In The News | Rural Schools Cybersecurity

This article was originally published in The Learning Counsel on 04.29.24 by Charlie Sander, CEO at ManagedMethods.

Many schools around the country are faced with the issues of outdated systems and a lack of expertise in crucial areas, leaving them vulnerable to cyber-attacks. This is doubly the case in rural areas where resources can be limited. Additionally, poor Internet connectivity can hinder the implementation of cybersecurity infrastructure to protect staff and students’ personal data.

Statistics and recent incidents paint this picture very clearly. In August last year, in a survey of education industry IT professionals around the world, 80 percent reported they had been the victims of some kind of ransomware attack in 2022. It is now a well-established fact that K-12 schools represent the most-targeted industry.

In September last year, a ransomware attack released tons of sensitive information from a school district in Clark County, Nevada. Additionally, earlier in 2023, a group of hackers hacked the Minneapolis Public Schools system, leaking sexual assault cases and other sensitive online files when the board refused to pay the $1 million ransom that they were asking for.

These are among the biggest districts in the country. With the resources available to them, if they’re vulnerable to these kinds of attacks, what can be done to help schools that are particularly vulnerable in rural communities around the country? Let’s examine the proactive approach to take for these schools and measures that can be introduced to protect their cybersecurity infrastructure.

Crucial Initial Security Steps

Smaller schools need to conduct regular audits and risk assessments to identify vulnerabilities in their IT infrastructures. This helps to prioritize necessary security upgrades and allocate resources efficiently. Only by understanding their weaknesses fully can schools develop targeted strategies that strengthen their cybersecurity defenses.

One of the most important steps involves implementing multi-factor authentication (MFA) which adds an extra layer of security by requiring passwords, biometrics, or security tokens. It significantly reduces the risk of unauthorized access to university systems and ensures that only authorized individuals can access sensitive information.

Next, staff and students need to be educated about cybersecurity best practices through ongoing awareness programs and training sessions. This ensures that they are the first line of defense against potential cyberattacks by understanding phishing attacks, password security, and safe online behavior. Schools should consider delivering training sessions that are genuinely engaging and involve a variety of methods such as workshops and online modules. If students and staff are just given a pamphlet to read with a few notes in it, they will never take any information in. Schools can consider offering small incentives and seeking feedback on how the training is going…

Read More >>