Our world is technologically advanced and anything and everything is at our fingertips. In the classroom today we see teachers using technology helping with lesson plans, information and research as well as being the very basis of how they teach. Here are all the data security tips we can offer you to ensure that your school and all its new online data is as safe as it can possibly be.
The technological world we live in
With schools relying more and more on technology, it means that teaching and the management of data has advanced. What was previously at risk in most school environments, was the physical data they stored. But nowadays majority of their data is online, and schools have opened themselves up to an entirely new series of everyday threats against their data. Here's our top tips to ensuring secure data in schools.
The real threat for school data
In line with the new general data protection regulation (GDPR) schools are now legally obliged that all data including personal information about pupils is kept safe. This means that storing and accessing your school’s data both internally and externally has never been more at risk of data breaches than it is now.
Here are all the data security tips we can offer you to ensure that your school and all its new online data is as safe as it can possibly be.
External threats and the best security measures to avoid them
- By using a secure virtual private network (a VPN) it can protect all data that is being accessed outside of school, for example, if you have students or staff accessing your systems from home. A secure VPN allows all staff to access, edit and save files safely.
- Are you using an external hard drive? If so, you should always make sure that it is password protected and stored safely both in and out of the school environment. If it lacks this, then anybody can access any information or personal data that is stored on the hard drive easily.
- Many schools have third party providers, these will also have access to all the same data that other members of staff in your school do. You should always securely manage any third-party provider- if they are allowed onto your network, you should know how to remove their access if necessary.
- You should always have a Web Application Firewall (WAF) in place. These are the best way to protect your server, they can filter content that is accessed through the firewall as well as stand as a safety gate between you and other servers.
Being online and the easiest ways to protect your data
- Always check that your internet connection is safe and do your due diligence on your provider- ensure that they are reliable and confidential before entering any agreement with them.
- A phishing attack is any attempt to obtain sensitive information by disguising oneself as a trustworthy entity, 95% of these attacks occur by using trojans that are attached to emails. The best course of action is to never open an email that appears suspicious. Instead delete it and never open any attachments.
- To further prevent these emails, your service provider might offer an email filtering feature. This is a great way to stop these kinds of emails even reaching your email address in the first place.
- Passwords must be strong, never reused and never shared. It is always advised that you do not write down your passwords anywhere and do not autosave them into your computer if it is a shared desktop.
- Locking and opening your computer is a small but simple way to reinforce safety online. Lock your computers when you leave them so that any sensitive data is kept private (pressing the windows key and L is a quick shortcut).
Using your website and storing data tips
- Do you know who provides, hosts or manages your school website? It’s important to minimize the amount of people that can access your website software and can use or edit it. The more people that have access the more risks your website and its data are open to.
- It is also important to SSL certify your website. The certificate helps to block anyone from accessing any data that may be stored on your website and can act as a barrier to prevent hacking.
- The introduction of the ‘cloud’ into today’s technology is one of the newest risks to school’s data. The idea of the cloud is essentially storing your data on someone else’s server to save money and ensure secure data storage. You should research and use a reputable cloud provider who takes all the required steps to protect your data.
A handy cyber essentials guide can be viewed here, to help you ensure you are doing everything you can to stay data safe!
If you would like to read the rest of the ‘Everything Curriculum issue 6’ magazine that this blog was inspired by, or any of our previous issues, please click here.