- Chester County Intermediate Unit
- CCIU Blog
Real Protection in a Virtual World: Five Key Cybersecurity Solutions for School Districts
Posted by Jim Lukens, CCIU Systems Administrator and Molly Schwemler, CCIU Communications on 2/8/2021 3:00:00 PM
The past year was comprised of countless, previously unimaginable shifts in everything from the way we go about our daily lives to the typical ways we connect and learn. While students, families and education professionals throughout Pennsylvania have participated in virtual learning to some degree, it is fair to say that no one could have predicted that we would all be teaching, learning and connecting completely online for almost a year. Seemingly overnight, educators needed to rethink instruction methods, administrators had to devise solutions to keep the community safe and district technology professionals were tasked with connecting all of the dots, or rather wires, so that all students and educators would have an accessible virtual world of knowledge on their screens each week.
While virtual methods of connection and engagement have enabled learning to continue and remain vital as we all continue to navigate the pandemic, the safety and security of critical school district data, files and records and district systems are also a top priority for all technology professionals in education. Neglecting these crucial areas can leave sensitive district and student information open and vulnerable to cyber threats, including malicious software attacks, intentional overloading of servers and platforms, accidental deletion of critical records and more.
As we work diligently to maintain virtual, hybrid and in-person learning systems and data, here are our top five tips for ensuring the security of all vital district and school data this year.
BACKUP, BACKUP, BACKUP
Regularly scheduled backups of heterogeneous platforms and physical servers over a secure infrastructure are critical for avoiding data loss in the event of an attack, server failure or deletion. To save on bandwidth following an initial full backup, try the fast backup approach in which only changed data is backed up after a full backup. Programs like Rubrik use this technique, also called an "incremental forever" backup model, to ensure maximum data and system security.
THERE ARE NEVER TOO MANY COPIES
Regular and fast backups are critical, but so are multiple backup copies! Consider backing up data to an offsite location and replicating to a remote location so that it is securely accessible in two places. The extra piece of mind offered by multiple backup copies cannot be underestimated.
ENCRYPTION AND PERMANENCY ARE YOUR NEW BEST FRIENDS
You’ve scheduled your backups and made multiple copies in secure locations, that must be enough to ensure your information is safe, right? Take your safety a step further by securing your backups. That data that you stored in an offsite and remote location should also be encrypted and protected. Creating encrypted and protected backups enhance the safety of your data as it is now immutable (unable to be changed) once in storage.
RANSOMWARE DETECTED ANYWHERE
Develop customized actions and monitoring to help protect against Ransomware attempts. Consistent monitoring, as well as the attention of technical professionals, can detect and report potential signs of a Ransomware attack like unusual file changes (files added, deleted, changed, encrypted). Certain systems can also be designed to learn normal file activity over time so that typical activity is distinguished from unusual file activity.
REPLACE. RESTORE. RECOVER.
In the unfortunate event of an attack, be prepared for the recovery process. If the previous strategies have been implemented, it will be much easier and faster for your team to recover compromised files, either to their original location or to a completely new location.
Although cyber-attacks can appear to impact our systems when we least expect it, practicing and incorporating these strategies and tips into our usual security process can help us to not only react more effectively when our cybersecurity is threatened but also to prevent issues before they occur.
Do you want to learn more about securing your district’s information and technology? Are you and your organization located in or around Chester County, PA? The CCIU offers reliable, cutting-edge services and continuous support capable of handling your needs! To speak to our Director of External Technology Services, Bryan Ruzenski, at the CCIU about our technology solutions and how you might benefit from our services, email BryanR@cciu.org or call: 484-237-5026. If you are specifically concerned about any of the cybersecurity threats or lack of existing districtwide solutions to the issues detailed in this article you might also benefit from discussing our Rubrik solution.