Shielding students from 13M security threats a month
Helping prevent significant school disruptions by intercepting more than 10M combined security and safety blocks daily.
Achieves 91% customer satisfaction rating
N4L achieved a 91% customer satisfaction score with the help of Elastic technology.
Reduces security response times from days to hours
With Elastic's dynamic data analysis, N4L can help mitigate risks to students by reducing response times for a security attack from days to hours.
By implementing Elastic Security and Elastic Observability, N4L maintains a proactive stance against cyber threats and helps support a safer, more secure online environment for educators and students across New Zealand.
The digital world plays an essential role in the everyday lives of young people. Providing children and teenagers with access to technology offers a multitude of benefits such as expanding their educational opportunities, fostering creativity, and enhancing their social interactions. Despite its benefits, it also brings about significant dangers such as cyberbullying, sextortion, and privacy breaches. In today's digital age, it is crucial to prioritize online safety and minimize potential harm.
Network for Learning (N4L), a Crown-owned (government-affiliated) organization, plays a critical role in helping provide safer digital environments for more than 2,450 New Zealand schools, and helping protect approximately 900,000 users. N4L's Managed Network internet services—which include advanced firewall services, managed Wi-Fi, and email security—can adapt to fast-changing online behavior. Clayton Hubbard, Head of Architecture, highlights the consequences of cyberattacks, emphasizing the importance of protection of student data.
"A successful cyberattack could lead to reputational damage, financial losses, and the theft of private data."
Criminals might attempt to steal student profiles to create fraudulent online identities.
"Supporting the protection of student data is at the heart of what we do," says Hubbard.
By prioritizing security and performance through Elastic Security and Elastic Observability, N4L is helping build a safer digital space for learning, helping protect against potential threats and creating a more secure environment for students and educators.
A lesson in how to protect schools from cybercriminals
To stay one step ahead of cyber criminals, N4L relies on log data such as unauthorized network access, network traffic, and application data. "Logs need to be visible, available at scale, and quick to access so that we can alert schools to suspicious behavior and help them respond proactively," says Hubbard.
Before deploying Elastic, log gathering was a largely manual and time-consuming process involving simple data integration, tooling, and scripts. When remote learning became more common amid the pandemic, N4L knew it was time to adapt to the challenges of more attack vectors and novel threats.
To provide comprehensive security for schools, N4L turned to Elastic, among other solutions it employs across the network. It was already using the free and open version of Elasticsearch and saw the opportunity to extend Elastic across all its data platforms. This led to the deployment of Elastic Observability and Elastic Security on Elastic Cloud Enterprise. Together, they provide a comprehensive enterprise SIEM solution for New Zealand schools.
The Elastic environment now pulls in multiple terabytes of data every day and handles more than 300,000 events per second. "We can bring data in from multiple log sources, enrich it, and pull the answers that we need," says Hubbard. "When you think about the number of users and attack surfaces across thousands of schools, Elastic is the glue that holds everything together." Hubbard also calls out the versatility of Elastic, including searchable snapshots which reduce reliance on costly 'hot' storage.
"Elastic is my Swiss army knife. It’s a full stack that supports log aggregation, data analytics, and machine learning. Searchable snapshots are also hugely impressive. The ability to retrieve data from frozen tiers has streamlined our information lifecycle management while reducing the cost of storage hardware."
Redefining rapid response for security
The deployment of Elastic Security has massively accelerated search and detection times. Hayden Brown, Head of Security Operations Centre, N4L, compares Elastic with the previous system where it could take several minutes or longer to complete a search. "In the past, we'd send a query, go for a coffee, and wait for the results. With Elastic, the search page comes back in a matter of seconds," he says.
Brown also recalls a cyber-attack on the 3CX phone software used by many New Zealand schools. "With Elastic, we were able to see who was using the software and who was targeted, then contact them immediately to help resolve the issue. What would have previously taken a couple of days actually took less than a few hours," he says.
With rapid insights derived from log data, N4L can assess and review software including the latest messaging apps used in schools. It can also spot trends in a small group of institutions and use this information to scale up a response across the entire school network. As a result, 95% of schools now comply with N4L's safe and secure internet settings standard, while N4L has a 91% satisfaction rating from its customers. "Have we seen massive benefits with the deployment of Elastic? Yes! In terms of speed and scale, it is leaps and bounds beyond what we had a few years ago." says Hubbard.
From high-performing apps to happy customers
N4L uses Elastic Observability to optimize application performance in containerized environments. "One of the biggest challenges is the visibility of the code that powers our applications," says Hubbard. "In the past, if there was an error, the DevOps team had to run lengthy investigations, from opening code repositories to debugging logs and testing a solution."
"Elastic Observability puts the information at our fingertips. With APM, we can identify the line of code almost immediately and make the necessary modification on the spot."
It's also much simpler for N4L to visualize observability data using Kibana dashboards. Hubbard says, "In previous roles, I've pulled information into spreadsheets, but looking at long blocks of text is a bit like staring at the waterfalls of data in The Matrix movies." Data visualizations provide greater clarity and make it easier to communicate with schools and internal customers, even if it's just a screen grab of a chart or table. Additionally, N4L's newfound ability to assist in evidence-based decisions direct focus and value to the necessary areas.
Technical experts who go the extra mile
N4L will continue to work hard to provide New Zealand schools with more robust security well into the future. Elastic’s technology is the cornerstone of this approach, but the Elastic team’s support also plays an important role. Brown says, "The great thing about the people at Elastic is that they understand our business goals, not just our technology." Day-to-day communications are fast and unambiguous. "The Elastic team, with our dedicated technical architect and customer success manager, quickly provides us with responses on a call within minutes. The technical expertise and willingness to go the extra mile is amazing," he adds.
But for all the talk of software roadmaps, lines of code and technical account teams, Hubbard and Brown always return to the primary purpose of N4L, which is to support the work of teachers and provide a safer learning environment for students. Brown says, "With Elastic, we can help teachers get on with their main job of providing a great education to the children of Aotearoa New Zealand. Giving them the tools to support that goal is what gets me out of bed in the morning."
Shaping the future of services with AI
In their mission to continue creating a secure and highly performant environment for students and educators, Hubbard and Brown are also keeping a close eye on the latest artificial intelligence features in Elastic, including Elastic AI Assistant for Security and Observability. It uses generative AI to enhance security and observability workflows and provide automated explanations for complex information. Envisioning a future of AI-powered tools holds the potential to better strengthen the broader security landscape, helping to protect schools from the future threats they may face.