How cyber attackers get into a school
Schools today are increasingly targeted by cyber attackers who use sophisticated methods to breach networks and steal or manipulate sensitive data. A...
Schools are reliant on technology to manage educational resources, student information, and administrative functions. With this dependency comes the critical need for robust cyber security measures. The type of infrastructure a school uses—on-premises servers or cloud-based solutions—presents different sets of cyber risks. Understanding these risks is essential for developing effective security strategies. This article will explore the distinct cyber risks associated with on-premises servers and cloud-first schools and how 9ine can help mitigate these threats.
On-premises servers are susceptible to physical security threats, including theft, vandalism, natural disasters and compromise through physical access. There have been many examples where poor physical security has led to cyber compromise via keyloggers, direct console access to network systems or access via server systems designed for resilience. Physical security of a school's systems architecture should be risk assessed to the same standard as virtual access.
Managing on-premises servers requires regular maintenance and timely updates to safeguard against vulnerabilities. Failure to apply patches and updates can leave systems exposed to cyber-attacks. Schools often struggle with the resources and expertise needed to keep up with these demands. Policies should be in place which require processes and procedures to identify and implement software / firmware updates following a risk based approach. A risk based approach considers the criticality of the update against the operational impact of taking off line systems while being updated. Generally speaking schools should allow a window of time each week for these types of updates.
Insider threats pose a significant risk to on-premises servers. Staff or students with malicious intent can exploit their access to cause harm. Implementing strict access controls and monitoring user activity is essential but can be resource-intensive. These types of threats are increased in BYOD environments where access and utilisation of device resources are not centrally managed by the tech department. In these cases there is potential for these device resources to be exploited by malware, or an inquisitive user, to elevate privileges and laterally move through the systems architecture. Limiting this threat is primarily based on following a zero trust approach in network and systems configuration.
On-premises servers may face scalability issues. As the school’s data and processing needs grow, upgrading hardware can be costly and time-consuming. This limitation can lead to performance bottlenecks and increased vulnerability as outdated systems are more susceptible to attacks. The more systems a school has on-premises also makes it more difficult to restore data and access should a cyber attack or system failure occur. There is a greater dependence on disaster recovery planning and having up-to-date documentation (and backups) to rebuild should the worse happen.
Cloud environments are prime targets for cybercriminals due to the vast amount of data they host. Data breaches can occur if there are weaknesses in the cloud provider’s security or if school staff misconfigure security settings. There is growing evidence that data in these systems isn’t often protected as well as data on-premise. Quite often these weaknesses relate to poor user account management, access controls and password security.
Schools using cloud services are dependent on the security measures of their providers. A breach or failure on the provider’s end can compromise the school’s data. It’s crucial for schools to choose reputable providers with strong security track records. The primary way to do this is to ensure each service provider’s contract is sufficiently evaluated for compliance with legal requirements and industry standards. There are a number of well known examples where a large EdTech vendor has had a cyber breach, but where schools are not legally protected or indemnified as the contracts that have been agreed to, have missed critical clauses.
Cloud-based systems require robust access management protocols. Poor access controls or insufficient staff training can lead to unauthorised access and data leaks. Regular audits and staff education are vital to maintaining security. These protocols need to be applied at a domain, authentication and platform level that requires coordination between the school’s tech team and the system owner.
Using cloud services increases the attack surface, as data is transmitted over the internet. Schools must ensure secure connections and use encryption to protect data in transit. Additionally, DDoS attacks can disrupt access to cloud services, affecting school operations.
Both on-premises and cloud-first schools face unique cyber risks. To mitigate these threats, schools must adopt a comprehensive approach to cyber security:
Navigating the complex landscape of cyber security can be daunting for schools. 9ine offers a range of services tailored to the unique needs of educational institutions. Our cyber security testing services encompass both on-premises and cloud environments, providing comprehensive assessments to identify and mitigate risks. Additionally, 9ine’s privacy, risk, and Edtech impact services ensure that schools are not only secure but also compliant with relevant regulations.
Our team of experts can assist with developing and implementing effective security strategies, conducting regular vulnerability assessments, and providing ongoing support and training. By partnering with 9ine, schools can focus on their primary mission—educating students—while we handle the complexities of cyber security.
In conclusion, whether your school relies on on-premises servers or adopts a cloud-first approach, understanding and addressing the unique cyber risks associated with each setup is crucial. With the right strategies and expert support from 9ine, schools can create a secure digital environment for their students and staff.
Schools today are increasingly targeted by cyber attackers who use sophisticated methods to breach networks and steal or manipulate sensitive data. A...
Technology is transformative. In 2020 schools and universities worldwide are dependent on the IT infrastructure that supports them. As schools...
In this seventh blog in the series which builds upon every stage of the NCSC's 10 Steps to Cyber Security, we look at Event Log Monitoring. In our...