There’s no doubt that technology has dramatically impacted our lives. It continues to change the way we live, how we interact with those around us, and even the way we teach and learn.
Technology has become a core element of how schools run, with electronic systems managing grading, inquiries and applicants, financial aid, and even student and employee records.
With an electronic component in almost every aspect of school operations, do you feel confident that your school’s security infrastructure is on par?
A new study by Absolute, a security firm focused on IT infrastructure, states that many schools aren’t fully protected when it comes to their digital infrastructure. The report, titled, Cybersecurity and Education: The State of the Digital District in 2020, focused on “the state of IT security, staff and student safety and endpoint device health in K-12 organizations.” While the study analyzed the digital readiness of private and public schools, lessons can be gleaned for all school leaders.
Researchers found that many schools do not have sufficient security for their IT systems. Today, schools are the second largest target for ransomware attacks, sitting behind local governments. There have been 700+ cybersecurity incidents in schools since 2016.
This makes sense. Many schools (82%) provide students with devices. Further, “leaders are now responsible for collectively managing more than 250 unique OS versions and 93% are managing up to five versions of common applications,” according to the report.
On top of that, 42% of students and teachers put rogue apps on their school-managed devices, opening the door for security breaches. There are simply too many areas where a breach could happen—it’s difficult for leaders to wrap their arms around all of them.
This is a serious issue for many schools. You don’t want to be responsible for releasing sensitive information. Take these three tips into account when considering your school’s digital security
- Prepare diligently. Evaluate your monitoring and security protocols and procedures, the roles of your information-technology-focused employees, what student and employee information you collect, and how that information is stored and used. Also review contracts with vendors for cybersecurity assurances, as well as steps that will be taken if a breach occurs.
- Provide training. Set up training sessions with all employees, especially those with access to sensitive student and employee information. Give them the tools they need to recognize scams and spoofs.
- Respond quickly. If there is a breach, be swift in your response and communicate openly with those impacted. Work with law enforcement if necessary to bring a speedy resolution to the issue.
Follow these steps to be ready for future security incidents.
Additional ISM Resources:
The Source for Private School News Vol. 16 No. 7 A Primer on Data Privacy for Your School
The Source for Private School News Vol. 16 No. 5 Preparing Your School for Cybersecurity Threats in 2018
Additional ISM resources for members:
I&P Vol. 38 No. 3 Maintain Personnel Records Diligently to Protect Your School