The summer break is almost coming to an end, and with that comes the need for teachers, students and school staff to ready themselves for the school year ahead. Technicians and Network Managers are likely to have been working through the summer to make significant changes to systems and networks but it can be easy to overlook some simple best practices to ensure school data is protected.
Reducing human error
The largest cause of data loss or breach remains human error, often accidental deletions or staff opening malicious websites or emails. Another common cause is disgruntled employees wreaking havoc before leaving an organisation. Within a school environment there are usually many end-points and users, meaning it can be a struggle to manage networks without having an effective way to centralise and monitor them. Centralising networks brings challenges of its own however as this can often require additional hardware, software, time and resources. Further to this, it could allow a threat to consume an entire network rather than just a single machine. An example of this can be seen in the recent GoldenEye and WannaCry ransomware attacks, where malware code was combined with a ‘worm’ to help it spread through networks after a single machine had become infected.
By implementing policy driven processes, automated or manual, the possibility of human error is reduced and by closely monitoring who has access to sensitive information or systems an organisation can track where or why a process may have failed. Training users around the responsibilities they have to help protect networks, by not opening malicious links or content, is also an important step in protecting all systems.
Given the threat posed by cyber-criminals, ransomware, remote hacking and phishing scams some experts have stated that it is simply a matter of time before any given network will suffer a breach. It is vital that measures are taken to reduce the damage that an attack can do should it strike. One step that can be taken is to ensure that administration rights are tiered correctly and access to important systems is limited only to those who need access. By tiering access, it also become easier to track who is making what changes on a system and any anomaly’s or unauthorised changes can be spotted more easily.
It’s the start of the school year, one set of students has left the school and the next set has arrived. Instantly there are hundreds of users who are creating new data or storing old data on dormant/unused accounts. The more data is stored on the network, the harder it is to manage and protect, not to mention the cost of expensive primary storage units.
Cleansing data, deleting or archiving, will free up space on primary systems and combined with an auditing tool will give administrators a better understanding of what data they have and where potential threats could come from.
The ability to protect data is strengthened by the ability to recover it in the instance that it is compromised or deleted. An off-site backup of data is also required for compliance with the School Financial Value Standards (SFVS), as updated in 20115, Section 2 of Point 25. Due to the growing threat of cyber-attacks, which has seen schools paying thousands of pounds in ransoms, it is increasingly difficult to completely shield a network, making backups more important than ever.
Disaster recovery planning is like insurance, for many it is unlikely that a disaster will ever occur but it is important to have processes in place to be able to cope if it does. When the Selsey Academy accidentally caught fire last summer, all physical and virtual infrastructure was completely destroyed along with any on site copies of data. The data on site included all relevant information for students, parents and governors who needed to be contacted in the event. More importantly still, it was down to Network Manager, Daniel Sapseid, to contact insurers and suppliers to begin making arrangements for students to continue their learning, as the fire had struck just a week before the start of term.
Without a DR plan and all the relevant information available (from an off-site source) it would not have been possible to recover data and start getting back to normal.