How K-12 network administrators can ensure cybersecurity resilience.
GUEST COLUMN | by Heather Paunet
School districts around the world have spent the majority of 2020 facing an unprecedented technological challenge. As a result of the COVID-19 pandemic, educators have been pressed to expedite investments into their digital capabilities to support students with a remote learning experience.
While the education environment has already had to change to the needs of students and teachers during the pandemic, it will further need to adapt in ways we might not yet be able to predict.
‘This approach should serve not only to protect their institutions but also to provide them with a more holistic understanding of how their technology is being used and how its use may be improved.’
Leaders in education are those who create agile pathways for students and teachers to connect from any classroom, while also paving the way for security standards to support these connections. District leaders, accounting for the need to make educational systems easy to use and accessible for both students and staff, are also tasked with finding a robust and secure network solution.
Educational Institutions: A Sitting Duck for Cyberattacks?
All organizations with intensive network capabilities are continuously at risk of cyberattacks but the situation is particularly precarious for educational institutions.
Schools manage huge amounts of personal data, especially relative to their size, often hosting hundreds of students’ information alongside the data captured managing faculty, staff and vendor relationships.
Beyond this, schools can be particularly alluring to hackers as a result of the “clean” data available: K-12 students are often unlikely to have their information stored outside of their school system.
As minors, students are often less likely to participate in common financial or legal systems meaning their information is often not available in commonly breached systems. This makes schools unique targets for bad actors aiming to capture and sell or use information they could not otherwise access.
The extra value schools have to cyber criminals is already apparent: the number of cyberattacks on K-12 institutions continues to increase, year after year, with 2019 seeing over 3x the amount of attacks as the previous year, according to k12CyberSecure’s 2019 Year in Review report. These statistics can only be predicted to be much worse in 2020, as a result of continued assaults alongside the dramatic risk brought on by the pandemic.
Assessing Risk Areas
The first step educational leaders must take in preventing and combating the risk of cyberattacks is to understand where their areas of risk reside. Every location and district is different, but educators should look to known statistics as a starting point in managing their own risk.
For example, we know that schools are most likely to be affected by data breaches which in 2019 made up 60% of registered successful attacks, followed by ransomware attacks which, while less common at 20% of attacks, can be far more financially devastating and continue to increase yearly. Educators will need to carefully learn how to prioritize what’s best for their own network’s security.
To best meet those specific needs, educators must look for security solutions which are comprehensive, allowing them to pursue the customization they need while offering protection to the entirety of the network.
What To Look For When Choosing Solutions
With just over half of breach incidents tracing back to vendor failures, schools must be prepared to apply customization and data management across all aspects of network access and data storage. Here are just a few things IT administrators should consider when researching and implementing cybersecurity for K-12 institutions:
___ IT teams should seek a robust solution that provides basic, scalable security protocols while also allowing administrators to customize protocols as their network complexity grows.
___ Solutions should have advanced web filtering capabilities, access management or directory management that ensure that authorized personnel can access exactly and only the files intended for them, while also enabling a centralized management platform that can easily push network-wide updates without downtime.
___ Customization of any chosen solution should be robust but simple to implement. Network administrators should be able to, with relative ease, be able to create and assign specific parameters to a given network, e.g., creating a secure guest Wi-Fi which can serve as a barrier protecting student and faculty networks.
___ Customizable search filters for browsing the web should be available and easy to change and update. For example, access to more intense gaming websites may be relaxed by the administrator during specific times of day or for specific class groups, while younger students may be restricted to more age appropriate gaming content.
SOURCE: Heather Paunet
Schools must undergo these efforts in network security as they continue to approach digital transformation. This approach should serve not only to protect their institutions but also to provide them with a more holistic understanding of how their technology is being used and how its use may be improved.
By pairing comprehensive security with detailed and communicative customization, K-12 institutions can be both more secure and better prepared to take advantage of their technological capabilities.
Heather Paunet is senior VP of product and marketing at Untangle, responsible for building the right products for customers, taking into account customer needs and market trends. She has over 15 years’ experience driving the development and go-to-market of software solutions. She previously held product leadership roles at Cisco Systems, and was VP of Product at various high-tech security and networking companies in the Silicon Valley. She has a B.S. in Computer Engineering and spent the first few years of her career as a software engineer. Connect with her on LinkedIn.