Education institutions, like other organisations, are becoming increasingly reliant on technology and they are well aware of the risks that technology brings.
One need only look back to 2016 when a hacker defaced the website of the University of Limpopo to realise that education institutions can be a soft target for hackers.
“In Aon’s 2018 global risk management survey, cyber risk was ranked as the #1 risk facing educational institutions and is likely to remain so for the foreseeable future,” says Kerry Curtin, Cyber Risk expert at Aon South Africa.
“The need to strengthen institutional resiliency against potential damage, compromising hacks and downtime is crucial,” Curtin adds.
Much like companies, schools, universities and education institutions should be employing best practice when it comes to cybersecurity.
Aon recommends education institutions make the following security considerations as they increase their reliance on technology.
Safeguard devices owned by the institution
The firm says that all desktops, laptops and smart devices should, at the very least, have endpoint protection in the form of an anti-virus program, adware and malware protection.
This is vital especially in the context of a school where learners may not be aware of phishing techniques used by cybercriminals.
“A further aspect to consider is remote filtering technology, especially in instances where devices are used outside the institution’s network, such as laptops that staff members take home. It will channel the device to connect to the internet through a web security gateway that can remotely block harmful sites,” says Aon.
That having been said, being at a school presents an opportunity for learners to be taught best practice regarding cybersecurity.
Establish a BYOD policy
Unlike a corporate institution where an employer can dictate what handset an employee uses, it’s not as easy at a school or university where users often bring their own devices.
For this reason its recommended that education institutions segment their network so that sensitive data is separated from the nasties that could be lurking on a learner’s laptop.
MFA should be a standard
Multi-factor authentication (MFA) is a more robust approach to password security than assigning a singular passwords.
At institutions that require students access an online portal, MFA should be a requirement.
This, according to Aon, should ask an individual to prove who they are in two of these three ways:
- Present something they know such as a password
- Present something they have such as a physical authenticator
- Present biometrics of some form
These are just three considerations to make when tightening up security at a school.
As many cybersecurity experts will attest to, cybercrime can affect anybody at anytime and with schools safeguarding not only learners but their data as well, it’s best that schools consider how they will secure that data before charging head first into smart functionality.[Image – CC 0 Pixabay]