4 simple questions school leaders should ask about cybersecurity

In today’s world where hacking and other forms of cyber-attacks abound, it isn’t enough to simply expect that the IT staff has data security under control. According to the White House Council of Economic Advisors, in 2016, cyber threats costs the U.S. economy between $57 and $100 billion. The same document articulated that “cybersecurity is a common good.” Schools are not immune, and a recent review of a dark web marketplace by Flashpoint for access to compromised Remote Desktop Protocol servers proved that. Two-thirds of the server information available was from educational entities.

School district leaders needs to be proactive in asking the following questions to ensure that data security is being taken seriously. Are realistic safeguards in place to protect student and staff privacy? Can your district recover data in the case of an emergency or disaster?

Question 1: Are your password procedures up to speed?
Password and account security needs to be ramped up. Required password changes should be implemented at least each semester, if not every 90 days. IT staff are often hesitant to require such changes as staff grumble about this and take up a great amount of help desk time when changes are required. Leadership should try to insulate the IT staff from these types of complaints and at the same time ensure that strong password policies are in place. Passwords are moving toward a dozen characters and reQu1ring! the inclusion of capital letters, numbers, and special characters. Make sure no one shares their passwords with anyone—not even their trusted assistant.…Read More

How to avoid a cyber attack

From credit card hacks to social security breaches, cyber attacks are more common with each passing day. Organizations in every industry are on high alert to ensure networks and information remain secure. News reports lead you to believe that only high-profile companies are affected, but perhaps the most precious data when it comes to tomorrow’s leaders is held in educational institutions.

Administrators are tasked with keeping information about a school’s faculty and students secure. And in today’s threat landscape, it’s not if a data breach will occur, it’s when. In fact, Verizon’s 2016 Data Breach Investigations Report concluded that the education sector ranked sixth in the U.S. for reported “security incidents” last year—higher than both the healthcare and retail industries.

As the number of network entry points proliferate, we will continue to see an increase of breaches. Schools have to prepare a strong security posture to keep valuable information safe from intruders.…Read More

5 best practices for starting a successful cybersecurity program

While there’s no question technology adoption creates powerful learning environments, it can also present significant security risks to teachers, staff, and students. According to Verizon’s 2017 Data Breach Investigations Report, the number of total security incidents in the education sector outranked both the healthcare and retail industries. It’s obvious that cybersecurity remains an increasingly dangerous threat that often gets overlooked when it comes to safety. This is partly due to limited school funding, strict budget factors, and a corresponding lack of IT support.

While cybersecurity is a constant challenge for any industry, the education sector has less resources and more at stake. School district networks house a variety of sensitive information on staff members, students, and students’ families, including credit card numbers, Social Security numbers, and sometimes even medical information, making K-12 schools a top target for hackers.

Data breaches and other threats
For example, in early January the largest school system in San Antonio, Texas, reported that it suffered a data breach last August, which exposed the personal data of more than 23,000 current and former students and staff. Ransomware is another common type of attack, costing schools thousands of dollars and significant downtime. In October 2017 an entire district in Montana was shut down for several days after hackers who dubbed themselves “TheDarkOverlord Solutions” threatened to release student, teachers, and school leaders’ personal information unless a ransom was paid.…Read More