Improving Cybersecurity Starts at the Endpoints

Careful monitoring and attention to endpoints are just two elements of a strong cybersecurity strategy for K-12 districts. Cybersecurity must be a top priority for K-12 schools. Schools need to prioritize thwarting industrious hackers who are intent on getting to the treasure trove of information and personally identifiable information (PII) schools manage. Just ask the staff of the Olympia School District in Washington, whose addresses, social security numbers, and salaries were exposed by a large-scale data breach. Yet despite the immense target schools present, it’s been difficult for educational institutions to make cybersecurity improvements. A 2018 SecurityScorecard report found, out of 17 major industries, the education sector ranked last in terms of cybersecurity performance. It performed poorly in several areas, including patching cadence, application security, and endpoint security. Endpoints can be difficult to manage, in large part due to the sheer number of devices being used on school networks. It all amounts to potentially thousands of unsecured endpoints a school IT administrator must monitor throughout the day and evening. Let’s look at some strategies administrators can employ to take control and protect these endpoints.

Establish Rigorous Access Control Policies

Administrators should restrict access to those who need it. When a student graduates or leaves the school, their network privileges should be revoked. The same goes for staff. If those access points aren’t closely regulated, the school runs the risk of a user’s credentials falling into the wrong hands, providing bad actors with a potential foothold into the school’s network.

Monitor User Behaviors

Bad actors can be discovered through close monitoring of user behaviors. This involves monitoring for anomalies in the ways a user typically accesses a school’s network. Administrators can set up a baseline of “normal” behavioral patterns for each user. Security systems can then look for breaks in those patterns indicative of suspicious behavior.

Take a Sophisticated Approach to Endpoint Monitoring

Phishing, ransomware, and other tactics are increasingly prevalent. Administrators must implement sophisticated endpoint detection to alert them to potential threats as they attempt to access the network. This must be scalable enough to monitor all the endpoint devices using a school’s network, and alerts should be provided in real-time to allow administrators to quickly respond. Automated responses can help administrators take things a step further. Even a slight violation of policies should immediately trigger an automatic action to contain and neutralize any potential damage. Then, administrators can jump in, assess the impact, and take steps accordingly.

Create a Staffing Structure in Support of Good Cybersecurity

Despite all these best efforts, a breach will probably someday occur. In this case, it’s important to have the right people in place to address the problem. Hackers have discovered schools of all grade levels can provide a wealth of PII and valuable data. As such, the cybersecurity threat won’t be going away anytime soon. Instituting the strategies outlined above can help them improve their cybersecurity postures and protect their students, staff, and networks. Find the full article on eSchool News.