In the wake of recent cybersecurity hacks, school districts across the country are on alert to prevent their district from being the next one hit. Districts have been found to be one of the least secure of 17 industries studied by EdTech in 2018. Districts lack funding that larger corporations have to protect important data. Districts are often found to have weaker application security, endpoint security, patching cadence, and this makes hackers more likely to target schools and their data.
Considering the type and amount of data that a school district houses, it’s important to keep school data secure.
Common Security Vulnerabilities
As more and more data is collected on students, the lack of resources and attention to cybersecurity has many security experts worried. “Schools collect an incredible and vastly increasing amount of personal data about students. Securing these networks and protecting this information is essential to protect the future of innovation and privacy,” stated Sam Kassomueh, COO and Co-Founder of Security Scorecard.
Application security can be defined as the security measures taken to prevent data or code within a given program from being stolen or poached. Because schools rely heavily on online applications for testing, data collection, and analytics, this makes their data all the more enticing to hackers to take advantage of. Tightening up district networks and understanding what’s happening in their network will play a crucial role in the security of data.
Devices that remotely access a network (laptops, phones, tablets) provide an entry point for security threats to occur. As more students use their phones along with teachers and faculty, the number of vulnerable endpoints increases. Endpoint security software helps detect any vulnerabilities in the network and unify network management to ensure network users are being responsible. Endpoint segmentation can also help mitigate any damage if a device does become compromised.
Determining how many vulnerabilities and critical vulnerabilities exist in an existing framework is patching cadence. Ensuring software is up-to-date but can often be a burden on IT departments who are already stretched thin as is. Virtual patching programs exist and can help identify vulnerabilities and provide a quick fix until an IT member can fix the issue.
Types of Threats a District Can Face
Security breaches disrupt education and can expose sensitive information of those in a school community. These can also prove to be very costly and have high recovery costs. Many times a district may be unaware their IT system has been compromised, and at this time there is no federal agency collecting this type of data.
Data Breaches occur when sensitive, protected, or confidential data is copied, transmitted, viewed, stolen, or used in an unauthorized manner. Confidential information like student records which are inappropriately viewed or used buy an individual who shouldn’t have access is a data breach
A denial of service is when a server is deliberately overloaded with requests at once, causing the website to shut down. This prevents users from having access to the website.
Spoofing involves the use of fake documents from a party attempting to be legitimate.
Phishing is when an organization or person falsely claim to be legitimate looking for sensitive information like passwords or account information. The links they send will direct an individual to a fake website to enter information. Both spoofing and phishing are very common and it’s important to perform thorough research to ensure it is a legitimate source before divulging sensitive information.
Malware or scareware is software that damages or disables a network or specific computer system. Both are viruses that are hidden within illegitimate software and antivirus software which infects the computer. This heightens the importance of vetting peer-to-peer file-sharing and email attachments. Users should keep their software up-to-date and ensure that antivirus software is installed.
Ransomware is malware that hackers encrypt on users’ files and demand payment of ransom to regain access to the information. Ransom is often requested in virtual currency, like Bitcoin, because it can’t be tracked. Ransomware can be delivered through phishing or spoofing scams.
Preventative Measures to Take
- Before students, teachers, or staff access a school’s network, they should be informed on any policies, rules, or laws regarding the usage of the school network. Review the Guide for Developing High-Quality School Emergency Operations Plans to understand how to handle a situation if a security breach is to occur.
- Ensure that the entire school community’s data is kept private and complies with the Family Educational Rights and Privacy Act (FERPA). Regularly back up data in case of accidental or deliberate corruption or destruction of data.
- Create firewalls and an approved list of individuals who have access to the school’s networks and systems. This list should be updated regularly to ensure that the selected individuals have access to the systems they need and understand emergency steps if a breach does occur.
- Purchasing cyber insurance for the district and for any contractors who are hired to help pay for legal fees, credit monitoring for those impacted by a data breach, financial losses, and other services involved in a data breach.
If a breach does occur, the first to be notified should be a school’s IT manager along with local law enforcement. Other departments to contact would be the Field Office Cyber Task Force, Internet Crime Complaint Center, National Cyber Investigative Joint Task Force, National Cybersecurity and Communications Integration Center, and the U.S. Computer Emergency Readiness Team.
School information is extremely important, and providing the necessary safeguarding of data is crucial!