This blog is the last in a series about improving data security in schools.

When learning moved from the classroom to the dining room, schools scrambled to ensure students had the tools they needed. A study conducted by FutureSource Consulting found that the number of computing devices shipped to educational institutions in 2020 is expected to be 27% higher than the year before, with 18 million devices shipped, compared with 14 million in 2018 and 2019. With this comes a need to be extra vigilant about digital security threats to schools.

Remote classrooms and hybrid schooling have highlighted the need for improving internet connections in rural areas and providing internet connections to poor children. And while schools may have the latest computers, their IT infrastructure may be failing and old. This can lead to security threats to schools, students and staff.

Types of Risks to School Computers

For any group, data is its most important asset. Schools are no different. In fact, the value of data in K-12 schools may be higher because young people’s data is not monitored as closely as it is for adults.

Education is also one of the hardest-hit industries for malware attacks, according to EdTech, with “61% of nearly 7.7 million enterprise malware encounters reported” in one month coming from schools.

The threat of ransomware attacks looms large in schools, as well. A school district in Connecticut was forced to postpone its first day of school due to a ransomware attack that crippled the district’s entire system. It wasn’t the only school to be affected this way. Experts say digital security threats to schools will rise at the holidays, as well, when everyone is on break and aren’t using the school networks.

The Big Picture Matters to Security Threats to Schools

Strict budgets may limit what schools can do. Decision-makers have needs that may not include security. Many schools have applied for special grants or partnerships to acquire the number of devices they need, more so during this unusual time.

School decision-makers, who lack tech and security savvy, may think that because the school already has an IT infrastructure and the devices are new, all is well. What they don’t realize is by not improving the infrastructure, the school is at risk for a data breach or other cyber incident. That could end up costing the district millions in fines and repairs.

A few areas where schools fail at security include:

  • No one is in charge of watching out for digital security threats to schools. Many districts are already making staffing cuts for lack of a budget, so a chief information security officer may seem like a luxury.
  • Legacy systems. The new tablets and netbooks given to students may have the latest operating systems, but what about other computers used throughout the school? Older computers often have old operating systems that their brands no longer support. Also, many schools use outdated educational software suites. You may think that since you already paid for the license and the software still works, it’s easy to keep using it. But, again, these cannot be patched and, therefore, may open networks to security threats to schools.
  • The internet itself. Old buildings create dead spots for WiFi. The school may have a lot of Internet of things (IoT) devices like cameras slowing it down. Some systems are resource hogs, and not all their functions may be needed.
  • Bring Your Own Device. Students and staff are using their own devices and their own internet to connect to the school network. If the district doesn’t have a security policy, there is no oversight to ensure those devices and connections are safe.

How to Lower Risks of Cyberattacks

Awareness is the best defense against digital security threats to schools. It isn’t just security awareness training that explains the need for best practices, like multifactor authentication and giving routers a unique name and password. Leadership must also learn the importance of an updated infrastructure, why legacy systems must be replaced and how to effectively handle all their internet traffic.

Budgets are tight, and who knows what the next year will bring for in-person learning. But if children are precious to us (and they are!), schools must make a better effort to protect them during online learning.

More from Cloud Security

Why security orchestration, automation and response (SOAR) is fundamental to a security platform

3 min read - Security teams today are facing increased challenges due to the remote and hybrid workforce expansion in the wake of COVID-19. Teams that were already struggling with too many tools and too much data are finding it even more difficult to collaborate and communicate as employees have moved to a virtual security operations center (SOC) model while addressing an increasing number of threats.  Disconnected teams accelerate the need for an open and connected platform approach to security . Adopting this type of…

Cloud security uncertainty: Do you know where your data is?

3 min read - How well are security leaders sleeping at night? According to a recent Gigamon report, it appears that many cyber professionals are restless and worried.In the report, 50% of IT and security leaders surveyed lack confidence in knowing where their most sensitive data is stored and how it’s secured. Meanwhile, another 56% of respondents say undiscovered blind spots being exploited is the leading concern making them restless.The report reveals the ongoing need for improved cloud and hybrid cloud security. Solutions to…

Cloud security evolution: Years of progress and challenges

7 min read - Over a decade since its advent, cloud computing continues to enable organizational agility through scalability, efficiency and resilience. As clients shift from early experiments to strategic workloads, persistent security gaps demand urgent attention even as providers expand infrastructure safeguards.The prevalence of cloud-native services has grown exponentially over the past decade, with cloud providers consistently introducing a multitude of new services at an impressive pace. Now, the contemporary cloud environment is not only larger but also more diverse. Unfortunately, that size…

Topic updates

Get email updates and stay ahead of the latest threats to the security landscape, thought leadership and research.
Subscribe today