How to Protect K–12 Networks From Student Hackers
Go to Source
Wed, 02/20/2019 – 12:35
It’s no secret that school districts are a gold mine for hackers, who can exploit all of the confidential student, parent and employee data available for financial gain or to assuage a personal grudge.
While schools — rightfully — fear hacking of their computer systems by professional criminals, students increasingly breach their school’s cybersecurity safeguards, giving educators and administrators plenty more to worry about.
While external cybercriminals seek Social Security numbers and financial information using ransomware, student hackers commit inside jobs with the hope of changing grades, stealing passwords, infecting computers with malware, accessing or hijacking secure school or district websites or even posting inappropriate images. As reports of students improperly accessing school administrative systems become more common, many districts remain vulnerable to such insider attacks, despite their best overall security efforts.
Schools Opt for a Better Cybersecurity Plan
Curious and tech-savvy students have always pushed the limits of what educators deem acceptable use of school technology. What’s different today is that students can affect the operations of entire districts, and they are increasingly capable of circumventing the security controls implemented by IT administrators.
A major challenge for K–12 IT and security personnel is how to maximize user and data protection with limited network and security resources. Despite that challenge, managing and maintaining a secure network does not have to be difficult. An all-encompassing security plan would include safeguards against such savvy students and external hackers. Here are some examples of what this technology should look like:
- A comprehensive security system: Comprehensive security delivers advanced deep-packet inspection protection for the school network by combining intrusion prevention, anti-virus, anti-malware, cloud-based multiengine sandboxing, content/URL filtering and anti-spam services, plus 24/7 support — all in a single solution.
- E-rate eligible products: If a district is using E-rate funding to buy networking and cyber solutions while simultaneously reducing capital expenditures, ensure E-rate eligible firewalls, wireless and WAN acceleration products are being researched.
- Children’s Internet Protection Act compliance with on-campus and off-campus web filtering: Meet CIPA requirements with a robust web-filtering solution that protects students from harmful content whenever a school-issued device connects to the internet. This not only limits what is being seen, but also limits what is posted.
- Greater visibility and control: A robust security plan will allow an IT team to gain real-time insight into network activity — students, staff, apps and bandwidth consumption — and make informed decisions accordingly.
- Flexible remote access: Consider a next-generation firewall that does not rely on a third-party app, providing native VPN remote-client access for Windows, Chrome, Android and Linux devices — and more.
- Routine patching: More sophisticated hackers may seek to exploit vulnerabilities in software. That can often be prevented by making sure programs are updated and patched regularly. Tackle patching while making updates to software to keep everything moving forward together.
What Else Can Be Done to Prevent Network Intrusions?
Software and security devices can’t do all of the work, especially when human error is involved. Proper cyberhygiene skills will go far to protect students and district employees at work and at home. In addition to security devices, most K–12 cybersecurity experts suggest districts take basic measures to prevent hacking.
School districts should establish good habits and ground rules for employees and students alike. That means training staff to follow good password practices. No more sticky notes on desktops or overused and easy-to-guess passwords. Instead, use long and complex passwords, even if inconvenient. To ease the burden of remembering each unique password, consider password management software.