Creating School Cyber Rules

Creating School Cyber Rules

Campus security guides will help managers take care of their tech stack

  • By Nicolas Poggi
  • April 14, 2020

Campus IT managers are responsible for managing their school’s tech stack. Worries vary. Are all the laptops correctly setup? Is the network able to handle the load? Is the firewall activated? Unfortunately, there are a ton of security variables the IT team cannot control, but require policies and guidelines for the institution’s attendees.

You will need to consider what happens when an infected device comes into the school. How can a student’s laptop be secured when he comes back to college? How can the fallout from a security-unaware teacher be contained?

The first step towards a solution is awareness. Schools, universities and academic institutions where students and faculty can access computers and mobiles (both institutional and personal) need to share guidelines and best practices for safe IoT device usage on campus networks.

Many schools and colleges share this on their website as part of their cyber security basics or tips & best practices for cybersecurity in-campus. We took a look at a handful of these campus guides and put together a quick walkthrough on the best practices for creating these guidelines.

Remember, the objective here is to secure your institution’s attendees and faculty’s data and devices as well as your school’s networks from the harms these rogue devices can generate.

Campus Cybersecurity Guides

A good example of a comprehensive cyber security guide is the one published by the University of Northern Colorado. This online tutorial summarizes the cybersecurity basics every student should follow to make their personal computer more secure.

The UNC guide includes a cybersecurity overview, student resources and security recommendations. It advises students to keep a clean machine, protect their personal information, connect to the Internet with care and to be a good online citizen.

A similar, but more expansive approach, is taken in the Cybersecurity Tips & Best Practices Guide from the University of California at Berkeley Information Security Office. Divided into two sections – Basics for Securing Your Data and Data Responsibilities and Guidelines — the Berkeley Guide provides resources for cybersecurity awareness and best practices on a variety of topics.

The first section –Preventing Laptop Theft to Security Basics: 101 to Netiquette and Ethics– zeroes in on individual responsibilities. It encourages students and staff to physically secure laptops, register devices, install tracking software and meet minimum encryption standards for data security.

The second half of the guide delves into the Berkeley Data Responsibility and Standards Guidelines, which protect the confidentiality and integrity of Berkeley Campus Data. In identifying data security as a shared responsibility, this section also includes information on Phishing: Suspicious Phone Calls, Texts, Emails, Ransomware: Malware Attacking Computer or Mobile Devices, and Security Basics: 101.

General Student Security Guides

Unlike the University of Northern Colorado and Berkeley, which offer comprehensive cybersecurity guides, other schools elect to wrap cybersecurity into an overall student security guide that covers multiple facets of the student lifestyle.

The University of Rochester Off-Campus Guide details how students who rent housing in the local community can stay safe and become good neighbors. The guide includes everything from how to find affordable housing close to campus to transportation and rules for partying. But it also includes useful information on how to protect laptops and other electronic devices from theft and hackers.

Similarly, the Residents’ Guide published by the University of the West of England is written to provide students with useful information about living in university accommodations and covers everything from dormitories to academic facilities to waste and recycling to safety.

Key Concepts to Include in Your School’s Guide

Having seen a few different variations of cybersecurity and in-campus security guidelines from schools and universities, we can establish that there are certain concepts you cannot miss.

Start from the bottom: personal safety. Berkley’s security 101 is a great example of what core concepts both students and employees need to understand in order to establish a standard line of defense.

Without these basic security concepts, such as password hygiene, users become a direct risk that could potentially bypass any policy in place:

  • Password hygiene
  • Common phishing tactics
  • Anti-malware and other security software
  • Credential protection
  • Scam detection
  • Welcome to the campus security guide

Create proper use guidelines for staff. Faculty laptops and computers should uphold certain standards of use, too. By encouraging and limiting dangerous interactions, you can better isolate and secure the data and platforms your staff interacts with.

  • Configure automatic lock-screens.
  • Install an anti-theft / data protection tool.
  • Limit unnecessary software usage.
  • Implement zero-trust browsing policies.
  • Instruct users on data handling.

Map data interactions and create policies. The educational industry handles private information and sensible data from both parents and students. From financial details, such as loans and payment information, to personal data, such as personal records, social security numbers and performance.

This data passes the hands of teachers, administrative employees, parents and thirdparty vendors who provide software platforms to manage them. All institutions should map these data points of origin, handlers and points of transference to ensure all responsible parties are informed of their obligations to this data.

Takeaways

Maybe it is time for your school to pull together a security guide. If you do, we recommend that it addresses both personal responsibilities for educational devices and respect for the campus learning system that contains everyone’s personal data. After all, staying safe is both an individual and a school-wide effort.

This article originally appeared in the March April 2020 issue of Campus Security Today.

Featured

  • Shooting Likely a Combination of Factors

    Following the deaths of a teacher and student at Abundant Life Christian School in, Madison, Wisc., police chief Shon Barnes indicated that the motive appears to be a “combination of factors” for a 15-year-old female student’s attack on a study hall. Read Now

  • Two Killed During Shooting at Wisconsin Christian School

    Two people were killed and five injured during a shooting at the Abundant Life Christian School in Madison, Wis. on Monday. Read Now

  • Black Hills State University Takes an Open, Scalable Approach to Video Security

    Black Hills State University recognized the need for a centralized video system to improve campus security and streamline operations. The university sought a solution that could unify its main campus with a satellite location, enable cross-department access, and scale with future growth. By implementing open platform video technology, BHSU laid the foundation for a comprehensive, flexible, and scalable security infrastructure. Read Now

  • Pennsylvania School Uses Locked, Rolling Security Grille to Control Spectators, Secure Building

    St. Jude School in Mountain Top, Pennsylvania, is a private Catholic elementary school that serves students from Pre-K through grade 8. Recognized as a Blue Ribbon School by the U.S. Department of Education, St. Jude offers diverse educational programs designed to foster a nurturing and challenging learning environment, and extracurricular activities like sports are an integral part of promoting teamwork, discipline, and physical fitness. Read Now

Most   Popular

Webinars