As we prepare to return to school this fall, educational institutions, from local school districts to universities, are woefully lacking in cybersecurity. This gap makes the sector ripe for hackers looking to steal data, block systems, and cause havoc.
In recent years, bad actors have targeted districts and universities in America, Europe, and Asia. In 2020, the University of California, San Francisco was forced to pay a $1.14 million ransom after the medical school was shut down, as the school was transitioning to an online learning platform due to the pandemic.
Remember, educational institutions don’t just hold learning data. They also hold the personal address, phone and financial data of students, parents, and staff along with other sensitive data. In fact, the sector is a repository for incredibly valuable data – and woefully unprepared and vulnerable.
Cybersecurity 101: The Basics
Ransomware and other cyberattacks are on the rise. Unfortunately, 84% of sector leaders don’t believe they are at high risk. When it comes to cybersecurity in the education sector, many institutions are starting from scratch.
Security for data and IT infrastructure starts by locking down and controlling access. Here are three basics of access and identity security to start:
- Protect Key Assets – Start by protecting sensitive assets like network servers and student data – these should require elevated permissions and traceability to access. Implement Privileged Access Management (PAM) to secure connections, enforce password security and mitigate risks.
- Defend Against Malware and Ransomware – There are plenty of crypto viruses and malware targeting education institutions. Add an additional layer of endpoint privilege management to defend IT infrastructure and workstations against attacks that leverage privilege escalation to run processes, encrypt data, and execute programs.
- Centralize Governance of User Identities – To simplify the user experience in a growing number of platforms and logins, identity federation, single sign-on (SSO), and multi-factor authentication organize identities, the platforms they access, and the passwords they use to make secure access simpler.
These building blocks are the foundation of a robust security solution. If you’re ready to take the next step, give us a call and let us help you secure your data and network in the new school year.
Applied Computer Technologies (ACT) is a full-service IT provider, specializing in Reinsurance and Finance. Services include Cloud Services, IT Services and Support, Microsoft 365 and Azure Services, Business Continuity, Telephony and Virtual CIO Services. ACT has locations in Bermuda, Cayman Islands and Canada, with customers worldwide.
For the latest industry trends and technology insights visit ACT’s main Blog page.