When it comes to cybersecurity, many school districts are woefully behind the times, often relying on web content filters older than their students to protect against cyber attacks. The thing is, cyber threats have evolved rapidly and the old tools just don’t cut it anymore.
School districts typically operate on shoestring budgets, a reality that affects how much they can spend on cybersecurity. That means many haven’t been able to keep up with the increasing sophistication of cyber threats.
And that makes them a prime target for hackers. Earlier this year, a district in South Carolina had to pay $10,000 to regain access to its data after a ransomware attack. An attack at a Mississippi school district forced it to shut down all its servers, disrupting operations for weeks. In 2014, the private information of 10,000 employees at Prince George’s County, MD, public schools was compromised in an attack.
Sadly, that’s just a small sample of a growing list of cyber misdeeds. Cybercriminals that attack school networks have no shortage of motives. While ransomware is strictly a profit-making endeavor, perpetrators also can be students trying to change grades, stop testing or embarrass classmates and teachers. And of course, there are the disgruntled former employees seeking revenge.
Failing to properly secure school networks can have consequences. Schools need the right tools and protocols in place to comply with regulations.
Those regulations include CIPA (Children’s Internet Protection Act), which deals with children’s access to obscene or harmful content, they must also contend with other regulations, and FERPA (Family Educational Rights and Privacy Act). The latter governs the collection, storage and dissemination of student data such as academic evaluations, grades, social security numbers, attendance records and medical information. FERPA violations can lead to a loss of federal funding for a school district.
Now, it would take an outright refusal to comply with FERPA for the Department of Education to cut funding, but the threat is there. And if Congress approves a proposed amendment to restrict funding to schools lacking sufficient security policies and procedures, non-compliance will become a more serious issue.
To achieve compliance and a strong security posture, school districts need to invest in security solutions designed for today’s cyber threats. A centralized monitoring solution that provides visibility across the network is an absolute necessity.
Schools need the same level of protection as the enterprise. And that means deploying tools that protect devices on and off campus, manage resource access, monitor systems for possible intrusions and malware incursions, and facilitate the enforcement of security policies.
Getting that level of protection in the past cost big bucks, but affordable cloud-based solutions offering comprehensive security are available today. The need for these tools will only continue to grow as cyber threats grow in intensity and sophistication. Fighting the threats simply can’t be done with tools that were already in place before some students were born.
Read more about securing student data against threats