IT Security in Education: An overview

by Mark Lomas

Security expert at Icomm Technologies

The topic of cyber security is increasingly at the top of the agenda for schools, especially with the number of ransomware and other cyber attacks on the rise. According to research from McAfee, ransomware attacks – in which sensitive data is hacked and held hostage by cyber criminals in return for financial payments – have risen more than ten-fold in the last two and a half years.

It used to be that the main concern for schools was simply bedroom-bound hackers testing the limits, carrying out digital attacks simply because they could. Although this raised plenty of threats, in most cases damage would be limited, and attacks from viruses, whilst troublesome, were limited to causing computers to become unreliable or slow.
Nowadays, as educational institutions continue to adopt tools to monitor the behaviour and performance of students, the data held by schools is also becoming increasingly detailed and, therefore, attractive to unscrupulous hackers. And their hacking methods are increasingly sophisticated, having evolved their techniques from the more traditional routes such as malware, worms or viruses, for which IT defences are designed for. ​

In addition, it’s easy for schools to slip in to a ‘fit and forget’ culture whereby security defences – including anti-virus software, software patches and firewalls – are installed but neglected soon after. This includes the need to make regular checks and ensure that software remains up-to-date. By sidestepping this, schools are finding themselves with a number of legacy processes that are simply not sufficient to protect against modern threats.

​The scale of the problem

Ransomware

​Ransomware spreads like a virus, searching for data in the files on your machine and encrypting them; this essentially ‘locks’ them so that you are unable to gain access. And if your computer is part of a network, it will find and encrypt data across your networks and servers. You’ll then be asked to pay a ‘ransom’ to be given the decryption key to unlock your files, often with the additional threat of exposing any personal data to leverage payment.
With this type of attack on the increase, anti-virus software has evolved to include activity monitoring that can protect server data by looking for ‘virus like’ activity on the network and shutting it down. ​

Email security
Phishing is the fraudulent practice of sending emails purporting to be from a reputable source in order to encourage individuals to reveal personal information such as passwords or credit card numbers, or even convince people in charge of funds to move money to a fraudulent account. They rely on users to complete the attack, which is why the solution is not just a good spam filter that’s regularly updated, but also user training to help your users spot potential threats.

Web security and application control
There are several safeguarding guidelines including the KCSiE statutory guidance and Prevent Duty Guidance which have established web monitoring and filtering as mandatory digital safeguarding requirements in schools.
There are a number of things to consider including not just which websites can be accessed, and what sort of content can be downloaded. Categorising websites can make filtering content easier in this situation.

Over 40% of web traffic now encrypted including basic websites like Google. This means that you need a more powerful firewall to scan this traffic to prevent threats getting through.
However, it’s not just websites that are accessed via the internet. Internet enable applications needs to be considered and controlled also, and any malicious software that may have found its way on to your system needs to be prevented from accessing the web.

The final element in web security and access control is having access to good reporting. Knowing what is being accessed online and when, and the ability to monitor activity in real time as well as historic data makes it easier to achieve your statutory requirements and also gain insights that can help you refine your filtering process.

With this type of attack on the increase, anti-virus software has evolved to include activity monitoring that can protect server data by looking for ‘virus like’ activity on the network

Next steps
​
Having the right technology and keeping it up-to-date, alongside user training, is the key to mitigating cyber security risks. This includes a good firewall, a cloud filtering solution or a combination of both. Make certain that PCs have a strong security configuration and prevent the installation of unauthorised software. A regular audit of your systems is recommended to ensure that they are still fit for purpose.

Having the right technology and keeping it

If you’d like to know more about cyber security, then check out my video series on topics such as email security and ransomware.

And to understand where your security vulnerabilities lie, register for a free* cyber security assessment with a qualified ACE practitioner from Icomm, who will work with you to identify and analyse security issues, and give you guidance on any improvements that are needed to make your network more secure. Register here or call 0121 248 7931.

Mark Lomas is an IT consultant with Icomm Technologies ; a leading provider of managed IT services, pro-active IT support and solutions. With nearly twenty years’ experience, Mark is an accredited NetApp, VMware, Microsoft and Symantec professional, specialising in SAN storage and virtualisation. Working across a variety of areas of systems infrastructure, Mark provides award-winning cloud and managed IT services to large organisations and SMEs alike, helping them save time and money.

*Terms and conditions apply. Qualification phone call required. You will receive up to 4 hours’ consultancy from a qualified ACE practitioner.