Oct 21 2020

How to Ensure Data Remains Safe in the Age of Ransomware

Data security strategies should advance at the same speed as evolving school systems.

Whether you are a teacher, parent, student or IT professional, you have witnessed the extraordinary transition the education sector has recently undergone. Despite schools having already facilitated distance, digital and remote learning for some years now, there is no doubt that the global lockdown has acted as a catalyst for further rapid and momentous change.

As systems continue to evolve, it is crucial that data security strategy advances at the same speed. This means ensuring watertight protection of educational data against one of the most common forms of attack: ransomware.

Data collected on students, staff and teachers may be highly personal or sensitive and could include student performance data, demographic characteristics or responses to surveys. This data is attractive to potential hackers because they understand the impact a data breach could have on an institution’s reputation and see a better chance of obtaining a ransom for their crimes.

If schools took proactive precautions, such face-offs might never be necessary. IT teams should consider a data protection strategy built on a foundation of education, implementation and remediation to become impermeable.

Understand the Risks of Digital Learning

The journey of understanding starts after the threat actors are identified. Remote Desktop Protocol or other remote access tools, phishing attacks and software updates are the three main mechanisms for entry. Knowing this could help your institution focus its security investments strategically, enabling maximum resilience against ransomware from an attack vector perspective.

Most IT administrators use RDP for their daily work, with many RDP servers still directly connected to the internet. As a result, over half of ransomware attacks currently use RDP as an entry pathway. Those not accessing via RDP may instead choose phishing emails as their method of choice.

If you are ever unsure whether you have received a phishing email, there are two popular tools that can help assess the risk to your organization: Gophish and KnowBe4. Also keep in mind the need to update critical categories of IT assets such as operating systems, applications, databases and device firmware. Extend this thorough approach to data centers too, as they can be just as susceptible to an attack as data housed onsite.

DISCOVER: These tips can help you protect school systems from ransomware attacks.

Why Backup Infrastructure and Threat Remediation Are Important

When it comes to a ransomware attack, resiliency hinges on how the backup solution is implemented, the behavior of the threat and the course of remediation. Implementing backup infrastructure is a critical step.

Backup repositories are an essential storage resource when it comes to resiliency against ransomware, so it is recommended that people within the organization can’t access them. If insiders have the permissions to access this data, it could lead to potential leaks. A smarter approach is to have these responsibilities managed by a third party where possible.

IT teams should also always be prepared to remediate a threat where necessary.

If your school district does suffer an attack, your next steps to remediating ransomware are to refuse to pay the ransom and to restore data.

One of the hardest parts of recovering from a hack is decision authority. Make sure you have a clear protocol in place that establishes who will make the call to restore or to fail over your data in the event of a disaster. Within these business discussions, agree on a list of security, incident response and identity management contacts that you can call on if needed. When a breach happens, time is of the essence, and you will thank yourself for having prepared in advance.

Much like you would invest in insurance for your home, you should consider backup an investment in the same way: It is something you hope never to need, but if the worst happens, your institution is protected and your staff and students’ data is safe. By properly educating your colleagues on the risks, implementing the appropriate infrastructure and having the appropriate remediation protocols in place, you will not only increase your resiliency against ransomware attacks but also avoid data loss, financial costs and reputation damage to your school.

MORE ON EDTECH: Here’s how school districts can best respond to a ransomware attack.

WhataWin/Getty Images

Learn from Your Peers

What can you glean about security from other IT pros? Check out new CDW research and insight from our experts.