It’s back-to-school season! Soon, our kids will return to the classroom, where they will relearn the information from the prior school year to ensure that they were able to retain that knowledge. There’s nothing wrong with needing a refresher, and this is true for both students and your employees.
If your staff has not had a refresher course on your district’s cyber security practices sometime in the last year, now is the perfect time to get them up to speed. After all, they can’t defend themselves from cyberthreats if they don’t know how. That’s why it’s so important that your team has bought into a cyber-secure culture and is aware of potential threats that could impact your district.
Cyberthreats come in all shapes and sizes, but an overwhelming majority of successful cyber-attacks can be attributed to human error, which is the main reason your employees need cyber security refresher training at least once a year. A lack of training can open your schools up to hackers and other cyber-attacks by way of phishing e-mails, weak passwords, unsafe browsing and more – which jeopardizes your entire district. Additionally, in many cases, insurance won’t cover your claims if your employees have not undergone regular training. Finally, parents usually don’t want to send their children to a school that isn’t keeping their information protected. It doesn’t matter how big or small your district is – you must make an effort to ensure that all of your employees have gone through cyber security training. However, if you’ve never trained your team on cyber security and are unsure of which topics to cover, don’t worry because we’ve put together a list of the most important topics to discuss.
Nearly every employee at every school has their own login to access the district’s systems, data or Internet. When selecting the passwords for this login, employees need to use strong, unique passwords that utilize letters, numbers, punctuation, and other special characters and are not shared between accounts. You should also ensure that your employees regularly change their passwords. For an extra layer of security, you can utilize multifactor authentication, so you’ll know that those logging into an account are who they claim to be.
Your employees should be cautious of any e-mails that come from addresses outside of the district. When your employees go through their e-mail, they should not open e-mails from people they don’t know or have not communicated with in the past. Unless they know exactly where the e-mail has come from, they should not open any links or attachments within it.
An employee’s personal accounts should never be set up through a district e-mail address. When posting on social media, your employees should be cautious about what they post in regard to work. They shouldn’t disclose private information about your districts or your students on social media. If they did, it could be devastating to your district’s reputation as well as your cyber security.
Protecting District Data
At the end of the day, your cyber security practices are in place to protect district and student data, and your employees have a legal and regulatory duty to protect sensitive information. A reckless disregard for protecting district information can quickly cause your district trouble and has the potential to bring forth lawsuits.
Establishing strong cyber security practices and ensuring your team is aware of them through training is the best way to protect your district from cyberthreats. By implementing training on these four topics, you’ll be on your way to developing a cyber-secure culture.