Cyber attacks on schools are increasing exponentially and getting more sophisticated. It’s worrisome and stress-inducing, but it’s not hopeless. There are plenty of protective measures you can take to keep your school safe. Here are six cybersecurity steps you can start taking today to help safeguard your school’s data.
1. Identify fake websites.
Bad actors often create deceptive sites aimed at harvesting personal data, employing URLs that closely mimic legitimate ones. Always double-check a URL before engaging with a website. Fraudulent URLs might use subtle variations like numbers, letters, and dashes that may go unnoticed.
2. Dodge phishing emails.
Be wary of phishing emails that often ask for login credentials or other personal information. Phishing attempts are deceptive because an email domain may appear similar to a trusted email account. For example, an email from staff@sunva11ey.edu is not the same domain as staff@sunvalley.edu. Notice the letter “l” is replaced by 1s in the phishing email’s domain. If you receive an email from ClassLink requesting personal information, such as your login credentials, it is a phishing attempt.
3. Avoid suspicious links.
Only click links you trust. For increased security, add commonly used links to your school’s website for students, educators, and staff to access easily. For even more security, transform any link into a LaunchPad application, bolstering both convenience and safeguarding.
4. Implement MFA.
Use multi-factor authentication (MFA) whenever possible to add layers of identity protection and cybersecurity. ClassLink offers extensive MFA options that help secure online accounts, even if your username and password get compromised.
5. Implement cybersecurity training.
Require mandatory cybersecurity training for all staff and students. You can create your own training or use a training service to help keep your school secure. One option is ClassLink Academy. If you’re a ClassLink customer, this training is available in your LaunchPad account, and the following courses offer a robust understanding of how to protect against cyber attacks:
Security Awareness Anthology (available for ClassLink Administrators, educators, and staff)
- 1.1 Online Security Fundamentals
- 1.2 How to Protect Your Data
- 1.3 Phishing Attack Protections
- 1.4 What is Social Engineering
Directory Services (available only to ClassLink Administrators)
- 2.1 Scope Your Google Directory
6. Report suspicious activity.
Unexpected logins, password changes, and other unauthorized actions are examples of suspicious activity. If you notice any login attempts or password changes that seem out of the ordinary, reach out to your tech team. At ClassLink, we take all reports seriously and will work to investigate any unusual activity. Thanks for helping us keep everything safe and secure.
Bonus Tip: Use Security-Focused IAM Technology
We consistently work on initiatives and product features to help schools protect their data. We’re adding five new features to our advanced Identity and Access Management solution, this fall. Each is designed to aid in protecting your schools’ data.
Account Claiming (Available Now!)
Accelerate onboarding and reduce the burden on tech support when new students and staff can claim their AD account without IT staff distributing passwords manually.
Delegated Permissions & Impersonation (Available Now!)
Improve support and resolution times when your helpdesk can impersonate users and troubleshoot their issues when logged in to ClassLink.
OAuth2 Restrictions (Available Now!)
Use OAuth2 Strict Mode to prevent students from using ClassLink to automatically log in to unapproved apps.
Windows 10 & 11 Sign-In (Available Fall 2023)
Use ClassLink, including MFA and QuickCards, to sign in to Windows 10 and 11 devices.
Acceptable Use Policies (Available Fall 2023)
Create and assign AUP documents with rich text formatting to profiles, groups, or individuals. Then, require acceptance before a login and view reports to track acknowledgments and ensure compliance.
Determine Your Cyber Preparedness With A Free Tool
Have you heard about the Cybersecurity Rubric? The Rubric is a free self-assessment tool you can use to assess your school’s cyber preparedness.
You can also do your part to help grow the pool of affordable cybersecurity experts by becoming a Certified Cybersecurity Rubric Evaluator (CCRE). Right now, you can use the promo code CCRE4CLADMINS to access the training and exam for free.
Featured image provided by ClassLink.