As a holder of valuable and sensitive personal information, your school is an ever-present target for hackers and cybercrime. As technology has advanced, so too have the AI and machine learning tools that cyber criminals leverage to advance the sophistication and reach of their attack vectors.
As we charter towards a new year in the hope it brings better fortunes for us all, it’s important to take this time to reflect, explore and learn new and better ways to protect the future of your school.
To maintain a strong foothold on your sensitive information and continue delivering key learning outcomes and experiences, you need to continually grow your level of cybersecurity maturity through strategy, education and awareness, and technology selection.
But what are you protecting against?
In many ways, the threat landscape is a very fluid and ever-changing world of deceit. Hackers, criminal organisations, and state-based actors are working every day to infiltrate your critical systems and obtain information they can use for personal and financial gain. They vary in orientation and purpose, but some of the more common threat vectors that you must be aware of moving into 2021 are:
- Denial of Service – those seeking to disrupt your ability to operate will deliberately flood or overload a server or critical system with requests to the where it has no other option but to shut down, unable to be accessed until the attackers have gotten what they want.
- Phishing – a type of scamming, phishing is social engineering designed to play on people’s perceived trust for reputable brand names and organisations. A false email is sent under the guise of a legitimate source. The email asks for sensitive information such as login details, passwords, identification numbers and security codes. Once the details are entered, they’re harvested and then used to further compromise the user’s personal situation.
- Malware – an abbreviation for ‘malicious software’, malware variants carry various viruses and other threat vectors designed to damage or disable computers and systems. They leverage websites, emails, office documents and other files to infiltrate said systems.
- Ransomware – typically a particular piece of malware that can enter your system through any number of ways, including in a phishing scam, that is designed to take control of a certain data set or computer system. That particular set or system is then held ransom until the user or owner pays a ransom fee to regain access, typically via some form of digital currency like Bitcoin.
Now it’s all well and good to know and understand the nature and specifics of the threat landscape, but with a school community potentially sprawling thousands of users, how do you go about mitigating them?
Endpoints are your first line of defence
Your school’s devices are critical tools in your quest to become more cybersecurity mature. You can have the best networking security solution and firewall, but if your endpoint device security protocols aren’t up to scratch, the firewall investment is essentially null in void.
HP devices powered by Intel® are engineered with hardened security features to protect, detect, and recover from cyberattacks before they become a headline for your school.
- HP Privacy Camera – this tool keeps your students and teachers safe from prying eyes with a physical shutter to protect users from potentially malicious surveillance.
- HP Secure Erase – Safely and effectively erase sensitive data from solid state and hard drives at the end of a device’s life.
- HP BIOSphere Gen5 – Industry leading firmware ecosystem provides enhanced firmware protection to help you guard against malicious attacks.
- HP Sure Click – Protects your PC from websites and read-only documents and PDF attachments by trapping malware in an isolated virtual machine.
- HP Client Security Gen5 – A multi-layered, hassle-free, enterprise-level Windows application built into the hardware of your device.
- HP Sure Sense – AI and machine learning technology embedded in your computers OS to quickly identify and remediate zero-day threats.
But they’re not your only line of defence. As important as it is to have the right hardware and solutions in place, they only take you so far. If you want to be truly cyber aware and resilient, and continue to grow your cybersecurity maturity, cybersecurity must be a school-wide attitude.
Make cybersecurity maturity a school-wide endeavour
Like they say in the professional world, great culture starts at the top and filters down through the chain of command. This also speaks true to your school’s approach to cybersecurity. The more buy-in that you get from the community, the better equipped you are to maintain a secure network. When we talk about a school-wide attitude, there’s a host of things you can do to improve the cybersecurity awareness of your students and staff.
- Educate your staff and students on the do’s and don’ts of internet usage, password management and two-factor authentication.
- Encourage staff and students to immediately raise the alarm if they believe they may have been compromised.
- Regularly educate staff and students on how to identify potential phishing, ransomware and malware threats including the tell-tale signs. As a rule of thumb, never enter details into an email or message that asks for them.
- Gamify cybersecurity. Once a month you could offer a prize for the person that correctly raised the alarm or identified the most potential threats.
- Practice what you preach.
Managing your cybersecurity strategy is a mammoth task, and often there’s just not enough hours in the day. If you’re looking for some guidance, have a specific question or challenge that needs meeting, or would just like to speak with an education expert, then give us a call.
The New Era Technology team can evaluate your current ICT security needs and help you select HP devices powered by Intel® that support your security goals. We also have a full range of support agreements proven in the education sector to help you remain secure.
The Intel logo is a trademark of Intel Corporation or its subsidiaries.