This blog is the last in a series about improving data security in schools.

When learning moved from the classroom to the dining room, schools scrambled to ensure students had the tools they needed. A study conducted by FutureSource Consulting found that the number of computing devices shipped to educational institutions in 2020 is expected to be 27% higher than the year before, with 18 million devices shipped, compared with 14 million in 2018 and 2019. With this comes a need to be extra vigilant about digital security threats to schools.

Remote classrooms and hybrid schooling have highlighted the need for improving internet connections in rural areas and providing internet connections to poor children. And while schools may have the latest computers, their IT infrastructure may be failing and old. This can lead to security threats to schools, students and staff.

Types of Risks to School Computers

For any group, data is its most important asset. Schools are no different. In fact, the value of data in K-12 schools may be higher because young people’s data is not monitored as closely as it is for adults.

Education is also one of the hardest-hit industries for malware attacks, according to EdTech, with “61% of nearly 7.7 million enterprise malware encounters reported” in one month coming from schools.

The threat of ransomware attacks looms large in schools, as well. A school district in Connecticut was forced to postpone its first day of school due to a ransomware attack that crippled the district’s entire system. It wasn’t the only school to be affected this way. Experts say digital security threats to schools will rise at the holidays, as well, when everyone is on break and aren’t using the school networks.

The Big Picture Matters to Security Threats to Schools

Strict budgets may limit what schools can do. Decision-makers have needs that may not include security. Many schools have applied for special grants or partnerships to acquire the number of devices they need, more so during this unusual time.

School decision-makers, who lack tech and security savvy, may think that because the school already has an IT infrastructure and the devices are new, all is well. What they don’t realize is by not improving the infrastructure, the school is at risk for a data breach or other cyber incident. That could end up costing the district millions in fines and repairs.

A few areas where schools fail at security include:

  • No one is in charge of watching out for digital security threats to schools. Many districts are already making staffing cuts for lack of a budget, so a chief information security officer may seem like a luxury.
  • Legacy systems. The new tablets and netbooks given to students may have the latest operating systems, but what about other computers used throughout the school? Older computers often have old operating systems that their brands no longer support. Also, many schools use outdated educational software suites. You may think that since you already paid for the license and the software still works, it’s easy to keep using it. But, again, these cannot be patched and, therefore, may open networks to security threats to schools.
  • The internet itself. Old buildings create dead spots for WiFi. The school may have a lot of Internet of things (IoT) devices like cameras slowing it down. Some systems are resource hogs, and not all their functions may be needed.
  • Bring Your Own Device. Students and staff are using their own devices and their own internet to connect to the school network. If the district doesn’t have a security policy, there is no oversight to ensure those devices and connections are safe.

How to Lower Risks of Cyberattacks

Awareness is the best defense against digital security threats to schools. It isn’t just security awareness training that explains the need for best practices, like multifactor authentication and giving routers a unique name and password. Leadership must also learn the importance of an updated infrastructure, why legacy systems must be replaced and how to effectively handle all their internet traffic.

Budgets are tight, and who knows what the next year will bring for in-person learning. But if children are precious to us (and they are!), schools must make a better effort to protect them during online learning.

More from Cloud Security

Cloud security evolution: Years of progress and challenges

7 min read - Over a decade since its advent, cloud computing continues to enable organizational agility through scalability, efficiency and resilience. As clients shift from early experiments to strategic workloads, persistent security gaps demand urgent attention even as providers expand infrastructure safeguards.The prevalence of cloud-native services has grown exponentially over the past decade, with cloud providers consistently introducing a multitude of new services at an impressive pace. Now, the contemporary cloud environment is not only larger but also more diverse. Unfortunately, that size…

The compelling need for cloud-native data protection

4 min read - Cloud environments were frequent targets for cyber attackers in 2023. Eighty-two percent of breaches that involved data stored in the cloud were in public, private or multi-cloud environments. Attackers gained the most access to multi-cloud environments, with 39% of breaches spanning multi-cloud environments because of the more complicated security issues. The cost of these cloud breaches totaled $4.75 million, higher than the average cost of $4.45 million for all data breaches.The reason for this high cost is not only the…

Accelerating security outcomes with a cloud-native SIEM

5 min read - As organizations modernize their IT infrastructure and increase adoption of cloud services, security teams face new challenges in terms of staffing, budgets and technologies. To keep pace, security programs must evolve to secure modern IT environments against fast-evolving threats with constrained resources. This will require rethinking traditional security strategies and focusing investments on capabilities like cloud security, AI-powered defense and skills development. The path forward calls on security teams to be agile, innovative and strategic amidst the changes in technology…

Topic updates

Get email updates and stay ahead of the latest threats to the security landscape, thought leadership and research.
Subscribe today