Between 1 July 2019 and 30 June 2020, the Australian Cyber Security Centre (ACSC) “responded to 2,266 cyber security incidents and received 59,806 cybercrime reports at an average of 164 cybercrime reports per day, or one report every 10 minutes.”[1]
Hackers aren’t looking to find out what grades your students received on their latest spelling tests. As Mary Kavaney, the chief operating officer of the Global Cyber Alliance explains, school environments “have some of the richest personal information on people.”[2]
How can educators protect digital assets and information in schools? Here are five strategies to increase protection.
1. Secure your devices from physical attacks
Would you believe that the second most popular password is “password?” Its popularity is only surpassed by “123456,” which has been the most common password for five years running. Suffice it to say, these passwords may be easy to remember, but they are not secure. The Texas Computer Education Association recommends these cybersecurity tips for teachers using technology in the classroom. “Frequently change your password throughout the school year, and don’t ever write it down. Always make sure to log out of your computer when you step away from your desk, and avoid letting students use your computer, especially when it’s logged into your account.”[3]
Are you wondering how you’ll ever remember all of those passwords if you can’t keep them on a post-it “hidden” under your keyboard? Password managers help create better passwords and keep track of all of your login information to strengthen online security. Wired calls them the “vegetables of the internet.” Because “We know they’re good for us, but most of us are happier snacking on the password equivalent of junk food.”[4] It’s time to listen to our mothers and eat our veggies!
2. Lock up your devices
Not using your beloved pet’s name for a password is a great first step to securing your school’s digital assets. But we think an even better one is keeping devices out of the wrong hands in the first place. Did you know that 41% of data breaches are due to lost and stolen mobile devices? It’s essential to protect your students and your school by securing devices with both digital security and physical security when not in use. Implementing durable, secure charging stations will protect devices and the data that’s on them. Not to mention decrease costs. As careful as educators try to be with their hardware, 10% of mobile devices break or go missing in the first year of a smart classroom deployment. A centralised point of secure charging helps schools provide a repository for tablets and laptops, reducing breakage and loss. As the use of technology in education increases, the critical oversight of not protecting your devices when not in use can create painful hassles for students, teachers and administrators alike. By using a secure device charging station from PC Locs, you’ll minimise per-student and per-educator device costs.
3. Keep programs up-to-date
“Updates ready to install.” We’ve all seen this message before. Unfortunately, many of us are quick to click the “remind me later” button without giving it another thought. Until, of course, it pops up again later. If you want to prevent malicious attacks by shutting the door malware uses to exploit loopholes, it’s critical to keep your software up to date. Software updates are patches that often fix security holes. Don’t be the one-in-ten users that never installs them.[5] Enabling automatic updates will keep your devices safer without those pesky notifications because your device will automatically install critical updates when they become available. As security specialist David Longenecker writes, “If your car had a factory defect that might leave you stranded on the side of the road, and offered a free fix, you’d take them up on it, right? This is the same thing.”[6]
4. Have an incident response plan
Just as your school has a plan in place in case of a fire, educators need a plan in place in case of a digital emergency such as a security breach. An incident response plan will prepare students and staff if a cybercrime occurs. According to the U.S. Department of Education, “Prompt response is essential for [minimising] the risk of any further data loss and, therefore, plays an important role in mitigating any negative consequences of the breach, including potential harm to affected individuals.”[7] Check the ED’s helpful Data Breach Response Checklist, which illustrates some current industry best practices in data breach response and mitigation applicable to the education community.
5. Educate staff and students
All levels of education benefit from training programs for both faculty and students on cybersecurity. Don’t assume staff members automatically understand how to handle the enormous responsibility of accessing student data. As Tech Edvocate advises, “Staff members need to know how to access information responsibly, know how to use a notification system for breaches, and should understand what to do in case of a breach.”[8] Also, students need instruction on how to manage their digital identities. By teaching students how to manage their personal data, maintain digital privacy and identify data-collection technology used to track them online, they’ll not only be protected at school, “but for the rest of their lives.”[9]
With PC Locs solutions, teachers don’t have to worry about the safety of the devices. Contact us to learn more.
Sources
[1] ACSC Annual Cyber Threat Report – Australian Cyber Security Centre
[2] Hackers are targeting schools, U.S. Department of Education warns – CNN Business
[3] Four Cyber Security Tips for Teachers – TCEA
[4] The Best Password Managers to Secure Your Digital Life – Wired
[5] Americans and Cybersecurity – Pew Research Center
[6] Back to school cyber tips – CSO
[7] Data Breach Response Checklist – U.S. Department of Education
[8] 9 Steps to Keep Student Data Safe – The Tech Edvocate
[9] 4 Tips to Help Schools with Privacy and Security Compliance – EdTech