Q&A with Heather Paunet About Untangle and Education
With K-12 cyber incidents, what are the most common types of incidents, and do we find that one is more successful than another?
Heather Paunet
Senior Vice President of Product
A: According to k12CyberSecure’s K-12 Cybersecurity 2019 Year in Review report, there were 348 publicly disclosed cyber-related incidents targeting schools or school districts. Of these, 60% were data breaches, 18% were ransomware, 13% were classified as other, and 8% were phishing. In the case of data breaches, these incidents involved the unauthorized disclosure and access to student and staff data.
These unauthorized disclosures, according to the report, are the result of personal information either being accidentally emailed to an unauthorized recipient or files with personal information being available on the public internet instead of secured or private service. Also mentioned in the report, “Just over half (51 percent) of student and educator data breach incidents during 2019 were due to the actions (or inaction) of school vendors,” meaning while schools continue to expand, they need to monitor email interactions, data storage, and network access at all times.
What are specific criteria administrators and IT professionals need to be aware of when protecting K-12 students?
A: When it comes to protecting K-12 students, there are several regulations that need to be top of mind. CIPA, the Children’s Internet Protection Act is a federal compliance regulation that works to protect students from accessing obscene or harmful content over the Internet. In December of 2019, the K-12 Cybersecurity Act of 2019 was created to bolster institution protections by instructing the Department of Homeland Security to examine risks and challenges schools face, and create recommendations for addressing these issues.
As technology continues to evolve, what advice would you give IT administrators when it comes to protecting the school network as well as personal devices when they enter the campus?
A: Each year more devices will be brought to campus and students as well as staff, teachers, and other administrators, will try to connect to the available Wi-Fi. The best way to protect both the main network and all connected devices will be to segment the network. Creating a guest Wi-Fi network for personal devices or invited guests will ensure that if any device on that particular network is compromised, it will not have access to other sensitive network information, such as student data. Network administrators can easily monitor, block, and receive alerts for devices on the guest network that appear to be compromised or are seeking to access private system information, while all devices connected to the main network will remain secure.
Assignments can vary greatly depending on age, context, and learning objectives, with that in mind, how can network administrators protect students of varying ages while also allowing students to explore the information they need to complete specific projects?
A: Network administrators, working closely with teachers, should be made aware of any special projects that may require updates to network filtering parameters. Adjusting these parameters to allow students in a particular grade or particular class to access Internet content that may be inappropriate for younger students, can be done with segmented access policies. For example, if a psychology class is preparing a presentation about the impacts of bullying on mental health, access to content behind the search term “bullying” may have relaxed filter parameters during specific times of day or for specific class groups, in comparison to other grades or students who, when searching this term, would activate an alert or notification to the administration team to check in about this search type.
Why are schools and school districts such high level targets for cyber criminals?
A: Schools and school districts remain high level targets because of the access to new personal data that hackers can sell on the market. Students, especially K-12 students are less likely to have credit cards, IDs, or other profiles with personal information, so stealing school records can be a gold mine for criminals looking to make money selling information on the black market for identity theft.
What features or capabilities should network admins look for in network security solutions for their school district?
A: Network administrators should look for comprehensive, unified threat management solutions to protect their networks. A robust, multi-layered solution that provides basic, scalable security protocols and also allows for administrators to customize these protocols as they need or as their network complexity grows. Advanced web filtering capabilities, access management or directory management ensures that authorized personnel have access to specific, but not all files on the network, and a centralized management platform ensures that updates to network policies can be pushed network-wide without downtime.
What are some aspects of cyber security that network administrators tend to overlook?
A: Some aspects of cybersecurity that are often overlooked are the importance of a consistent backup strategy (especially hosting backups off the network for easy access in the case of a cyberattack), and continuous staff and teacher training. Cyber criminals are always developing new threats and new ways to reach their targets, and while some teachers and staff may believe they can easily identify a suspicious email or attachment, continuous training on new threat types and tactics will always be necessary.
*** This is a Security Bloggers Network syndicated blog from Untangle authored by [email protected]. Read the original post at: https://www.untangle.com/inside-untangle/qa-with-heather-paunet-about-untangle-and-education/