Patterns in school network security
Miscellaneous errors, web application attacks, and “everything else” represent 80 percent of breaches.
Miscellaneous errors (35 percent) happen because people are human and mistakes happen. Most of these errors are misdelivery and publishing errors.
Web application attacks (around 25 percent) mostly occur due to the frequent compromise of cloud-based email services via phishing links to phony login pages. Users should consider creating more secure passwords or using two-factor authentification.
“Everything else” is akin to a lost and found bin, containing frequently-encountered incident types that don’t fit into other patterns.
3 considerations for school network security
Many breaches in education are a result of poor security practices and little or no attention to detail. Cleaning up human error as much as possible is the first step, then school IT leaders should establish a baseline level of security around internet-facing assets like web servers.
Universities that partner up with major tech companies or that run policy institutes or research centers are more likely to be targeted than school districts. School IT leaders should understand the data they have and the kind of outfit or group most likely to seek it out.
3 important considerations for school IT security
There will always be threats–phishing and general email security, Ransomware, and DoS are all potential issues. IT teams should know how to respond to these threats. The topics aren’t necessarily new, but they’re still causing issues.
Balancing access to educational resources with security needs remains a top challenge for school district IT leaders, according to December 2018 findings from the Speak Up Research Project for Digital Learning.
Seventy-one percent of district administrators and IT leaders are concerned about the security of their network against malicious attacks or misbehavior, as outlined in the data.
Fifty-five percent of IT and tech leaders in urban districts identify “safeguards to protect privacy of digital student data” as a top requirement when planning for new digital initiatives.