Subscribe to our free fortnightly newsletter and stay ahead with the latest news in edtech

Educating your employees

Why staff are your most valuable asset when it comes to data security

Posted by Lucinda Reid | May 10, 2017 | E-safety

By Adam Winwood, Arden Group

Cybercrime is a real risk to the majority of organisations and not a week goes by without a news story highlighting another security breach where personal and sensitive data has been put at risk. This is no different for in the education sector where a security breach could seriously affect the reputation of a school and risk the safety of its students. Unfortunately, when it comes to protecting data within a school, it’s often the staff and students who are unknowingly compromising security. Adam Winwood of Arden Group outlines how hackers can access secure data, the steps to take to enhance protection and how training for both staff and students can help to minimise the threat of an attack.

While cybercrime may be considered to be an issue that only affects the corporate world, data protection applies to any organisation which stores personal information, particularly schools which hold the details of thousands of current and past students. Schools store some of the most sensitive data that is available in relation to race, ethnicity, physical or mental health, sexuality and criminal offences, as well as personal data such as employee payroll details, home address and contact numbers. Schools have a duty of care to their students and this should extend to protecting their personal information.

Take unsecured Wi-Fi as one example of a weak point. Many schools favour the low maintenance and ease of an open connection, however this can provide an ideal portal for cybercriminals to gain access to the entire school network. Phishing scams are also rife within the education industry and are becoming more sophisticated with hackers ‘befriending’ individuals in order to share an infected link.

When it comes to the identity of the hacker, it’s not always the stereotypical ‘criminal hacker’ either, in fact students themselves can be the biggest threat to a school’s cyber security

When it comes to the identity of the hacker, it’s not always the stereotypical ‘criminal hacker’ either, in fact students themselves can be the biggest threat to a school’s cyber security. Whether it’s for kudos among their classmates, boredom or even to extend a deadline, students can pose a very real risk to data security. Just last year, students hacked into the email account of their teacher to access the answers to an exam in order to prepare, and this isn’t an isolated incident. 

The first steps towards cyber security should be ensuring appropriate software is in place. Up-to-date anti-virus protection should be installed on the end points, gateways and servers, with Software as a Service (SaaS) packages in place to guarantee the network is always up to date with the latest security features.

Educating teachers, administrative staff and students should be the next step and making sure they appreciate the ramifications of security breaches for themselves and the school. For staff and students alike, outlining the tell-tale signs of phishing scams in emails such as typos, incorrect terminology or uncommon email addresses could help ensure rogue links won’t compromise the network security. Training on what can and can’t be downloaded via the Wi-Fi system is also recommended. 

Guidance for teachers should be centred on devices such as laptops and tablets which they regularly take from the school premises, and are potentially logging in from unsecured networks remotely. To prevent student hackers, it is advised that staff and teachers are trained on how to look out for suspicious online behaviour and resolve it before it becomes an issue. For extra protection, schools can create a separate network for students to work on, ensuring that sensitive or personal information stored on the main server can’t be accessed by unauthorised users.

When it comes to protecting data within a school, it’s advised not to cut corners to reduce costs. Schools deal with sensitive data every day which means they are a target from student hackers right through to cybercriminals. For peace of mind, it’s recommended to seek help from an external specialist who can handle data protection, ensure all updates are in place and identify any issues before they result in a complete security breach.

Subscribe to our free fortnightly newsletter and stay ahead with the latest news in edtech

Related stories

WannaCry no more

Cyber security in education

Cyber security worth '£60m in salaries' in NI

Start with the data

Masters course to create 'army of cyber security experts'  

Students challenged to help tackle cyber security threats

UK students compete for £10,000 cyber competition prize

Cyber security, are you in the know?

Smallpeice Trust teach Year 9s about cyber security

The Augmented Reality age

Market place - view all

Nationwide

Award winning online banking: whether it's current accounts, credit...

Furlong

Furlong is a unique Management Information System provider in the U...

Tech Data

As one of the world's largest wholesale distributors of technology,...

Compass

Compass Computer Consultants Ltd. has been designing and implement...

European electronique

UK leading supplier of ICT solutions for the public sector, educat...

Webanywhere

Education Solutions for your School
Webanywhere provide the pri...