How do I know my school's network has been compromised?
By Marcus O'Brien - January 6, 2021
Network hacks have become increasingly frequent in the past few years - especially in schools. The reason being, the less than optimal security frameworks are easy to exploit for cybercriminals and also pays them handsome rewards by selling data or demanding ransom.
Today most schools are using web based applications to deliver lessons and submission of assignments. Although incorporating technology can be a progressive learning aid in the educational system, if the network is not secured properly, schools will have to face bigger challenges and consequences.
This read talks about detecting and preventing threats to your school’s network.
What does your school's network consist of?
A school network is basically a set of computers, digital tabs, mobile devices and servers that are all connected and communicate with each other over wired or wireless connections. These connections are used to store and share data on school servers, gain access to the internet, or provide access to school services.
Data is stored on servers that are likely stored in your school’s server or hub rooms. These servers are connected to the rest of the school's computers using network switches, which are strategically placed to provide connectivity via wired connections. Wireless access points connected to these switches are also commonly used to enable mobile devices such as laptops, smartphones or tablets to access the school network.
Detecting a threat to the school’s network
There are a number of ways to detect threats in the school system.
1. Vulnerability assessment
A vulnerability assessment is a test conducted by a piece of software called a vulnerability scanner. It uses a list of known vulnerabilities to scan and attempt to breach the system. The report provides mitigating measures to allow administrators to improve the security of their systems.
2. Systems audit - configuration
All systems should be regularly audited to determine if the configuration is both secure and is configured as per the schools’ current requirements. This includes checking which users have access and what privileges are assigned to them.
3. Best practice analysis
A number of systems provide their own security analysis, often named as best practice analysis. A good example of this is Microsoft’s Secure Score which analyses the configuration of an organisations Microsoft 365 tenancy. It then provides a report on the current security posture and lists recommendations to improve it.
Preventing threat to the school's network
There are a number of methods that can prevent and detect threats on your schools’ network. The most common include:
A network monitoring solution constantly monitors a computer network for slow or failing devices and unusual activity providing alerts to administrators if it detects any abnormalities or outages.
A regular audit of the configuration of systems allows administrators to confirm that the systems are as secure as possible.
c. Preventive maintenance
A schedule of tasks that occur at regular intervals (daily, weekly, monthly, termly, yearly) should be created. These include but are not limited to checking that backups have run successfully, there are no error alerts on systems, checking firewall logs, and checking for software updates.
d. Managing user privilege
All systems that are accessed by users should have permissions documented and regularly reviewed. This ensures that anyone who leaves the school does not have access to systems and all current users have the correct permissions.
e. Account provisioning and decommissioning
A process should be in place to ensure that all users have accounts in the school when they start and the accounts are deactivated and eventually removed when they leave. There are tools available that can help automate this process.
f. Vulnerability scanning
Regular vulnerability scanning of the internal and external networks should be conducted. Changes are made regularly on systems and vulnerability scans can ensure that attackers have limited means to exploit them and gain access.
The above tips will help to detect vulnerabilities in your school’s network system. If you find any threats make sure to take immediate action. The longer the school delays to battle the threats the bigger can be the consequences of a potential cyber attack. Remember, precaution is always better than cure.
For a deeper dive into how to improve information security in your school, you can book a free workshop with one of our experts
ABOUT THE AUTHOR:
Marcus is a Senior Technical Consultant at 9ine, responsible for the on the ground management of new build / refurbishment projects. He specialises in the application and configuration of technical systems and services within schools, including mobile device management (MDM) systems. He holds a bachelor's degree in computer network management and design.
Let’s Stay in Touch
Subscribe to our newsletter to receive product announcements & other updates.