Schools & Cybersecurity | Data Protection | The Cyber Review

September 17, 2021
Written by Farah

Cybersecurity is not a one-stop-shop

The issues around cybersecurity are here to stay, especially with the increased risks associated with continued remote working. Businesses should continue to aim to be more secure by the day.

The Risk Grows

Working on networks and personal devices prevents doorways for cyberattacks to take place. Since this remote way of working, businesses must ensure they have the right infrastructure in place to combat any cyber threats. Due to COVID-19, it has been shown that there has been a rise in cyber security related attacks and threats. This won't go away at once, this will take a lot of time for things to get back to normal. Hackers could take advantage of travelers waiting to book their next holiday by creating fake travel websites. There is another issue which involves many IT teams not approaching security and data recovery properly which is leading to damage and many other consequences like confidential data being stolen from organizations. 

​​The Importance of a Layered Approach 

Everyone should know cybersecurity is not a one stop shop, organizations need to keep working on it to keep them protected from unusual attacks.  This is where a layered approach is important which includes DNS networking, secure endpoint connections, and an educated and empowered human workforce. DNS networking is one of the important ones and especially since everyone has been working online, it is for sure needed. It also helps to monitor and manage internet access and reduce malware. Adding this layer of protection will reduce chances of any risk. Organizations should have the right training and resources because that will help businesses strongly if something huge is damaged.  Businesses should understand the important role of cybersecurity. Organizations need security to protect sensitive information and also tell employees to be secure with technology and provide training.

Communicating in the midst of a cyber attack

There are a few messaging tools that are secure enough to keep cybersecurity teams communicating when dealing with an attack. Cyber-attacks don't really show any signs of slowing down. If there are security tools available to prevent attacks, communication is often overlooked. 

Closing off cyber criminals while keeping communication open  

Cybersecurity teams need to be really careful and secure real-time communication that could help if there has been an attack.  One of the most important things is that encryption is essential to protect conversations, and cybersecurity teams need to be sure that all chats are secure and can be trusted. Security teams need to ensure their communication channels enable verification, and ensure members' identities are known to prevent messages from ending up in the wrong hands. Not just this, the data should be stored in a trusted system. 

Strength in depth

If an attack takes down an organization’s network, any communications solution running on it also goes down so that's why they have to run separately or have a backup plan. Any communication is not really protected by the backup plan that's why it should be separate. communication must be a consideration for all teams across the organization. Seeing signs of attack do not always occur and it is important to ensure cybersecurity can continue communicating securely in the midst of an attack. 

The new, more secure, normal

Even if the cybersecurity team is managing and telling the whole company to use an encrypted collaboration platform, there is still a possibility that the majority of the organization is using Microsoft Teams. Now at this point organizations need to find solutions for cybersecurity issues like collaboration products and services that help them achieve the right balance of security, functionality and internal and external connectivity. Nothing is more important for a company than to keep its data secure and protected from hackers. It is very hard for businesses to work safely knowing these cybercriminals could attack any time. As hackers are constantly coming up with new ways to seal sensitive data or get access to devices, consequently damaging your company’s efficiency.

Making the Cybersecurity Grade: How Schools Can Protect Data and IT Resources

Schools need to prioritize cybersecurity as students return to school. Since the shift to online and hybrid learning, schools have found themselves more exposed than ever. Even now schools have not fully returned to classrooms, some students are still doing remote school. 

Some strategies schools can employ to protect data and IT resources

1. Ensure Staff and Students Are “Cyber Aware”

Schools should set up training workshops for staff members so they are aware about cybersecurity, as well as sending out newsletters or doing training with students and families. Educational institutions must work on building their security culture to ensure not only staff but also students are cyber aware like for example practicing having strong passwords and also not sharing passwords. Other basic security practices can make a significant difference in the posture of any school. 

2. Prioritize and Secure Endpoints

Prioritizing and protecting endpoints has always been one of the best security practices. But because of the low budgets, school systems have not always been perfect in this area and struggled with it. To avoid this, schools should consider prioritizing systems such as data stores or servers, and have endpoints to help them detect and alert them of potential threats. If there is any unusual activity happening in a school's security, it will be detected and actions can quickly be taken before any sensitive data is compromised.

3. Segment Users on the School’s Network

Segmentation is one of the strategies used to avoid the risk of breaching a student or faculty device and moving across school networks to access sensitive data. SDN helps in this process and makes it easier for IT professionals to enforce segmentation. SDN also makes it easier to gather data from the network and figure out any unusual activity which could lead to a threat or attack.

4. Make Access and Identity Management a Priority

Since schools have been using new technologies as learning procedures, there should be a policy about control access, just to ensure if there is a cyberattack it can be recovered. That's why limiting access is important for the school’s protection. Managing identity also helps to reduce risk because when a student graduates or a teacher leaves their job their access rights can be quickly revoked to minimize the risk of their identity credentials falling into the wrong hands.