Since January of 2016, there have been over 700 cyber incidents reported in K-12 public schools and districts in the United States. One look at the K-12 Cyber Incident Map, and you’ll get an idea of how far-reaching this problem is. It’s not just a U.S. concern either. In the UK, four out of five schools have experienced at least one cybersecurity incident.
Hackers aren’t looking to find out what grades your students received on their latest spelling tests. As Mary Kavaney, the chief operating officer of the Global Cyber Alliance explains, school environments “have some of the richest personal information on people, including social security numbers, birth dates, and, potentially, medical and financial information.”
How can educators protect digital assets and information in schools? Here are five strategies to increase protection.
1. Secure your devices from physical attacks
Would you believe that the second most popular password is “password?” Its popularity is only surpassed by “123456,” which has been the most common password for five years running. Suffice it to say, these passwords may be easy to remember, but they are not secure. The Texas Computer Education Association recommends these cybersecurity tips for teachers. “Frequently change your password throughout the school year, and don’t ever write it down. Always make sure to log out of your computer when you step away from your desk, and avoid letting students use your computer, especially when it’s logged into your account.”
Are you wondering how you’ll ever remember all of those passwords if you can’t keep them on a post-it “hidden” under your keyboard? Password managers help create better passwords and keep track of all of your login information to strengthen online security. Wired calls them the “vegetables of the internet.” Because “We know they’re good for us, but most of us are happier snacking on the password equivalent of junk food.” It’s time to listen to our mothers and eat our veggies!
2. Lock up your devices
Not using your beloved pet’s name for a password is a great first step to securing your school’s digital assets. But we think an even better one is keeping devices out of the wrong hands in the first place. Did you know that 41% of data breaches are due to lost and stolen mobile devices? It’s essential to protect your students and your school by securing devices with both digital security and physical security when not in use. Implementing durable, secure charging stations will protect devices and the data that’s on them. Not to mention decrease costs. As careful as educators try to be with their hardware, 10% of mobile devices break or go missing in the first year of a deployment. A centralized point of secure charging helps schools provide a repository for tablets and laptops, reducing breakage and loss. The critical oversight of not protecting your devices when not in use can create painful hassles for students, teachers and administrators alike. By using a secure device charging station, you’ll minimize per-student and per-educator device costs.
3. Keep programs up-to-date
“Updates ready to install.” We’ve all seen this message before. Unfortunately, many of us are quick to click the “remind me later” button without giving it another thought. Until, of course, it pops up again later. If you want to prevent malicious attacks by shutting the door malware uses to exploit loopholes, it’s critical to keep your software up to date. Software updates are patches that often fix security holes. Don’t be the one-in-ten users that never installs them. Enabling automatic updates will keep your devices safer without those pesky notifications because your device will automatically install critical updates when they become available. As security specialist David Longenecker writes, “If your car had a factory defect that might leave you stranded on the side of the road, and offered a free fix, you’d take them up on it, right? This is the same thing.”
4. Have an incident response plan
Just as your school has a plan in place in case of a fire, educators need a plan in place in case of a digital emergency such as a security breach. An incident response plan will prepare students and staff if a cybercrime occurs. According to the U.S. Department of Education, “Prompt response is essential for minimizing the risk of any further data loss and, therefore, plays an important role in mitigating any negative consequences of the breach, including potential harm to affected individuals.” Check the ED’s helpful Data Breach Response Checklist, which illustrates some current industry best practices in data breach response and mitigation applicable to the education community.
5. Educate staff and students
All levels of education benefit from training programs for both faculty and students on cybersecurity. Don’t assume staff members automatically understand how to handle the enormous responsibility of accessing student data. As Tech Edvocate advises, “Staff members need to know how to access information responsibly, know how to use a notification system for breaches, and should understand what to do in case of a breach.” Also, students need instruction on how to manage their digital identities. By teaching students how to manage their personal data, maintain digital privacy and identify data-collection technology used to track them online, they’ll not only be protected at school, “but for the rest of their lives.”
With LocknCharge solutions, teachers don’t have to worry about the safety of the devices as they use them to implement a blended learning model and create a 21st-century learning environment. Read how one California district protects its technology investment and keeps devices safe with over one hundred LocknCharge Carrier 40 Carts.