We take the highest safety standards for our schools when it comes to potential acts of violence and natural disasters, but what about our data? Cybersecurity is a growing concern for all of us, and recent attacks like WannaCry and Petya ransomware have made many refocus and reevaluate their security strategies.
The first step to preventing an attack and keeping your valuable data safe is to know the threats – and what you can do about them.
Here are the top five cybersecurity threats for schools.
From ransomware to phishing and other types of security breaches, direct contact is the number one way that you can create a vulnerability into your system. Often, these attacks will masquerade as an email from a legitimate sender, or they’ll appear to be a real person messaging someone on social media. In any case, these data breaches often rely on users clicking on hyperlinks.
SOLUTION: Your email security needs to include filters for spamming, phishing and executable files that aren’t recognized. There are many email scanners out on the market that can also restrict macro script files and authenticate inbound mail.
Although you can readily account for all of the devices your school owns, what about the assets that are owned by staff or students? Are you able to track their security software and restrict what they have access to?
SOLUTION: Your IT system should include a solution that tracks all devices, including those not owned by your school, that enter the network.
As the WannaCry attacks in March have shown, you don’t always need user interaction for an attack to occur. WannaCry targeted hundreds of computers all with the same security vulnerability on their Windows operating systems. While newer versions of Windows come with that weakness patched, the victims were all users who hadn’t updated to the latest OS or downloaded the necessary patch.
SOLUTION: Like we mentioned above, an IT solution that tracks all devices a great first step, but having one that can also check on software upgrades and block access to certain apps is even more ideal.
Ideally, only those who absolutely need to access specific folders will be able to do so. With so many sensitive documents for students, faculty and staff, you need to keep everyone’s data as secure as possible and restrict access to a limited group. In other cases, users try to access a site that has been compromised, allowing the malware to attack. However it happens, it rarely takes intent in order for it to occure.
A recent data breach in Miami, Florida, for example, was actually not the work of hackers at all. Instead, it was carelessness. Two students are suing the Miami-Dade School District after they found that their test scores and social security numbers were all published on the district website. All it took for the two to find their information was a Google search.
SOLUTION: Restrict user access to certain documents only to those who need them, and make sure that your site architecture is set up to keeping everything hidden without a secure login. In addition, you may want to create a white list of safe sites and applications and block the rest.
Even though you take all the necessary precautions to protect your vital information, data breaches can still occur. In the event of such an attack, it can be a major blow to productivity to try and get all the information back into a secure place. Worse, vital work can be completely lost.
SOLUTION: Installing a backup system on each school devices that sends data to a remote server throughout the day (not just at night!) can help make sure that nothing is lost.
One of the best ways to keep your data safe is to automate the process. If you’re already using a help desk solution, you may want to consider adding into two additional tools for your IT team: Agentless asset inventory and mobile management.
An agentless tool, like Insight, tracks all IP-addressable devices on your network. That means that any device that enters your network, whether or not they’re school property, will be discoverable. You’ll not only be able to know a device’s users and location, you can also see if their software is up to date and see what applications they have downloaded. Best of all, you don’t have to manually download an agent on each device. To read more about the benefits of agentless discovery tools, read our whitepaper.
It’s best to do what you can to prevent a security attack – but in the event that one occurs, you and your IT teams will feel much better knowing that there are solutions in place to help them.