Home schooling has become a mainstay of life since the COVID-19 pandemic spread across the world. For some schools, remote studying only comes into play during snap lockdowns which, in some cases, have become prolonged. For many higher education providers, taking classes from home has become the norm. So, securing school networks from increased threat of cyber attacks and protecting students should be a high priority.
To do so safely, without exposing their networks and home schoolers to cyber risks, schools should follow certain best practices to make sure digital assets are just as secure as they would be on campus.
Unfortunately, cyber criminals have already started to take advantage of the pandemic. From the malware-infected Coronavirus heat map, to the phishing emails aimed at taking advantage of fearful Australians looking for answers, criminals are actively trying to capitalise on vulnerabilities during this challenging time.
Home schooling, for a portion of the nation's students, has always been a valid option. However, the current scale of remote education is unprecedented. According to some figures, previously home school numbers were around 30,000. This meant schools that enrolled distance students could manage security risks with relative ease.
However, under the current situation, when a city or state's entire student population are suddenly relying on online tools at extremely short notice, it is very difficult for schools to prepare and adapt.
Every time a student logs onto the school network, the IT team has to monitor and secure that student’s device. When you have thousands of students logging on from different locations, this becomes an impossible task.
Another challenge schools and teachers face is that students tend to be less alert and easily distracted at home.
Especially during this chaotic time, many students are mixing schoolwork with other activities such as web browsing, playing games, or chatting with friends while using personal devices to do schoolwork. Engaging in these activities on school devices increases their chance of exposure to phishing emails and fake websites.
Adding to the problem is home networks typically are less secure and more vulnerable to phishing attacks.
Despite the challenges, this is the optimum moment to take stock of your school’s security infrastructure for remote learning to avoid a serious security breach.
School communities working and learning at home can follow these practical security steps to protect their school networks:
By providing a VPN service to all staff and students where necessary, their online activities are the same as if they were sitting at school, the secured network. All traffic is encrypted and protected by the school’s local network security measures.
However, it’s important to recognise that not all VPN services are created the same. Some only encrypt the data in transfer, but not application data. Others collect data to sell to third parties. Therefore, it’s important to do your research in choosing a reliable VPN service.
Phishing is a key contributor to cyber security breaches, according to this COVID-19 alert from the Australian Cyber Security Centre. Given the number of Coronavirus and vaccine-themed emails currently out in the wild, now is a good time to circulate training on good email hygiene best practices to warn staff and students of possible scams.
For students with school devices, it is best practice not to share your device across users. Additionally, it's not a good idea to access or download non-school applications from these devices. Doing this increases the chances of malware or other malicious code entering the school's network.
Communicate with parents to educate them on installing or updating their cyber security measures on the home network. This includes firewalls as a first line defence to prevent threats entering and a good antivirus software that can act as the next line of defence by detecting and blocking known malware.
It’s also important to update and patch all apps and browsers and ensure they are on auto update to prevent cyber criminals exploiting known security vulnerabilities.
It’s as important as ever to ensure that all accounts are protected with strong passwords. Unfortunately, many people still use the same password across multiple accounts. This means criminals can take over all accounts by having access to just one password.
Passwords should always be a long string of upper- and lower-case letters, numbers, and special characters. Using a good password manager is important to create, remember, and autofill passwords.
As a resource to help families easily remember cyber security steps at home, we have created an Online Safety Checklist that can be printed and placed near the family computer for quick reference, available for download here.
What to read next: