While it is commonly assumed that the primary targets of cybercrime are major institutions like banks, large multinational corporations, and government offices, the reality is that pretty much every organization that stores personal information is a target for hackers and cybercriminals. In fact, according to a cybercrime report by Barclaycard, 48 percent of small and medium sized enterprises suffered from at least one cyber-attack in the last two years, and 10 percent of them were targeted more than once. And among these small to medium sized targets, school districts are often especially vulnerable due to their large databases of sensitive information and relatively lax security protections.
K-12 districts all over the world have begun integrating tech into their classrooms and administration processes at a rapid pace. But, with new technology comes new vulnerabilities. So, to help districts protect themselves, here are a few tips to help beef up your security:
Identify Your Assets
When it comes to securing sensitive data, your defense is only as strong as its weakest link. Even if most of your machines are up to date with the latest software and security protocols, all it takes is one old computer running out of date software in a back room somewhere to provide potential hackers with an easy access point. This is why it’s important to take a full inventory of all your sensitive data and hardware, in order to identify how and where that data might be accessed. Once you establish regular reporting of your assets and institute routine risk assessments, you will be able to identify and respond more quickly to anomalous or suspicious actions.
Do Regular Backups
One of the main cyber security risks that schools face today is the ransomware attack. This is where hackers gain access to sensitive data and hold it hostage until a ransom has been paid. Doing regular backups is a relatively simple and inexpensive way to protect your district against such attacks. For example, in March 2016, the Ottawa Hospital in Ontario, Canada was hit by a ransomware attack. During the attack, hackers were able to gain access to the hospitals sensitive files via four computers in their network. The hackers then locked the files and demanded a ransom in exchange for unlocking them again. Since the Ottawa Hospital had backed up its files regularly and stored their backup in a separate system outside their primary database, they were able to simply wipe the compromised drives and restore their data without any loss of sensitive information.
Invest in Cloud-Based Security
Tight school budgets can make it unrealistic for a district to increase IT staff, maintain necessary updates, and replace servers. That’s why many districts are looking to cloud-based solutions to their security concerns. A cloud-based data solution provides schools and districts with the availability, reliability, and security they need to protect against attacks which might compromise their sensitive information. From attendance records, to medical data, to phone numbers, addresses and even social security numbers, a cloud computing security solution will have security protocols in place to store and protect your vulnerable information, without having to add additional staff.
Finally, while these steps will greatly increase your resistance to cybercrime, the security of your system still depends on the people who use it. And there is no substitute for a savvy staff. So, while you are implementing your security protocols, systems and processes, make sure that your staff is fully trained and up to date on the security features of your new system, as well as the latest news and best practices in internet security, so they always know what to look out for.