Smartphones, laptops, and tablets are becoming increasingly popular in schools, which poses many cybersecurity threats. For example, students can unknowingly expose themselves to scammers simply by accessing a fake network disguised as the school’s network. Hackers can pose a threat to students, teachers, and parents — emphasizing the need for proactive cybersecurity education for students, staff, and parents.
In this post, we’ll dive into a few of today’s most pressing cybersecurity threats and how a proactive educational curriculum can mitigate these threats.
Personal technology devices in the classroom
Using personal devices in the classroom has become increasingly common, which has introduced potential cybersecurity threats to a school’s network system. From our experience, students can be naive to such threats — thus allowing hackers to infiltrate these devices and access sensitive information.
Students are beginning to use personal electronic devices at an earlier age, so it’s important for schools to prevent these cybersecurity risks from happening. Establishing a strict policy and implementing online security measures will help protect against data breaches and keep the student’s digital information safe.
Phishing threats
Phishing threats are malicious links or attachments with malicious payloads masked as innocuous emails and texts to obtain sensitive information — such as social security numbers, addresses, system credentials and other key identifying information.
Many students have probably never heard of a “phishing scam,” so they cannot detect when an email is showing signs of a scam. However, if students are informed about red flags to look for, they can avoid falling for messages hackers have crafted.
Phishing scam red flags include:
- Unexpected emails
- Sender email domains with minor typos in the domain name
- Incorrect URLs that link to different destinations than what they appear to be linking to
- Personalized vs. generic messaging
- Urgent language
- Vague in detail
- Links or attachments
Oftentimes, scammers will create convincing emails with subject lines that will specifically target a student. Attention-grabbing subject lines like “Registration on hold” or “Unexpected Sign-in Attempts” may be used to trick a student into opening an email and clicking links or downloading files.
Even if nothing is clicked within the email, opening it alone can expose data points such as the users’ location, IP address, or the operating system they use. Not only will the student’s personal information be on the line, but the school’s data system can also be compromised.
That is why having a proactive cybersecurity curriculum is important: it empowers your high school students to proactively identify phishing threats and avoid interacting with these attempts at all costs.
Cyber hygiene in schools
Cyber hygiene is a set of practices an individual can execute regularly to preserve the security of their devices, networks, and data. Cyber hygiene aims to strengthen the ability to overcome a successful cyber attack. For schools, regularly maintaining strong cyber hygiene is especially important because it will consistently update their systems, minimize the risk of a cyber attack, and improve their ability to recover from a cyber attack. Similarly to personal hygiene, one can take proactive steps to protect themselves from data breaches or other security events.
A few ways schools can practice cyber hygiene include:
- Using strong and unique passwords for every site they have an account on
- Never store passwords in the browser, always store them in a password vault
- Turn on Multi-factor authentication (MFA) whenever it is available
- Only download apps that come from a trusted source
- Remove apps that you no longer use
- Regularly update operating systems (OS), apps, and software on all devices
It can be overwhelming to keep up with all of these steps toward reaching an optimal security posture. Additionally, as risks change and develop, these steps simultaneously change to adapt to new threats. Enforcing cyber hygiene requires schools to get into the habit of regularly implementing these practices and changing them as they see fit to protect their security posture.
Prioritizing PERSEC
Personal security (PERSEC) requires you to protect not only your devices and accounts but also your personal information. In our current digital age, students, like many others, oftentimes share all of their information through social media, youtube, etc. showcasing too many details about their personal lives.
In order to maintain personal security in a world that encourages oversharing on the internet, it’s important for students to consider what they include in a post or video. By being more mindful of what they share, students can protect themselves from potentially dangerous situations.
Avoid sharing too many details on the internet:
- Information about yourself or your immediate family
- Location
- Travel plans
- High value items such as electronics, currency, firearms, etc.
Sharing this information online could potentially lead to real-world criminal activity. To ensure personal security we recommend making social media accounts private, and only letting people you know follow the account.
How to mitigate threats with cybersecurity education
Schools can implement cybersecurity training programs to stay on top of the constantly changing landscape of cybersecurity risks—such as phishing threats and personal security. To maintain a safe digital environment for the school and its students, both school staff and students should be informed about common threats and how to avoid them.
Creating training programs with regularly updated material will help everyone stay ahead of emerging technology and cybersecurity tools. Additionally, schools can rely on security services to avoid data breaches. Integrating a proactive approach to cybersecurity will keep everyone’s information safe and protect the integrity of the school’s network.
About Applied Tech
Applied Tech is a leading IT and cybersecurity services provider dedicated to helping businesses protect their digital assets. Our proactive and strategic services include cloud management, security, productivity, and IT growth strategy. With a team of experienced professionals, we provide unique solutions tailored to your IT needs.
Protect your business with Applied Tech’s fully managed IT services, co-managed support, and security assistance. With IT services focused on your business goals, keep your team productive and your data secure.