Be proactive with protection: ensuring online security for young people and schools
Safer Internet Day is an ideal opportunity to reflect on how we safeguard children and schools from the growing numbers – and types – of security threats.
It’s a cliché, but it’s true; the internet really has opened up the world to most of us. From global world affairs to local news, you’ll find it online. Today’s communication tools, study methods, and TV and film consumption bear little resemblance to previous digital experiences. Today, we can communicate with anyone at any time, quicker than we could ever have imagined before, and across a variety of platforms. This digital evolution accelerates:
• Communication with family and friends
• Access to school and other educational portals containing everything pupils need to help them with their studies
• Collaborative online learning
• Online gaming with fellow enthusiasts
• Effortless streaming of music and video content.
Smaller world, more choices, bigger risk
I’ve mentioned before that today’s pupils have grown up online and tend to rapidly embrace new platforms. Yet whether at home on their laptops, at school on PCs or out and about with their phones, making the world more readily available to our children also means they are more readily accessible to the rest of the world. And despite all the benefits this brings, it also makes them highly susceptible to cybercrime, online bullying, and harmful online materials – and people. It is therefore essential that users and their online identities be protected, with the onus on students to be vigilant, and resilient policy is in place.
Unfortunately, schools are increasingly vulnerable to online threats, with cyberattacks being one of the biggest risks they face. Research suggests that schools are the third most breached of all sectors, and that up to a fifth of schools and colleges have experienced a cyber-attack, with 71% victims of ransomware, malware or phishing.
There are many reasons why schools are targeted. The vast amounts of sensitive data they hold for example – including pupils’ personal details – represent a valuable commodity that can be sold for fraudulent purposes. And online learning, email, BYOD, more roaming users and distributed networks have expanded the threat surface, making them more and more susceptible to attacks.
Not only could a breach damage a school’s reputation; it could also put children and staff at risk. And from online streaming of school CCTV imagery, to the data of millions of users registered with a learning portal sold on the dark web, safeguarding people, networks, systems, devices and data is a huge undertaking. Whether state or private sector, most schools are also continually challenged by budgetary constraints and staff/skills shortages, which can exacerbate the issue.
So how can we ensure young people and their learning environments are protected from existing and new threats, while maintaining a free and open network that allows young, adventurous minds to learn, collaborate, and understand their world?
Be pro-active with protection
There are many relatively small steps any organisation can take to get started, such as developing a robust security policy that is shared with both staff and pupils. Children must also learn how to protect themselves, by not posting any personal information online and understanding that people online aren’t always who or what they claim.
Securing a school or organisation requires a holistic approach – effective security is not just about technology, it’s about people, processes, and technology working together to achieve an effective security posture:
• People – ongoing relevant education for students and staff on the importance of good cyber security practice is essential to avoid social engineering attacks and reduce the likelihood of clicking on malicious links and circulating personal data or credentials.
• Process – maintaining best practice to ensure devices are patched and security policies are updated and tested at regular intervals.
• Technology – using tools that provide visibility and protection across the entire network (LAN, students, Cloud, VM and mobile) and can share threat intelligence in real time.
Safer Internet Day offers a valuable reminder of the importance safeguarding young people, behaving responsibly and staying safe online, but it’s something we must be mindful of all year round. Ultimately, it’s about seeing a threat once and protecting everywhere.