7 Steps to More Cyber-Safe Schools

Posted on Jun 1, 2016
Share Button

Students may get time off when school breaks for summer. The faculty, however, will be working as hard as ever. In addition to fine-tuning the curriculum and finalizing class schedules, they’ll be looking at ways to continue integrating technology into the learning environment.

Today, technology enhances almost every aspect of K-12 education processes—from creating richer, more engaging learning experiences to streamlining administration. But with all the enhancements, come risks. Especially those risks to the integrity of sensitive student and staff data, including:

  • Social security numbers and birthdates
  • Test scores
  • Medical records
  • Text exam answers
  • Home addresses

The vast majority of this information is stored and communicated digitally and increasingly in the cloud, making it highly vulnerable to compromise, theft and even ransomware. The widespread use of personal mobile devices and USB drives compounds the risk, exposing data when devices are lost, stolen or misused in any way. The consequences are worse when data isn’t encrypted.

Digital Innovation and Data Security Go Hand-In-Hand

Despite the risks, digital innovation is a must in K-12 school districts. But it needs to go hand-in-hand with data security. Here are 7 steps recommended to prevent and mitigate threats:

1. Secure Every Device

Staff members should not be able to freely access data on their mobile devices—unless your district uses personal profiles to ensure all school employees meet approved security requirements. Consider mobile device management tools with the flexibility to add or remove devices as needed.

2. Encrypt, Encrypt, Encrypt!

Unencrypted data can be stolen, leaked or held for ransom. Most schools implement a firewall; but data at rest on servers, desktops and other devices should be encrypted to protect if from threats that get through.

3. Employ Data Loss Prevention (DLP)

Employ DLP at both the network and host level. This ensures rules are in place to regulate outbound data flow. It also alerts officials of attempts to transfer data to unsecured or unauthorized devices.

4. Filter Web Traffic

Cybersecurity is not just about protecting data. It’s also about protecting students from exposure to harmful content. Whether it’s restricting access to social media sites or disallowing posting to these sites, web filtering is another way to keep schools safe. It’s also federal law since the passing of the Children’s Internet Protection Act (CIPA) in 2000.

5. Educate Staff

Administrators and teachers alike should understand best IT safety practices. Establish clear, consistent policies about the steps teachers must take to ensure data is secure.

6. Educate Students

Even the youngest students are capable of understanding good digital citizenship. With almost 100% of U.S. schools having Internet access, educating students on Internet safety is critical.

7. Keep Security Systems and Software Up-To-Date

If there’s a weak link in your network, it WILL be exposed — and fast. School districts need to upgrade systems regularly to ensure they can stand up to the latest threats; and apply software patches to address known security flaws.

8. Outsource Activities Outside Your Core Competencies

School staff are in the business of education, not cybersecurity. In this day and age, technology is no longer an extra; and school budgets need to support the outsourcing of essential network security tasks like monitoring and ongoing maintenance.

Keeping schools safe from cyber threats is hard work, but working with a network security expert can make it much easier.