The coronavirus pandemic has arguably affected the education sector more than any other, with schools, colleges and universities around the globe having been forced to close their doors and deliver classes remotely. Most of the discussion surrounding this has focused on the logistical problems of setting up e-learning platforms, parents balancing their workloads with home-schooling and students completing exams. However, one of the most significant issues – particularly in the long term – is that the pandemic has also exposed massive cyber security failings in the education sector.
The Information Commissioner has previously advised schools to be particularly vigilant around information security. It has warned that unauthorised access to personal information would be particularly harmful to pupils; parents and staff; people with a right to seek compensation if the loss of their personal data caused them damage.
Implement a strong identity management strategy:
Schools can no longer just rely on traditional firewalls and virtual private networks, Beuchelt says. They need to start treating identity as a key element for protecting their perimeter. “The perimeter around your resources is really no longer that big wall that you put on your network to make sure everyone is protected,” he says. “Instead, it’s the proper identity management of users, which includes proper lifecycle management, authorization and authentication.”
Ensure secure configuration and patch management:
Schools should know precisely what hardware and software is being used on their networks and ensure configuration changes are authorised, documented and implemented appropriately. Devices should be set up so that only approved users can make changes. Software updates and security patches should be implemented quickly when released by manufacturers
Scan and wipe:
Manley encourages IT teams to use software to scan for personally identifiable information. This will flag sensitive and high-risk information, such as social security numbers and health records, to ensure that data is in the most secure place. IT teams should also consider tools that can identify misconfigurations and vulnerabilities. Finally, as more school districts distribute devices to students, they’ll need remote wipe, a capability that comes with mobile device management solutions. Remote wipe can track where devices are and erase data on those devices remotely if they are stolen or lost.
Backup your data:
It’s important for schools to assume bad things will happen, even if they think it won’t happen to their school, Manley says. That’s why having backups is crucial — it’s better to be safe than sorry. He suggests storing backups offsite so they don’t get infected if a ransomware attack hits a school’s environment.
Use of VPN:
When staff are working from home, VPNs should be used to ensure that data being sent back and forth to the school’s network is encrypted, meaning that even if it were to be intercepted it would be indecipherable
Automating systems can also help IT teams save time while staying ahead of detecting and preventing cyberthreats, especially if the data can live anywhere. “If someone on your IT team is babysitting the protection every day, it’s not going to work,” Manley says. “You’re going to have parents and students with access issues and teachers wanting to try new applications and new tools. So, as an IT team, you’re going to be losing all the time.”
Monitoring and incident management:
Schools must monitor all of their systems continuously and analyse them for unusual activity that could indicate an attack. Criminal incidents should be reported to the police and other relevant authorities.