Cybersecurity priorities for schools

It is wrong to think that only financial and government institutions are the only ones that should have a strong cybersecurity plan. Cyber attackers are under the goal of harming any institution that works with data, by taking advantage of the vulnerability of the limited security of the institution or organization. It is a fact that K-12 schools are being targeted by cybercriminals in 2022. Last month, Los Angeles Unified School District, (USA’s second largest school system, with more than 600,000 students and 1,000 schools) was the target of a cyberattack, being considered the biggest education breach in recent years. In September 2022, Michigan’s South Redford school district was attacked, resulting in closed schools for two days. It is essential that educational leaders set cybersecurity priorities for schools. 

These kinds of ransomware attackers access email, computer systems, and applications, and set deadlines to pay a specific amount of money to return the stolen data. In the Los Angeles Unified School District breach, sensitive information such as passport details, Social Security numbers, legal documents, banking account details, student’s psychological assessments, and even tax forms were posted to Vice Society’s dark web, endangering alumni and staff’s integrity. In total, LAUSD lost 500 GB of files. 

Sadly, these attacks are not isolated incidents, according to the K-12 Cybersecurity center, since 2020, there have been 408 attacks reported, leaving evident the poorly secured schools are. 

How can schools respond to cyber-attacks?

There are plenty of actions schools can take to protect themselves. According to Doug Levin, co-founder of K12 SIX, the issue does not stand alone in cyberattacks, but also in data breaches, phishing attacks, and denial-of-service attacks. Therefore, organizations should have plans to prioritize and manage cybersecurity in a more holistic way. He highlights the importance of relying on cloud-delivered software for security, which will be composed of a far better IT infrastructure via the Cloud, such as Microsoft Azure. 

Some of the best cybersecurity priorities and tactics schools should apply are: 

• Password Management Policies, available for Microsoft 365, Exchange, Intune, and Microsoft Endpoint manager
• IT Security Governance to implement architecture, standards, and policies to sustain and improve security over time
• Multi-factor Authentication (MFA) with Azure AD, you can protect any app or device and provide a solid security, as well as decrease vulnerability
• Mobile Device Management (MDM) administrate any Windows, Android, or iOS device, as well as virtual machines, physical computers, mobile devices and IoT devices with Intune 

It is imperative that educational leaders demand better cybersecurity policies and practices, to ensure the well-function of their institutions throughout the country. Team Venti provides hardening and data protection with Microsoft Cloud Security, without compromising end-user’s workflow. Book a meeting with one of our experts to discover what is the best cybersecurity solution for your educational institution.