Network for Learning helps students and teachers stay safer and more secure online with Elastic ​Security

The digital world plays an essential role in the everyday lives of young people. Providing children and teenagers with access to technology offers a multitude of benefits such as expanding their educational opportunities, fostering creativity, and enhancing their social interactions. Despite its benefits, it also brings about significant dangers such as cyberbullying, sextortion, and privacy breaches. In today's digital age, it is crucial to prioritize online safety and minimize potential harm.

Network for Learning (N4L), a Crown-owned (government-affiliated) organization, plays a critical role in helping provide safer digital environments for more than 2,450 New Zealand schools, and helping protect approximately 900,000 users. N4L's Managed Network internet services—which include advanced firewall services, managed Wi-Fi, and email security—can adapt to fast-changing online behavior. Clayton Hubbard, Head of Architecture, highlights the consequences of cyberattacks, emphasizing the importance of protection of student data.

"A successful cyberattack could lead to reputational damage, financial losses, and the theft of private data."

Criminals might attempt to steal student profiles to create fraudulent online identities.

"Supporting the protection of student data is at the heart of what we do," says Hubbard.

By prioritizing security and performance through Elastic Security and Elastic Observability, N4L is helping build a safer digital space for learning, helping protect against potential threats and creating a more secure environment for students and educators.

To stay one step ahead of cyber criminals, N4L relies on log data such as unauthorized network access, network traffic, and application data. "Logs need to be visible, available at scale, and quick to access so that we can alert schools to suspicious behavior and help them respond proactively," says Hubbard.

Before deploying Elastic, log gathering was a largely manual and time-consuming process involving simple data integration, tooling, and scripts. When remote learning became more common amid the pandemic, N4L knew it was time to adapt to the challenges of more attack vectors and novel threats.

To provide comprehensive security for schools, N4L turned to Elastic, among other solutions it employs across the network. It was already using the free and open version of Elasticsearch and saw the opportunity to extend Elastic across all its data platforms. This led to the deployment of Elastic Observability and Elastic Security on Elastic Cloud Enterprise. Together, they provide a comprehensive enterprise SIEM solution for New Zealand schools.

The Elastic environment now pulls in multiple terabytes of data every day and handles more than 300,000 events per second. "We can bring data in from multiple log sources, enrich it, and pull the answers that we need," says Hubbard. "When you think about the number of users and attack surfaces across thousands of schools, Elastic is the glue that holds everything together." Hubbard also calls out the versatility of Elastic, including searchable snapshots which reduce reliance on costly 'hot' storage.

The deployment of Elastic Security has massively accelerated search and detection times. Hayden Brown, Head of Security Operations Centre, N4L, compares Elastic with the previous system where it could take several minutes or longer to complete a search. "In the past, we'd send a query, go for a coffee, and wait for the results. With Elastic, the search page comes back in a matter of seconds," he says.

Brown also recalls a cyber-attack on the 3CX phone software used by many New Zealand schools. "With Elastic, we were able to see who was using the software and who was targeted, then contact them immediately to help resolve the issue. What would have previously taken a couple of days actually took less than a few hours," he says.

With rapid insights derived from log data, N4L can assess and review software including the latest messaging apps used in schools. It can also spot trends in a small group of institutions and use this information to scale up a response across the entire school network. As a result, 95% of schools now comply with N4L's safe and secure internet settings standard, while N4L has a 91% satisfaction rating from its customers. "Have we seen massive benefits with the deployment of Elastic? Yes! In terms of speed and scale, it is leaps and bounds beyond what we had a few years ago." says Hubbard.

N4L uses Elastic Observability to optimize application performance in containerized environments. "One of the biggest challenges is the visibility of the code that powers our applications," says Hubbard. "In the past, if there was an error, the DevOps team had to run lengthy investigations, from opening code repositories to debugging logs and testing a solution."

It's also much simpler for N4L to visualize observability data using Kibana dashboards. Hubbard says, "In previous roles, I've pulled information into spreadsheets, but looking at long blocks of text is a bit like staring at the waterfalls of data in The Matrix movies." Data visualizations provide greater clarity and make it easier to communicate with schools and internal customers, even if it's just a screen grab of a chart or table. Additionally, N4L's newfound ability to assist in evidence-based decisions direct focus and value to the necessary areas.

N4L will continue to work hard to provide New Zealand schools with more robust security well into the future. Elastic’s technology is the cornerstone of this approach, but the Elastic team’s support also plays an important role. Brown says, "The great thing about the people at Elastic is that they understand our business goals, not just our technology." Day-to-day communications are fast and unambiguous. "The Elastic team, with our dedicated technical architect and customer success manager, quickly provides us with responses on a call within minutes. The technical expertise and willingness to go the extra mile is amazing," he adds.

But for all the talk of software roadmaps, lines of code and technical account teams, Hubbard and Brown always return to the primary purpose of N4L, which is to support the work of teachers and provide a safer learning environment for students. Brown says, "With Elastic, we can help teachers get on with their main job of providing a great education to the children of Aotearoa New Zealand. Giving them the tools to support that goal is what gets me out of bed in the morning."

In their mission to continue creating a secure and highly performant environment for students and educators, Hubbard and Brown are also keeping a close eye on the latest artificial intelligence features in Elastic, including Elastic AI Assistant for Security and Observability. It uses generative AI to enhance security and observability workflows and provide automated explanations for complex information. Envisioning a future of AI-powered tools holds the potential to better strengthen the broader security landscape, helping to protect schools from the future threats they may face.