The school environment is commonly viewed as an easy target for hackers, making it critical for schools to bring their cybersecurity programs up to speed or risk a serious breach, according to Wavelink.
Two major breaches have occurred in Australian schools this year and these attacks will continue to increase as schools are targeted with phishing, ransomware, and DDoS attacks. (1)
Hugo Hutchinson, Wavelink’s national business development manager for Fortinet, said, “A cybersecurity program in schools is no longer optional with all signs pointing to an increase in attacks over the next few years.
“It is important that principals, and the board, take a leadership approach to cybersecurity. Much like CEOs have been held to account in the business world, the same will be a reality for principals who are seen to do nothing when it comes to protecting private data in schools.”
Key components of a cybersecurity program in schools include:
1. Technology. Schools need to implement technology such as firewalls and network tools to monitor the environment. Network visibility will provide important information on breaches as well as on what students are doing on the Internet. Schools should extend security to students’ home environments by implementing client software, which applies the same security policies at home as it does at school.
2. Patch management. Security technology is constantly being updated and patched by vendors. It is important that, no matter what security software is in place, the school keeps up to date with patch management.
3. Reporting. The right reporting tools will provide the right information in the event of a breach such as which files have been compromised. This will help schools get on top of a breach faster.
4. Content/web filtering. Content/web filtering is essential in a school environment to protect the children by preventing access to unsecure or unsuitable online content.
5. Education and awareness. Cyber education is important for teachers and students. They should be aware of the policies and what to look for, and what to avoid, when using the network.