In my recent cyber security work with municipalities, I gained an appreciation for the information security challenges K-12 public school systems face. Because they manage troves of personal, health, financial and academic data, every school district is a target for cybercrime.
Phishing emails can appear in several different ways. Our 10 Tips for Detecting Phishing Emails infographic provides you with a cheatsheet of what to look for in unfamiliar emails. It’s derived from our Cyber Security Awareness Education offering.
Further, most public schools must make do with legacy IT infrastructure and tight budgets that limit their ability to detect and respond to today’s sophisticated threats. Their challenge is exacerbated by the requirement to support open data exchange in the interest of education, along with supporting student-owned laptops, tablets, and phones.
School’s Open… For Cybercrime
No wonder ransomware exploits, distributed denial of Service (DDoS) attacks, phishing, malware, data breaches and theft of children’s identities are all on the rise in school environments. Hackers are stealing all kinds of sensitive data from educational institutions—even test results. Students have actually paid hackers to knock out school networks and delay testing. Meanwhile, recent research indicates schools have among the highest rate of ransomware attacks of any industry.
If you’re a K-12 school district technology director or “IT person,” how can you identify and protect your most critical data and ensure that learning and operations are not disrupted?
Tips for K-12 Public School Cyber Security
A holistic approach that combines the right tools and processes for your needs and budget will best enable you to block many threats, and to identify and shut down any attack that gets past your perimeter.
Our key public school information security recommendations include the following:
- Segregate student networks from admin networks. For school systems, segregating the student LAN/WLAN from the administrative LAN/WLAN is essential. Further segregation of the district’s back office from each of the schools is also important.
- Segregate the Student Information System. Additional segregation of the Student Information System (SIS) is also warranted if it is hosted onsite. If it is hosted by a third party, then due diligence is essential to ensure the district’s security requirements are being met.
- Update your patches. Keeping patches current is always important in any environment. This implies using only supported software and operating systems. Unsupported systems are sitting ducks.
- Implement a backup program. A solid data backup program can save the day if you’re hit with ransomware. Some districts are investing in redundant systems with offsite server backup, so that services can be restored more quickly.
- Take all possible systems offline. This is one of the most effective strategies for reducing the attack surface. Anything that doesn’t absolutely have to be connected to the Internet should not be connected to the Internet – this includes printers, cameras, TV’s, etc.
- Provide security awareness training. Security awareness training for staff and other end-users is also critical to help them spot phishing attempts so they are less likely to introduce malware or ransomware on the network.
- Routinely test your vulnerability. Periodically perform an external vulnerability assessment to preemptively identify your vulnerabilities before the bad guys do.
- Document your incident response plan. Every school system needs to have a cyber incident response plan in place. If people know what to do in the event of a breach, its impact can be minimized.
To start a conversation about how to protect your school from cyber security threats, contact Pivot Point Security.