Critical cybersafety steps for schools

Critical cybersafety steps for schools

As schools prepare to reopen for face-to-face teaching and learning this month, the big focus is on safety – namely protecting students and staff from the risks associated with COVID-19.

However, schools will also have their sights set on defending against a very different type of virus – one that can cripple a school as easily as COVID-19. Computer viruses.

In July, the NSW Department of Education was hit by a cyberattack, just hours after it was announced that schools should prepare for remote learning in the wake of the extended COVID-19 lockdowns.

Fortunately, NSW Education Department systems came back online over the weekend, but not before giving school staff a major scare.

Recent reports have shown that education is one of the most breached sectors when it comes to cyberattacks, and this has led to calls for greater action to ensure that critical data held by education departments is better guarded.

Vijay Sundaram, Chief Strategy Officer at global technology platform Zoho, said cybercrime and data privacy are serious, and growing, threats for the education industry.

“The industry’s reliance on technology has never been greater, and further inaction regarding privacy and security will only increase the risk of threats,” Sundaram told The Educator.

“All education institutions – whether they’re currently compliant with the Commonwealth Privacy Act or not – have a duty to protect their students and staff online, and that starts with awareness, education and action.”

Sundaram says one of the most critical cybersecurity steps is creating a defined, documented and enforced data privacy policy.

“This policy ensures that institutions understand the risks, actively implement safeguards and have plans and responses in place in the event of a breach,” he explained.

Immediate ways to protect against breaches include investing in anti-virus and anti-malware software; seeking out vendors that make security and privacy a core part of their technology; and providing adequate training for staff and students.”

Sundaram said basic housekeeping like training, strong password management, and regularly updating software are important, but often overlooked, steps.

“With safeguards and policies in place, the industry can harness the potential of digital-driven learning and focus on what it does best: educating the next generation.”