cancel
Showing results for 
Search instead for 
Did you mean: 
Create Post

Improving Cybersecurity Starts at the Endpoints

Level 13

Careful monitoring and attention to endpoints are just two elements of a strong cybersecurity strategy for K-12 districts.

Cybersecurity must be a top priority for K-12 schools. Schools need to prioritize thwarting industrious hackers who are intent on getting to the treasure trove of information and personally identifiable information (PII) schools manage.

Just ask the staff of the Olympia School District in Washington, whose addresses, social security numbers, and salaries were exposed by a large-scale data breach.

Yet despite the immense target schools present, it’s been difficult for educational institutions to make cybersecurity improvements. A 2018 Security Scorecard report found, out of 17 major industries, the education sector ranked last in terms of cybersecurity performance. It performed poorly in several areas, including patching cadence, application security, and endpoint security.

Endpoints can be difficult to manage, in large part due to the sheer number of devices being used on school networks. It all amounts to potentially thousands of unsecured endpoints a school IT administrator must monitor throughout the day and evening.

Let’s look at some strategies administrators can employ to take control and protect these endpoints.

Establish Rigorous Access Control Policies

Administrators should restrict access to those who need it. When a student graduates or leaves the school, their network privileges should be revoked. The same goes for staff. If those access points aren’t closely regulated, the school runs the risk of a user’s credentials falling into the wrong hands, providing bad actors with a potential foothold into the school’s network.

Monitor User Behaviors

Bad actors can be discovered through close monitoring of user behaviors. This involves monitoring for anomalies in the ways a user typically accesses a school’s network. Administrators can set up a baseline of “normal” behavioral patterns for each user. Security systems can then look for breaks in those patterns indicative of suspicious behavior.

Take a Sophisticated Approach to Endpoint Monitoring

Phishing, ransomware, and other tactics are increasingly prevalent.

Administrators must implement sophisticated endpoint detection to alert them to potential threats as they attempt to access the network. This must be scalable enough to monitor all the endpoint devices using a school’s network, and alerts should be provided in real-time to allow administrators to quickly respond.

Automated responses can help administrators take things a step further. Even a slight violation of policies should immediately trigger an automatic action to contain and neutralize any potential damage. Then, administrators can jump in, assess the impact, and take steps accordingly.

Create a Staffing Structure in Support of Good Cybersecurity

Despite all these best efforts, a breach will probably someday occur. In this case, it’s important to have the right people in place to address the problem.

Hackers have discovered schools of all grade levels can provide a wealth of PII and valuable data. As such, the cybersecurity threat won’t be going away anytime soon. Instituting the strategies outlined above can help them improve their cybersecurity postures and protect their students, staff, and networks.

Find the full article on eSchool News.

The SolarWinds trademarks, service marks, and logos are the exclusive property of SolarWinds Worldwide, LLC or its affiliates. All other trademarks are the property of their respective owners.

 

2 Comments
Level 13

Thanks Interesting article

MVP
MVP

I love the post!  Thanks for sharing ..  I just enlisted the assistance of KnowBe4 to meet the Texas House Bill requirements, AND to better educate the staff with phishing testing and automated training.  Our next step is to implement the Palo Alto Cortex in our environment so that we can then watch both East / West and North / South traffic.  I am finally getting the funding and support necessary to do a better job with security,  All the information shared has assisted greatly,  I have used many THWACK articles to back up my pursuit.   Thanks for taking the time to share this information!