Protecting your School network

ICT
Posted  15th April 2021
Posted by  Zsolt Merenyi

Cyber Criminals

Isn’t it sad that we are living in an age where cyber criminals have become part of our everyday life. We receive spoofed emails and text messages, we get ”Potential Fraud” alerts on our phone. It is evident that one of our most valuable assets is our data.

Even more sad is that hackers have moved on to target not only banks but medical institutions and now schools. They are able to bring down complete areas of services. I am sure everyone remembers when the NHS was brought to a standstill for several days.

The technology that hackers adopt, the techniques they use and the tactics they deploy are forever evolving. The fact is that they will always be ahead, finding new ways to penetrate the defences we put in place. As a result security measures, processes and practices need to evolve. It is like a game of cat and mouse.

This blog offers some thoughts and advice as to what schools can be doing to try and mitigate these threats.

Backups

First and foremost, we need to have backups. Our most important task is to make sure our data is safe.

The most widely accepted strategy is the 3-2-1 backup rule.

  • We should have at least 3 copies of data (your production data and 2 backup copies)
  • On two different types of storage media (external hardrives / network share / cloud)
  • Store 1 copy offsite. (offsite backup to another site through VPN / cloud platforms)

    If hackers are able to get an administrator password, will they also be able to access your backups? If the answer is yes, you are not protected.

    SBS encourages schools to use online cloud storage platforms where daily backups are uploaded overnight, the transfer to the storage platform is fully encrypted, and data can be restored from the previous day. Even if hackers manage to gain access to the backup application on your servers, they won’t be able wipe or decrypt your cloud backup.

    Ensure that your cloud storage service providers complies with certain ISO standards including, but not limited to high-availability, geo-redundant storage, data retention, encryption, so you can rest assured your data in safe hands.

    Multi-factor authentication and strong passwords

    Consider applying an addtional layer of security by setting up mobile phones as trusted devices and approve logins to Microsoft 365 or Gsuite accounts. This can work by either receiving a text verification code or simply approving login attempts within the Authenticatior mobile app.

    This method radically reduces the risk of brute force attacks, we can also get instant alerts if we have been targeted, so we can take the necessary steps to stop hackers getting into our accounts.

    If setting up the multi-factor authentication is not desirable nor possible, it is advised to use strong passwords. Use minimum 8 character long words with upper and lower case letters or special characters, something that you can’t find in a dictionary!

    Antivirus/Malware/Ransomware Protection

    Enterprise level antivirus solutions are now all cloud based with built-in artifical intelligence and they are able to identify and stop malwares, ransomwares and viruses, even unknown threats (Zero-day threats). It is a standard nowadays to adopt this as our first line of defence. With their dashboards we can see what is happening in our school, it gives us an overview of the identified threats and provides high-risk alerts.

    Training users

    They say, users are the weakest link in terms of computer security.

    It is crucial that staff recognise threats. Staff training can form part of a standard annual CPD requirements across the workforce. This way as threats evolve, so does staff knowledge. There are a plethora of online tutorials available.

    Spoofed emails and phone calls, infected attachments, memory sticks, passwords on stickers around the monitors are all risks that we need to take into account. It is important to keep users up-to-date about new trends and put new security protocols in place.

    Benefits of using Online platforms

    Many schools have now migrated to either Microsoft 365 or Gsuite. Using Online platforms not only makes our lives easier because it allows for flexible working, but we can manage users, applications, and devices centrally. These platforms also provide tools for monitoring and mitigating risks.

    Online platforms have their own recommendations for improving security – it’s worth going through their checklists. Following their instructions it is also possible to:

    • create anti-malware, anti-phishing policies
    • block emails from an email domain or only from specified users.
    • classify our data as sensitive and use data loss prevention (DLP) to prevent unauthenticated sharing of sensitive content. Data loss prevention can take action based on a file's sensitivity label, retention label, or sensitive information in the file itself

      Keep your devices and applications up-to-date

      Microsoft releases a new version of Windows 10 semi annually with smaller operating system and product updates monthly. Apple iOS / Mac updates are less regimented.

      Deploying these updates can be a very overwhelming task if we don’t use some sort of patch management solution. Windows Server Update Services (WSUS) or Meraki MDM are well-tried tools we use every day in schools.

      Checking backups, resolving antivirus alerts, and making sure all devices and applications are up-to-date should form part of a regular IT checklist in schools.


      Get in touch today

      Please contact the ICT Service Desk on 0345 222 1551 • Option 1 or email ICTservicedesk@schoolbusinessservices.co.uk