Tips for educational institutions to secure themselves from cyber threats
By Sunil Sharma
With most institutions having adopted online forms of learning and training, it has also resulted in them becoming increasingly vulnerable to new cybersecurity challenges. Here are some of the challenges that educational institutes can face:
We’re seeing an uptick in coronavirus related phishing scams, and so the chances of phishing emails making their way into the inboxes of teachers, administrators, and students is consequently high. Staff must be provided with comprehensive guidance that allows them to identify such emails. It’s critical to deploy advanced email security that blocks phishing emails, prevents data loss, encrypts email, and offers comprehensive protection against phishing.
Advanced malware attacks
As students and teachers spend more time online during coronavirus lockdowns, they are susceptible to inadvertently becoming victims of an account takeover, by unintentionally or carelessly sharing their information with cybercriminals. This allows criminals to log in to your school’s network, launch a ransomware attack, and take control of sensitive student data.
Shortage of skilled IT security staff
This is a challenge not unique to schools, but lack of skilled IT staff particularly leaves a school network susceptible to threats. Schools can find themselves with no one pushing network security, device management, and endpoint security policies. Critical reports identifying risky users, or which offer more information about regulatory compliance might not be leveraged effectively. This can give cybercriminals a chance to exploit weaknesses in your cybersecurity infrastructure to infect the network.
Here are some of the steps you can take to protect your institute from cyberattacks:
Managed threat response services
Having a team of cybersecurity experts on board is an investment in your school’s safety. With the services of an expert team, they will deliver threat hunting, detection, and response services 24/7. You don’t have to worry about spotting suspicious behaviour or whether your cybersecurity configuration is on point because the team manages all security needs for your institute.
Use of firewall security
For maximum safety, schools must deploy a next-gen firewall that detects and blocks ransomware at the gateway, and also prevents its lateral movement. Firewalls that offer built-in support for IPsec and SSL VPN connectivity, give schools the option to choose either or both, for secure remote connectivity. Through SD-WAN which is integrated in a firewall, schools can remotely connect with each other to securely share information, and achieve performance and availability for cloud applications.
Antivirus and web filtering
Unless your network of teachers and students are using a VPN, you will need to ensure their online safety, through web filtering rules which are set by your organisation. Through the use of a licensed antivirus, you will be able to block access to inappropriate websites, stop risky files from being downloaded, and provide category bases web filtering for Chromebooks and iOS devices. Phishing can also be prevented using advanced endpoint protection technologies to stop the attack chain and predictively prevent such attacks, features should also include automatic roll back to pre-altered state if files are encrypted. This will help protect data if students or teachers are using school-supplied laptops or tabs.
The writer is managing director sales, Sophos India & Saarc