Keep Students and Employees Safe at School with Cyber Security
There’s valuable data in schools. That’s why education is one of the top targets for hackers, with schools experiencing even more attacks than retailers. In fact, the number of breaches in the education sector grew substantially in 2017, and there’s no reason to think there’ll be fewer attacks this year.
More Risks, More Exposure, More Costs
With the increase in attacks comes an increase in actual breaches and an increase in the amount of data exposed. Attacks on K-12 school systems have exposed the personal data of thousands of students. Higher education has also been a target, with attacks resulting in data losses measured in terabytes.
Responding to these breaches can be a significant cost for financially strapped schools. A Ponemon Institute study estimates the cost of a breach to be more than $200 per record. Those costs can be higher or lower depending on factors including the size of the breach and whether there are any lawsuits as a result of the incident.
Just like businesses, educational facilities have intellectual property and employee data to protect. There aren’t customers, but schools need to protect the data of their students and the students’ parents. Most breaches at educational institutions target personal data, not the intellectual property.
Challenges to Protecting Data in Education
Protecting intellectual property can be difficult because the exchange of information is one of the core functions of the education industry.
Protecting student and employee data is challenging because some of the end users, i.e. students and parents, are likely to have limited knowledge of technology and little understanding of the importance of safe computing practices.
The distributed nature of data is also a challenge. Each individual school may have its own systems on site as well as feed into centralized district-wide systems. Attempting to apply a single set of security measures across these diverse sites can be met with resistance from local staff. The applications often need to be accessed remotely, by parents and students using their own phones and other devices.
Reducing the Risks of Data Breaches in Education
There are many steps educational institutions can take to reduce the risk of data breaches. Given your expertise, educating students, parents, and employees about the need for cybersecurity is a natural first step. Have a “bring your own device” policy that extends to students’ devices as well as employees’ devices.
When possible, use software as a service rather than locally installed software, to get the benefits of the vendors’ own information security controls. Due diligence is required, however, to validate the security of any cloud-based service you use. Implement effective identity and access management tools that let you centralize management of user accounts and privileges as well as track usage.
Prescient Solutions offers a full range of information technology services for schools, including information security, system management, and backup and disaster recovery. A shared services model makes top tier IT affordable for every district. Contact us to learn more about protecting your data, students, and employees.