How do I know my school's network has been compromised?

Network hacks have become increasingly frequent in the past few years - especially in schools. The reason being, the less than optimal security frameworks are easy to exploit for cyber criminals and also pays them handsome rewards by selling data or demanding ransom.

Today, most schools are using web based applications to deliver lessons and submission of assignments. Although incorporating technology can be a progressive learning aid in the educational system, if the network is not secured properly, schools will have to face bigger challenges and consequences.

This article explores how school's can detect and prevent threats to their network.

What does your school's network consist of?

A school network is basically a set of computers, digital tabs, mobile devices and servers that are all connected and communicate with each other over wired or wireless connections. These connections are used to store and share data on school servers, gain access to the internet, or provide access to school services.

Data is stored on servers that are likely stored in your school’s server or hub rooms. These servers are connected to the rest of the school's computers using network switches, which are strategically placed to provide connectivity via wired connections. Wireless access points connected to these switches are also commonly used to enable mobile devices such as laptops, smartphones or tablets to access the school network.

Detecting a threat to the  school’s network

There are a number of ways to detect threats in the school system. 

1. Vulnerability assessment: A vulnerability assessment is a test conducted by a piece of software called a vulnerability scanner. It uses a list of known vulnerabilities to scan and attempt to breach the system. The report provides mitigating measures to allow administrators to improve the security of their systems.
2. Systems audit - configuration: All systems should be regularly audited to determine if the configuration is both secure and is configured as per the schools’ current requirements. This includes checking which users have access and what privileges are assigned to them.
3. Best practice analysis: A number of systems provide their own security analysis, often named as best practice analysis. A good example of this is Microsoft’s Secure Score which analyses the configuration of an organisations Microsoft 365 tenancy. It then provides a report on the current security posture and lists recommendations to improve it. 

Preventing  threat to the school's network

There are a number of methods that can prevent and detect threats on your schools’ network. The most common include:

1. Monitoring: A network monitoring solution constantly monitors a computer network for slow or failing devices and unusual activity providing alerts to administrators if it detects any abnormalities or outages. 
2. Audit:  A regular audit of the configuration of systems allows administrators to confirm that the systems are as secure as possible.
3. Preventive maintenance: A schedule of tasks that occur at regular intervals (daily, weekly, monthly, termly, yearly) should be created. These include but are not limited to checking that backups have run successfully, there are no error alerts on systems, checking firewall logs, and checking for software updates.
4. Managing user privilege: All systems that are accessed by users should have permissions documented and regularly reviewed. This ensures that anyone who leaves the school does not have access to systems and all current users have the correct permissions.
5. Account provisioning and decommissioning: A process should be in place to ensure that all users have accounts in the school when they start and the accounts are deactivated and eventually removed when they leave. There are tools available that can help automate this process.
6. Vulnerability scanning: Regular vulnerability scanning of the internal and external networks should be conducted. Changes are made regularly on systems and vulnerability scans can ensure that attackers have limited means to exploit them and gain access.

How 9ine helps

The above tips will help to detect vulnerabilities in your school’s network system. If you find any threats make sure to take immediate action. The longer the school delays to battle the threats the bigger can be the consequences of a potential cyber attack. Remember, precaution is always better than cure. Our consultants are available to help your school audit the current IT systems, provide guidance on infrastructure maintenance and upgrades, and ultimately support your school to stay safe, secure, and compliant. Find out more.