For as long as this pandemic continues and the remote and hybrid learning models remain in place, heightened cyber security awareness needs to be as a much a part of teaching as the lesson plan.
As school districts across the region are now seeing their students return to some form of classroom learning following the summer break, many are using some form of hybrid model made up of in-person learning and virtual classrooms. This means online learning will still be prevalent for the foreseeable future, and that means schools will have to remain particularly vigilant to cyber security, and to protecting teachers and students from those who seek to cause harm.
The unfortunate reality is schools remain a major target for cyber attacks. According to Microsoft Security Intelligence, of the nearly 7.7 million enterprise malware encounters reported in the past month alone, 61% of them came from those in the education sector, making it the most affected industry. The reason is simple—with more teachers and students online and working from less-controlled environments outside of the physical confines of a secure school, the opportunities for cyber attacks have greatly increased.
The good news? Teachers, administrators and IT personnel are aware of this, and it remains the number one priority among school technology leaders, according to a survey conducted by the Consortium for School Networking (CoSN).
So the challenge is clear—as online learning resumes once again, teachers, students and administrators need to be as vigilant as ever in being aware of potential cyber attacks and taking steps to prevent them.
Prior to the COVID-19 pandemic, which upended pretty much every aspect of our daily lives, school IT personnel did a very good job of protecting students and teachers from outside cyber incidents because everything was contained and controlled within the school. Having everything in one concentrated area makes a cyber security attack surface somewhat easier.
That has all changed now—not only are we dealing with schools that need protecting from cyber criminals, but the individual households of teachers and students as well. Think about it—rather than having one physical building that needs protection, they now have hundreds per school, sometimes thousands in need of cyber defense. Phishing scams have increased at alarming rates, because teachers are less certain in determining where requests come from—actual IT support personnel or hackers. It’s as if thousands of “mini-schools” have now been created in each city or town, and that is exactly how it should be treated.
So how can we deal with this daunting new landscape? It is all about protecting information. Teachers, whenever possible, should be working on school-issued protected devices, rather than potentially unsecured personal devices. Back when everything was in the classroom, the need for complex passwords was certainly recommended but not always implemented.
Clearly, things have intensified, and everyone should lengthen their passwords to a minimum of 10-12 characters and implement Multi-Factor Authentication (MFA). Let me repeat, Multi-Factor Authentication—this technology helps to enhance security 100-fold….make sure to implement and use it.
And then there is the idea of educating the educators—all teachers doing remote learning with students need to be properly trained on good cyber hygiene practices, including creating strong passwords, knowing how to identify phishing attacks, and having clear protocols in place on who to call right away in the event such an attack is suspected.
The truth is cyber attacks don’t usually happen because systems fail, but because people (teachers or those working with students) either fail to adhere to secure protocols or inadvertently act in a way that opens the system up to attack. For as long as this pandemic continues and the remote and hybrid learning models remain in place, heightened cyber security awareness needs to be as a much a part of teaching as the lesson plan. It is the best way of ensuring students and school systems will be protected.