From credit card hacks to social security breaches, cyber attacks are more common with each passing day. Organizations in every industry are on high alert to ensure networks and information remain secure. News reports lead you to believe that only high-profile companies are affected, but perhaps the most precious data when it comes to tomorrow’s leaders is held in educational institutions.
Administrators are tasked with keeping information about a school’s faculty and students secure. And in today’s threat landscape, it’s not if a data breach will occur, it’s when. In fact, Verizon’s 2016 Data Breach Investigations Report concluded that the education sector ranked sixth in the U.S. for reported “security incidents” last year—higher than both the healthcare and retail industries.
As the number of network entry points proliferate, we will continue to see an increase of breaches. Schools have to prepare a strong security posture to keep valuable information safe from intruders.
A primer on risk aversion
In today’s information environment, a traditional firewall, while necessary, is not an effective security posture. Bad actors are operating with increased speed and innovation, so other components of a network need to become smarter. With the right approach, schools can enhance their security posture while moving into new types of instruction and learning.
Step one: identify key stakeholders. Develop a strategy that has received buy-in from the Board, the superintendent, and all district and technology department leaders.
Step two: detect what needs to be secured. Trace technology from endpoints, to desktops, to the cloud to find specific threats.
Step three: bring-in a trusted partner. Leverage an industry, thought leader, or vendor partner who can run a security assessment on your network.
Step four: develop a plan. With your key stakeholders, create a model for execution with specific milestones and testing.
Step five: maintain a healthy network. Continually monitor the performance and stability of the network, including your technology products and policy. At this point it’s also important to establish an internal project-management group.
By following these steps, districts can prepare for inevitable data breaches. However, with advanced technology—including continuous monitoring of networks, encryption, malware detection, and more—it can be confusing to decipher which specific solutions are best.