Cyber-attacks targeting schools. What can you do to protect your school?
It’s been said that schools are more vulnerable than companies to cyber-attacks. With recent threats of ransomware attacks to both the Cloud and network drives, IT departments in schools have the challenge of increasing security measures and reducing cyber threats. Historically, attacks commonly include hacking, email phishing, and in rare cases, manipulation of test results in schools.
Those charged with governance as well as management are responsible for establishing an effective cyber risk and security strategy to build a cyber-resilient organisation. Many schools operate in a data-centric environment whereby high volumes of data are constantly communicated internally within the school and externally in the community. In such an environment, the security and integrity of data is of paramount importance. This has led, unfortunately, to a significant advent of cyber-crime with the aim of breaching the data at the detriment of the victim organisation.
With over 80% of Australian students using desktop laptops or tablets at least once a week, Aussie kids appear to be ahead of the game with the global average being only 54%. According to the Australian Bureau of Statistics (ABS), 79% of Australian children aged between 5-14 use the internet, and over 85% accessing it from school. This vastly increases the threat on cyber-security in schools.
Cyber-crime has become very complex and it is committed by highly sophisticated networks of organised criminals. It is crucial that schools place greater importance on establishing and maintaining an effective strategy to mitigate cyber risk.
Top tips for School Cyber Security
Effective anti-virus software
Not having anti-virus software on a computer is like driving without car insurance.
Today’s internet has provided a gateway of virus attacks including worms, trojans and malware (spyware). Filtering of website traffic over the network is essential as well as frequent changes to passwords of user/ network accounts.
System backup and recovery
Implement a system backup and recovery strategy which includes regular (daily/weekly/monthly) automatic backup procedures which includes minimal human interaction. Back-ups are a fail safe way to restore any corrupted or accidentally deleted data. Also consider keeping back-ups “off-site”.
Segregate student networks from administrative networks
Network segmentation and segregation is one of the most effective controls in deterring malicious cyber activity. It aims to minimise the level of access to sensitive information from students.
User awareness
User education is considered the most important factor for successful implementation of IT security in schools. All precautions will become ineffective if user awareness is not aroused. All students and staff should comprehend their responsibilities and obligations regarding e-security via their devices whilst using the school network.
With progressive and continuous change to technology, cyber security is crucial to your school. Consider adopting our top tips to the Risk Management Strategy and mitigate cyber risk.