This blog is the last in a series about improving data security in schools.

When learning moved from the classroom to the dining room, schools scrambled to ensure students had the tools they needed. A study conducted by FutureSource Consulting found that the number of computing devices shipped to educational institutions in 2020 is expected to be 27% higher than the year before, with 18 million devices shipped, compared with 14 million in 2018 and 2019. With this comes a need to be extra vigilant about digital security threats to schools.

Remote classrooms and hybrid schooling have highlighted the need for improving internet connections in rural areas and providing internet connections to poor children. And while schools may have the latest computers, their IT infrastructure may be failing and old. This can lead to security threats to schools, students and staff.

Types of Risks to School Computers

For any group, data is its most important asset. Schools are no different. In fact, the value of data in K-12 schools may be higher because young people’s data is not monitored as closely as it is for adults.

Education is also one of the hardest-hit industries for malware attacks, according to EdTech, with “61% of nearly 7.7 million enterprise malware encounters reported” in one month coming from schools.

The threat of ransomware attacks looms large in schools, as well. A school district in Connecticut was forced to postpone its first day of school due to a ransomware attack that crippled the district’s entire system. It wasn’t the only school to be affected this way. Experts say digital security threats to schools will rise at the holidays, as well, when everyone is on break and aren’t using the school networks.

The Big Picture Matters to Security Threats to Schools

Strict budgets may limit what schools can do. Decision-makers have needs that may not include security. Many schools have applied for special grants or partnerships to acquire the number of devices they need, more so during this unusual time.

School decision-makers, who lack tech and security savvy, may think that because the school already has an IT infrastructure and the devices are new, all is well. What they don’t realize is by not improving the infrastructure, the school is at risk for a data breach or other cyber incident. That could end up costing the district millions in fines and repairs.

A few areas where schools fail at security include:

  • No one is in charge of watching out for digital security threats to schools. Many districts are already making staffing cuts for lack of a budget, so a chief information security officer may seem like a luxury.
  • Legacy systems. The new tablets and netbooks given to students may have the latest operating systems, but what about other computers used throughout the school? Older computers often have old operating systems that their brands no longer support. Also, many schools use outdated educational software suites. You may think that since you already paid for the license and the software still works, it’s easy to keep using it. But, again, these cannot be patched and, therefore, may open networks to security threats to schools.
  • The internet itself. Old buildings create dead spots for WiFi. The school may have a lot of Internet of things (IoT) devices like cameras slowing it down. Some systems are resource hogs, and not all their functions may be needed.
  • Bring Your Own Device. Students and staff are using their own devices and their own internet to connect to the school network. If the district doesn’t have a security policy, there is no oversight to ensure those devices and connections are safe.

How to Lower Risks of Cyberattacks

Awareness is the best defense against digital security threats to schools. It isn’t just security awareness training that explains the need for best practices, like multifactor authentication and giving routers a unique name and password. Leadership must also learn the importance of an updated infrastructure, why legacy systems must be replaced and how to effectively handle all their internet traffic.

Budgets are tight, and who knows what the next year will bring for in-person learning. But if children are precious to us (and they are!), schools must make a better effort to protect them during online learning.

More from Cloud Security

Autonomous security for cloud in AWS: Harnessing the power of AI for a secure future

3 min read - As the digital world evolves, businesses increasingly rely on cloud solutions to store data, run operations and manage applications. However, with this growth comes the challenge of ensuring that cloud environments remain secure and compliant with ever-changing regulations. This is where the idea of autonomous security for cloud (ASC) comes into play.Security and compliance aren't just technical buzzwords; they are crucial for businesses of all sizes. With data breaches and cyber threats on the rise, having systems that ensure your…

Risk, reward and reality: Has enterprise perception of the public cloud changed?

4 min read - Public clouds now form the bulk of enterprise IT environments. According to 2024 Statista data, 73% of enterprises use a hybrid cloud model, 14% use multiple public clouds and 10% use a single public cloud solution. Multiple and single private clouds make up the remaining 3%.With enterprises historically reticent to adopt public clouds, adoption data seems to indicate a shift in perception. Perhaps enterprise efforts have finally moved away from reducing risk to prioritizing the potential rewards of public cloud…

AI-driven compliance: The key to cloud security

3 min read - The growth of cloud computing continues unabated, but it has also created security challenges. The acceleration of cloud adoption has created greater complexity, with limited cloud technical expertise available in the market, an explosion in connected and Internet of Things (IoT) devices and a growing need for multi-cloud environments. When organizations migrate to the cloud, there is a likelihood of data security problems given that many applications are not secure by design. When these applications migrate to cloud-native systems, mistakes in configuration…

Topic updates

Get email updates and stay ahead of the latest threats to the security landscape, thought leadership and research.
Subscribe today