Protip: Prevent Student Hacks

It shouldn’t be a surprise that school districts are a gold mine for hackers. While the external cybercriminal seeks confidential information such as Social Security numbers for financial gain or identity fraud, the student hacker hopes to change grades, infect computers with malware, posts inappropriate images, hijacks websites or steals passwords. Despite the best security efforts, procedures and guidelines, many school districts are still vulnerable to these insider attacks. Here are six expert tips that protect against student hackers and helps to ensure they’re less likely to gain access.
 

1 – Logical Segmentation of the Network

Network segmentation is the concept of taking a computer network and breaking it down, logically and physically, into multiple smaller fragments. A popular method of fragmenting a network into manageable chunks is logical segmentation. Most often, this doesn’t require any new hardware, provided the infrastructure is already managed. Taking this step improves network visibility and monitoring, increases network security, controls physical access to specific network equipment and reduces the blast radius during an outage or attack.
 

2 – Outbound Access Filtering to Internet

By limiting outbound access to the internet, security teams prevent the exfiltration of sensitive data or other types of malicious activity involving malware and disk operating system attacks from insider threats. Egress filtering is often neglected in security postures, allowing for Command and Control (C2) traffic by malware a readily available path to advertise your systems’ vulnerabilities.
 

3 – Restrict Access to Desktops and Workstations

Restricting access to desktops and workstations helps to maximize security and provide vital protection against threats. Access must be limited to authorized and properly authenticated users. When misuse of the school’s computer systems occurs, consistently and quickly addressing this better develops the students’ digital responsibility and an awareness of the technology rules and the associated consequences for breaking them.
 

4 – Screen Lock Policy on Teacher Workstations

To ensure your users of information technology follow best practices to help reduce insider attacks, implement rules for a screen lock policy. Locking workstations with a password-protected screensaver or manually locking your screen while stepping away from the machine reduces the potential risk of misuse and secures all opened documents and running applications.
 

5 – Least Privilege

No one associated with a school should enjoy access to more information than they need to do his or her job. Words of wisdom, the essential information sticks to the essential personnel. This limits the possibility that sensitive data might be used inappropriately. Your best bet and safest practice is to keep all information secure and be vigilant about ensuring role-based access to information.
 

6 – Password Complexity

A relatively simple and quick way to protect school networks against student hackers is to make sure passwords are well chosen, protected and changed regularly. An ideal password or passphrase is one that includes a variety of characters, numbers, and letters that have no correlation or direct link to you. Avoid predictable patterns and utilize the entire keyboard. No more sticky notes on desktops or easy-to-guess passwords!
 
At the end of the day, establishing good ground rules and habits for employees and students alike are essential to protecting school networks, maintaining security and reducing all threats, no matter where they are coming from.

 

 

Filament Protip

All of our service area leaders have dozens of year of experience. These are protips they’ve picked up along that way that you can use right now to solve common issues.