A Guide for Educational Institutions to Avoid Insider Threats

A Guide for Educational Institutions to Avoid Insider Threats

Cyber security has to now be as central to the safety of students and faculty as physical security is.

  • By Isaac Kohen
  • June 12, 2018

Across the US education institutions have to take on the task of managing sensitive information that are not just critical for the organization but also for each and every student’s and employee’s life going forward. One data breach is all it takes to cause not just financial harm to a person but in some cases physical harm if it was accessed by a malicious individual. With issues such as bullying, harassment, and increasing radicalization common among students and people in the community data security becomes ever more important.

When it comes to data security as we know it has become increasingly more about insider threats. This is different than the past where there was just a focus on securing the perimeter around where data was stored. Now with the digitization of everything, a data breach is simply a matter of unauthorized access. This is mainly due to how easy it is to duplicate or download data upon seeing it. Insiders who are usually employees, contractors, and third parties sometimes are threats. In 2017, The Dark Overlord hacker group managed to infiltrate Columbia Falls School District and acquiring the data from students, parents, and faculty of more than 30 schools in the region. This resulted in classes being cancelled for three days. Hackers used the data to harass parents with death threats against their children and to faculty. Their ransom letter even alluded to the Sandy Hook shooting incident.

Cyber security has to now be as central to the safety of students and faculty as physical security is. With the right data any malicious actor can be a significant threat. Thankfully there are some steps that institutions can take to ensure the safety of their community on campus. While some school districts struggle financially the tools and practices for security are often inexpensive with a lot of savings.

Security Education & Training

The value of education on a topic should be of no surprise to educational institutions. While most are prioritizing creating a safe space for students and educators to have optimal outcomes, cyber security remains a vulnerability for most places. In today’s environment incidents such as what happened with Dark Overlord are common, but they often happen with the negligent aid of an employee or some other insider with access to sensitive data. Someone who is part of administration or faculty may open a link in a suspicious email. That link may trigger a download of backdoor access malware or ransomware. This ultimately results in a data breach. Simple incidents such as downloading attachments or clicking links can put many people’s lives at risk. As many educators know just a set of powerpoint slides does not reinforce knowledge. Instead what is needed is training. Students already have their activity monitored when they sign in to school computers which of course allows schools to identify and act on threats. However, when it comes to administration, they are not always monitored as closely. Administration and educators alike need continuous training to master security. Focus on topics such as phishing, ransomware, incident response, and communication practices.

Monitoring

The monitoring of applications and emails helps to mitigate user’s risky behavior. Monitoring is more than viewing a session, it involves the analysis of network log data to learn about behavior patterns on the network and by each individual user. This is called behavioral analytics and it is an increasingly common technology that integrates the practice of log analysis with machine learning to understand insider threats on your network. At minimum emails, applications, and keystrokes on terminals and the network need to be monitored.

Prevention

Training and monitoring alone will not keep your campus safe. There needs to be policies and practices in place that mitigate the exposure of sensitive data in the first place. One of the easiest things to do on your campus right now is to review and manage permissions to sensitive data based on role. Additionally it would help to review what is defined as sensitive. If the campus has information about social media accounts of a student for example, a leak could bring harm to that student potentially. Another preventative measure to take is to structure tasks and work to minimize stress. When employees are under stress they make many more simple mistakes, like opening a suspicious attachment or link.

Insider threats are able to be mitigated. Campuses have some unique aspects about them but the underlying security measures that need to be taken are similar to other organizations. When it comes to students campuses are often much more proactive about security than they are about their own faculty. Be sure to treat every person with access to the network as a potential security threat. You can learn more about insider threats from the guide developed by the Carnegie Mellon CERT team.

About the Author

Isaac Kohen is the founder and CEO at Teramind Inc.

Featured

  • Door Hardware and Campus Security: Enhancing Safety in Schools

    The importance of investing in school safety cannot be overstated, but knowing where to start implementation of school safety features can be a challenge. A recent survey by the National Center on Education Statistics found that a quarter of U.S. public schools have classrooms with doors that can't be locked from the inside. Even among schools with doors that do lock, recent legislation reflects a common misconception that simply keeping the doors locked all day will eliminate the potential for an attack, in direct violation of PASS (Partner Alliance for Safer Schools) Guidelines. Read Now

  • Brigham Young University Strengthens Campus Security With Genetec Operations Center

    Genetec Inc, a provider of enterprise physical security software, announced that Brigham Young University's (BYU) has optimized its security operations with the Genetec™ Operations Center work management system. Read Now

  • AI-based Risk Mitigation: The Next Advancement in Video Surveillance and Public Safety

    Safety is at the forefront of every organization and covers a gamut of scenarios, not just weapon-fueled lethal threats. It also includes smaller-scale and everyday situations like slipping hazards, fallen persons, unauthorized vehicles, and more. These issues cause disruptions in daily operations and cost companies and facilities money and downtime, so a fully realized security plan must involve actions that facility personnel should take once a hazard of any size occurs. Informing everyone that a hazard exists, where it’s located, and what actions to take is imperative for maintaining personal safety. Read Now

  • Fort Worth ISD Strengthens Event Safety

    The issue of concealed weapons being introduced into school extracurricular activities, including sporting events and graduations, became a growing concern in communities across the nation. According to the K-12 School Shooting Database, there were at least 202 incidents of gunfire on school grounds in 2024 across the United States, resulting in 56 deaths and 147 injuries, underscoring the urgent need for enhanced safety protocols. Read Now

Most   Popular