A Guide for Educational Institutions to Avoid Insider Threats -- Campus Security Today

A Guide for Educational Institutions to Avoid Insider Threats

Cyber security has to now be as central to the safety of students and faculty as physical security is.

By Isaac Kohen
June 12, 2018

Across the US education institutions have to take on the task of managing sensitive information that are not just critical for the organization but also for each and every student’s and employee’s life going forward. One data breach is all it takes to cause not just financial harm to a person but in some cases physical harm if it was accessed by a malicious individual. With issues such as bullying, harassment, and increasing radicalization common among students and people in the community data security becomes ever more important.

When it comes to data security as we know it has become increasingly more about insider threats. This is different than the past where there was just a focus on securing the perimeter around where data was stored. Now with the digitization of everything, a data breach is simply a matter of unauthorized access. This is mainly due to how easy it is to duplicate or download data upon seeing it. Insiders who are usually employees, contractors, and third parties sometimes are threats. In 2017, The Dark Overlord hacker group managed to infiltrate Columbia Falls School District and acquiring the data from students, parents, and faculty of more than 30 schools in the region. This resulted in classes being cancelled for three days. Hackers used the data to harass parents with death threats against their children and to faculty. Their ransom letter even alluded to the Sandy Hook shooting incident.

Cyber security has to now be as central to the safety of students and faculty as physical security is. With the right data any malicious actor can be a significant threat. Thankfully there are some steps that institutions can take to ensure the safety of their community on campus. While some school districts struggle financially the tools and practices for security are often inexpensive with a lot of savings.

Security Education & Training

The value of education on a topic should be of no surprise to educational institutions. While most are prioritizing creating a safe space for students and educators to have optimal outcomes, cyber security remains a vulnerability for most places. In today’s environment incidents such as what happened with Dark Overlord are common, but they often happen with the negligent aid of an employee or some other insider with access to sensitive data. Someone who is part of administration or faculty may open a link in a suspicious email. That link may trigger a download of backdoor access malware or ransomware. This ultimately results in a data breach. Simple incidents such as downloading attachments or clicking links can put many people’s lives at risk. As many educators know just a set of powerpoint slides does not reinforce knowledge. Instead what is needed is training. Students already have their activity monitored when they sign in to school computers which of course allows schools to identify and act on threats. However, when it comes to administration, they are not always monitored as closely. Administration and educators alike need continuous training to master security. Focus on topics such as phishing, ransomware, incident response, and communication practices.

Monitoring

The monitoring of applications and emails helps to mitigate user’s risky behavior. Monitoring is more than viewing a session, it involves the analysis of network log data to learn about behavior patterns on the network and by each individual user. This is called behavioral analytics and it is an increasingly common technology that integrates the practice of log analysis with machine learning to understand insider threats on your network. At minimum emails, applications, and keystrokes on terminals and the network need to be monitored.

Prevention

Training and monitoring alone will not keep your campus safe. There needs to be policies and practices in place that mitigate the exposure of sensitive data in the first place. One of the easiest things to do on your campus right now is to review and manage permissions to sensitive data based on role. Additionally it would help to review what is defined as sensitive. If the campus has information about social media accounts of a student for example, a leak could bring harm to that student potentially. Another preventative measure to take is to structure tasks and work to minimize stress. When employees are under stress they make many more simple mistakes, like opening a suspicious attachment or link.

Insider threats are able to be mitigated. Campuses have some unique aspects about them but the underlying security measures that need to be taken are similar to other organizations. When it comes to students campuses are often much more proactive about security than they are about their own faculty. Be sure to treat every person with access to the network as a potential security threat. You can learn more about insider threats from the guide developed by the Carnegie Mellon CERT team.

About the Author

Isaac Kohen is the founder and CEO at Teramind Inc.

Featured

Emerging Campus Access Control Solutions

Emerging solutions in campus access control can mean different things. Usually, we expect the topic to focus on the very latest in door security products and solutions that have just been recently released or are about to be launched. After all, staying up on improvements to keep campuses safer is critical. Plus, it’s always interesting and exciting to learn what’s new and how innovations are going to better protect lives and assets and help the industry be even more successful. Read Now
Here’s How Instructional Audio Can Play a Key Role in School Safety

Ensuring the safety of students and employees is critical in today’s educational environment. While the threat of a school shooting is in the back of everyone’s mind, the truth is there are many possible scenarios that could crop up at any time in classrooms, hallways, and other school spaces—from fights or altercations to a sick child or staff member who requires emergency attention. Read Now
How School Security Continues to Advance

For more than 30 years, I’ve been fully immersed in security operations in K-12 schools, including working in school safety in Littleton, Colorado during the attack at Columbine High School in 1999. That incident, coupled with those before and since, underscores the critical need for continued improvement in safety and security measures in our schools. Thankfully, ongoing advancements in security technology enable prompt response to critical threats as well as daily operational efficiency Read Now
- Facility Security
The Role of Trusted Access Control and Identity Management

The diverse and dynamic campus environments of modern post-secondary institutions rely on multiple systems and processes to ensure campus security and operational efficiency. Read Now
- Access Control

Webinars

Hanwha Vision (formerly Hanwha Techwin), Salient Systems, Eagle Eye Networks Inc, Evolv Technology, Arcules, ZeroEyes, Omnilert

Shooter Detection: The First Line of Defense
Hanwha Techwin, Salient Systems, Evolv Technology, Omnilert, Eagle Eye Networks Inc, Traka ASSA ABLOY, i-PRO Americas Inc., Digital Watchdog, IPVideo Corporation, ProdataKey

Exploring Multiple Facets of Campus Security Summit
SparkCognition

How Visual AI Is Transforming the Conventional School Safety Model

Whitepapers

Metrasens

Case Study | Creating a Welcoming and Safe Experience for School Events
ProVision

Guide to Body Cameras for Campus Security
Omnilert

Guide to Evaluating Gun Detection Technology