Teachers work hard to create a safe learning environment for our children, and this needs to include protecting their digital information and digital learning environment as well.
A school can be a difficult place to get IT security right: you will likely need multiple levels of access with a large number of different people needing to use the same terminal in a single day.
Beyond that, there are several age groups to cater for and any downtime could have a serious knock-on effect on teachers, students and admin staff. In addition, you are storing data relating to minors, whose care you are entrusted with.
With all this in mind, here are five areas that we think you will need to focus on.
1. Every endpoint is a potential infection
Depending on the school, there could be hundreds of computers on the premises: from IT rooms for the students, to computers for administrators, and laptops for teachers.
When looking at these endpoints you have to ask: who is going to be using it? What level of access do they need? What programmes do they need? Etc.
By answering these questions and limiting access, programmes and other settings to exactly what the users’ needs and nothing more, you could potentially limit your risk.
2. All data has value
Data loss happens. Whether a USB drive is lost or stolen, a laptop is left on the train or stolen from school premises; it could mean a massive amount of bad press, complaints from parents and even possible fines.
Short of tracking the USB or laptop down before it falls into the wrong hands, there is very little that can be done reactively. However, proactively encrypting the data store on said devices makes it completely unreadable and therefore unusable by any-and-all third parties.
3. Internet filtering can create a safe environment for learning
The Internet is a brilliant learning tool. It gives children the freedom to explore an open space and discover answers and new ways of thinking for themselves.
However, with this freedom comes the risk of stumbling across content that is not age appropriate and could be potentially harmful.
Therefore, some level of filtering needs to be put in place to create a safe online environment that still gives a level of freedom to explore.
4. Device Control can stop rogue USB’s in their tracks
An old favourite of attackers targeting an organisation is to litter a car park or nearby area with infected USB sticks, hoping that a curious soul will pick one up and plug it into a device on the target organisations network.
The potential risk when applied to a school with dozens of staff and hundreds of children is obviously massive. The risk can be reduced either through network segmentation, ensuring that devices used by the students do not have access to any crucial systems; or by blocking USB storage devices on machines that shouldn’t be using them.
5. Teach your students how to spot malware
Although this one is not directly to do with your IT per se, it could make your life and the lives of your IT staff much easier.
Teaching your students what to look out for in a dodgy website, email or file could turn your biggest point of weakness into your strongest form of defence.
With new security threats emerging as cybercriminals become increasingly sophisticated, taking a proactive approach is key. To better educate yourself and your children, visit Digital Matters - a free online learning platform developed with insights from teachers and parents to transform online safety education.
Do you think your children’s School handles IT well? Let us know on Twitter @ESETUK.
Join the ESET UK LinkedIn Group and stay up to date with the blog. If you are interested in seeing where ESET has been featured in the news then check out our ‘In the news’ section.