Cyber Security Attacks
From physical access to the building to who can get their hands on school devices, unwittingly giving people access is a major threat for cyber security. Some of the top risks are:
Computers left alone without the screen locked.
The class register or other information about a child being duplicated onto the interactive whiteboard.
Devices not being put away safely during break times, lunch, and at any point that the responsible adult leaves the room.
Not updating or being aware of who has access to servers.
Lack of oversight over access to physical risks such as CCTV systems, keys, and door passcodes.
Not keeping data on a ‘need to know basis’, thus increasing the number of people who can potentially access sensitive information.
Leaving your phone or personal device in an unsecure place.
Entering passwords or sensitive information within view of someone else.
Keeping a record of commonly used passwords on the wall near your device (yes – we know you do this!)
A school can be a busy place, with outsiders coming in for a variety of reasons. It’s important to make sure everyone who is invited onto school grounds has: permission to be there, undergone relevant legal checks, and has restricted and monitored access to areas of the school (e.g. parents evening).
This is everybody’s responsibility. If someone comes into your classroom, ask yourself if they should be there, and check there are no devices left lying around that they could access.
Children and young people are using tech at an earlier and earlier age. Their lives are spread between the online and offline world, with many having devices in their hands from a very young age. This means their tech knowledge can be pretty well developed by the time they reach school. This, plus access to endless amounts of information on the internet, can result in some young people having impressive technological skills!
Not all, however, will choose to use these skills for good. Whether it’s out of well-intentioned humour or negative reasons (like being upset at a teacher, feeling isolated, or part of peer pressure), there have been incidents of pupils hacking servers, changing passwords, and otherwise targeting schools via cyber breaches.
Lack of Training and Awareness
Keeping up to date on cyber security can present a challenge for educational establishments. On top of everything else that is ‘vital’ and ‘urgent’ that schools have to prioritise, knowing where to get reliable information and finding time for regular training can be difficult. However, it’s the gaps in knowledge that create a threat to cyber security – criminals rely on the vulnerabilities of their victims.