Security

Making the Cybersecurity Grade: How Schools Can Protect Data and IT Resources

K–12 IT leaders must continue to prioritize cybersecurity as students return to classrooms. Here are four ways they can improve their security posture.

Brandon Shopp

Brandon Shopp is the group vice president of product strategy at SolarWinds.

Cyberattacks on our nation’s K–12 schools are on the rise. They’re targeting a rich cache of data and IT resources. Since 2016, there have been 1,180 cyber-related incidents in K–12 public schools, and this number continues to grow. With the shift to online and hybrid learning, schools have found themselves more exposed than ever. In light of the new vulnerabilities, an FBI alert issued in the summer of 2020 warned K–12 institutions of new cyberattacks ahead of these schools resuming virtual learning.

Despite precautions, Virginia’s Fairfax County Public Schools, the eleventh-largest school district in the nation, fell victim to a cyberattack a few days into the fall semester last year. Personal information — including Social Security numbers and health insurance details — was stolen from the school system during a ransomware attack.

With limited resources to defend their IT infrastructures, most K–12 schools are unequipped for the risk posed by today’s ever-evolving threat landscape. Forty-four percent of school IT administrators who responded to the 2020 SolarWinds Public Sector Cybersecurity Survey indicated budget constraints are obstacles to maintaining or improving security. Districts also struggle with persuading students and staff to take security seriously.

Let’s look at some strategies schools can employ to make the cybersecurity grade.

1. Ensure Staff and Students Are “Cyber Aware”

Though breaches perpetrated by outside threat actors often grab the headlines, threats originating from the inside can be much more difficult to prevent and defend against.

A recent Government Accountability Office study of 287 school districts affected by data breaches found most incidents involving K–12 institutions were caused by staff or students, whether “accidental or intentional.” Of the 99 reported breaches, the federal watchdog said cybercriminals were responsible for just six of the hacks.

These findings are corroborated by those of the SolarWinds survey. Only 46 percent of the respondents cited the general hacking community as their top threat.

This is why educational institutions must work on building their security culture to ensure students, staff and administrators are “cyber aware.” Knowing how to identify and report a phishing email, practicing password hygiene and not sharing passwords – which has, unfortunately, become a common practice as the use of collaboration and cloud software has proliferated in recent months – and other basic security practices can make a significant difference in the posture of any school.

2. Prioritize and Secure Endpoints

Endpoint protection has always been a fundamental security practice, but as the network perimeter expands to include home networks, it’s now crucial.

Unfortunately, due to budget constraints, school systems have struggled in this area. Only 45 percent of education sector respondents ranked their schools highly for their endpoint protection capabilities, according to the SolarWinds survey.

To address this shortfall while managing their limited budgets, administrators should consider prioritizing high-risk systems or assets, such as data stores or servers, and apply sophisticated endpoint detection to alert them of potential threats. If a violation of the school’s security policies is detected, automated actions can quickly contain threats before sensitive data is compromised.

If budget remains an issue, schools can also leverage existing technology investments —such as security capabilities in Windows, Chromebooks and their cloud-based software investments — to enhance protection across lower-risk assets.

DISCOVER: Why should schools rely on cloud-based software?

3. Segment Users on the School’s Network

Network segmentation is an important strategy for mitigating the risk of a bad actor breaching a student or faculty device and moving laterally across school networks to access sensitive data. Technologies such as software-defined networking (SDN) simplify this process. They make it easier for IT professionals to specify permissions that quickly enforce segmentation at scale and isolate the student network from the staff network. SDN also makes it easier to gather data from the network to detect traffic anomalies that could indicate malicious activity.

An important side benefit of SDN is its ability to improve network performance, since connected devices are only competing with those on the network segment. Thus, they aren’t vying for bandwidth against an enormous pool of other resources.

4. Make Access and Identity Management a Priority

With the rise in remote and technology-focused learning, schools must set up strict network access control policies, limiting data access to the people who need it. With these policies in place and the ability to monitor behavior against them, administrators will be in a much stronger position to minimize the impact of threats and act on high-risk access.

Access rights management also mitigates against the risk of frequent turnover of students and staff. When a student graduates or a teacher leaves a position, their access rights can be quickly revoked to minimize the risk of their identity credentials falling into the wrong hands.

READ THE WHITE PAPER: Networks evolve to support a changing world.

The Threat Isn’t Going Away Soon

Even before the pandemic, hackers discovered K–12 schools are easy prey and a lucrative source of data. Even as students return to classrooms, it’s highly unlikely the cybersecurity threat will diminish. Establishing cybersecurity strategies like those above can help K–12 IT leaders enhance their cybersecurity maturity and protect students, teachers, staff and networks.

Andrey Suslov/Getty Images