that young learners and their privacy are protected.
  • Improving Student Services: Continuously increasing experiential learning to maximize student engagement in the classroom.
  • Modernizing IT: Improving technology resources and safety to provide efficient online education.

Data breaches, denial of service, spoofing or phishing and other threats have grown progressively more prominent since the transition to remote learning. Securing students and their data has become the most important concern among institutions. Nutanix recommends three cybersecurity practices relevant for on-prem and public clouds that organizations can use to improve security posture.

Practices

  • End Point Protection Systems: Leveraging micro-segmentation, virtualization strategies, application whitelisting or network access control assist with defending students as the end points of universities.
  • Identity and Access Management: Using multi-factor authentication for remote access and authorization, access governance support an institutions infrastructure.
  • Data Protection: Implementing advanced data loss prevention and mapping of data flows help prevent the vulnerability of the data itself.

Solutions

Set a foundation with Nutanix AOS and Prism:
  • Native virtualization and data-at-rest encryption
  • Role-based access controls (RBAC) and Identity and Access Management (IAM), including multi-factor authentication
  • Self-healing security configuration

Consider the end points with Nutanix Flow:
  • Network segmentation and application micro segmentation
  • Integrated partner solutions for deep packet inspection and threat intelligence
  • Policy and event logging for Security Information and Event Management (SIEM) integration

Provide Data Protection with Nutanix Files and Objects:
  • File type blocking policies, activity anomaly detection from file insights
  • Internet Content Adaptation Protocol (ICAP) support for antivirus
  • S3 compatible Write Once, Read Many (WORM) storage for critical data and backups

Understanding the Anatomy of Ransomware and how Nutanix undertakes it

Though there are hundreds of variations of Ransomware, they typically follow a similar kill chain process. An initialization vector is able to deploy a Trojan, for example, within your environment. These can exfiltrate data, perform key logging, capture browsing activity, save cookies, etc., and use this information to perform AD reconnaissance, ultimately leading to vulnerability among admin level accounts. Your environment can be compromised and ransomware can be executed unless there are safeguards in place. Restricting the capacity for an infection to spread will drastically reduce its impact.

With an ever-growing adoption of multi- and hybrid cloud infrastructures, creating that security perimeter may seem impossible. A perimeter allows us to understand how to apply security to our private data centers. However, applications have expanded past the constraints of the private data sensor. As the traditional methods of protecting applications through perimeters are becoming increasingly undefinable, policy makes way for a new approach to achieving security. To achieve policy-based security with a secure platform, Nutanix believes vendors should provide out-of-the-box, hardened products with self-healing capabilities to avoid risks and compromises.

With the concept of invisible security, Nutanix provides simplicity to addressing security in data centers, which allows institutions to be more proactive surrounding threats. First, applying deployment configuration management and security tools is made easy by supplying the means to deescalate misconfigurations. Then, security must be ubiquitous across an entire technology for the end user to benefit from an intrinsically secure architecture without further need for adjustments. Lastly, to be truly invisible in hybrid cloud systems and modern data centers, a Nutanix platform can autonomously self-correct. Nutanix takes the gravity of security for their customers a step further by exercising a tiered security strategy.

Nutanix’s 3-tiered approach for providing security

Nutanix can help mitigate some of the impacts of ransomware and other advanced cybersecurity attacks. At Nutanix our Security Development Lifecycle (SecDL) ensures the product you purchase is intrinsically hardened, derived from a set of Security controls that spans as many processes and certifications including NIST SP 800-53 standards. It also includes role-based access control, identity and access management, supports technologies for multifactor authentication, and allows users to microsegment their virtual infrastructure to stop attacks from spreading.

Nutanix implements a 3-tier security strategy—Prevent, Detect, and Recover. Today, the complexity of cybersecurity attacks grows rapidly and Nutanix understands that higher education establishments need the simplest solutions that directly address these situations. Some universities such as Texas A&M, Arizona State and Purdue rely on Nutanix infrastructure software to securely provide student and educational-based services. Nutanix’s 3-tier cybersecurity strategy enables these solutions.


Prepare for prevention from the start:
  • Prism RBAC with IAM integrations
  • Flow for network micro segmentation to reduce the scope of which infections can spread throughout your environment
  • Life cycle Manager for ‘1-click’ to simplify the process of updates and patches
  • Objects WORM Policy to support data protection policies when on Nutanix platforms

Help detect types of malicious activity:
  • Flow service insertion to add layer 7 inspection and thread detection
  • Prism Ops and X-Play for anomaly detection and automation
  • Policy hit and event log exports
  • File analytics and anomaly detection to help prevent the execution of ransomware

Achieve simple data recovery:
  • Hyper-converged infrastructure with native data protection and replication policy
  • Recovery planning, automation and testing with Leap
  • Integrated backup with Nutanix Mine

So that our customers know they’re getting the best solutions, the Nutanix suite of technologies has been measured and certified against many industry compliance standards such as ISO, SOC2 & SOC3, FIPS 140-2 for Encryption, Common Criteria, and FedRAMP.


Visit our site to learn more about Nutanix’s efforts for enhancing their features to manage evolving cybersecurity threats in the education industry. Take a test drive today.

View Our Free Resource to learn more about how Nutanix helps state and local governments embrace next-gen IT infrastructure.