A Guide for Educational Institutions to Avoid Insider Threats

A Guide for Educational Institutions to Avoid Insider Threats

Cyber security has to now be as central to the safety of students and faculty as physical security is.

Across the US education institutions have to take on the task of managing sensitive information that are not just critical for the organization but also for each and every student’s and employee’s life going forward. One data breach is all it takes to cause not just financial harm to a person but in some cases physical harm if it was accessed by a malicious individual. With issues such as bullying, harassment, and increasing radicalization common among students and people in the community data security becomes ever more important.

When it comes to data security as we know it has become increasingly more about insider threats. This is different than the past where there was just a focus on securing the perimeter around where data was stored. Now with the digitization of everything, a data breach is simply a matter of unauthorized access. This is mainly due to how easy it is to duplicate or download data upon seeing it. Insiders who are usually employees, contractors, and third parties sometimes are threats. In 2017, The Dark Overlord hacker group managed to infiltrate Columbia Falls School District and acquiring the data from students, parents, and faculty of more than 30 schools in the region. This resulted in classes being cancelled for three days. Hackers used the data to harass parents with death threats against their children and to faculty. Their ransom letter even alluded to the Sandy Hook shooting incident.

Cyber security has to now be as central to the safety of students and faculty as physical security is. With the right data any malicious actor can be a significant threat. Thankfully there are some steps that institutions can take to ensure the safety of their community on campus. While some school districts struggle financially the tools and practices for security are often inexpensive with a lot of savings.

Security Education & Training

The value of education on a topic should be of no surprise to educational institutions. While most are prioritizing creating a safe space for students and educators to have optimal outcomes, cyber security remains a vulnerability for most places. In today’s environment incidents such as what happened with Dark Overlord are common, but they often happen with the negligent aid of an employee or some other insider with access to sensitive data. Someone who is part of administration or faculty may open a link in a suspicious email. That link may trigger a download of backdoor access malware or ransomware. This ultimately results in a data breach. Simple incidents such as downloading attachments or clicking links can put many people’s lives at risk. As many educators know just a set of powerpoint slides does not reinforce knowledge. Instead what is needed is training. Students already have their activity monitored when they sign in to school computers which of course allows schools to identify and act on threats. However, when it comes to administration, they are not always monitored as closely. Administration and educators alike need continuous training to master security. Focus on topics such as phishing, ransomware, incident response, and communication practices.

Monitoring

The monitoring of applications and emails helps to mitigate user’s risky behavior. Monitoring is more than viewing a session, it involves the analysis of network log data to learn about behavior patterns on the network and by each individual user. This is called behavioral analytics and it is an increasingly common technology that integrates the practice of log analysis with machine learning to understand insider threats on your network. At minimum emails, applications, and keystrokes on terminals and the network need to be monitored.

Prevention

Training and monitoring alone will not keep your campus safe. There needs to be policies and practices in place that mitigate the exposure of sensitive data in the first place. One of the easiest things to do on your campus right now is to review and manage permissions to sensitive data based on role. Additionally it would help to review what is defined as sensitive. If the campus has information about social media accounts of a student for example, a leak could bring harm to that student potentially. Another preventative measure to take is to structure tasks and work to minimize stress. When employees are under stress they make many more simple mistakes, like opening a suspicious attachment or link.

Insider threats are able to be mitigated. Campuses have some unique aspects about them but the underlying security measures that need to be taken are similar to other organizations. When it comes to students campuses are often much more proactive about security than they are about their own faculty. Be sure to treat every person with access to the network as a potential security threat. You can learn more about insider threats from the guide developed by the Carnegie Mellon CERT team.

About the Author

Isaac Kohen is the founder and CEO at Teramind Inc.

Featured

  • Ensuring School Bus Safety: Tech-Driven Advancements and Their Impact on Student Transportation

    Parents and school districts have always shared one fundamental, non-negotiable goal: to keep students safe while traveling to and from school. Period. Read Now

  • How Campus Security Became an Art of Disappearing

    Walk across any university campus at 8:47 a.m. on a Tuesday, and you'll witness something remarkable. Thousands of students stream through buildings, carrying everything from vintage MacBooks to oversized coffee cups, lost in conversations about weekend plans or upcoming exams. If the right weapons detection is in place, most will never notice the sophisticated security measures protecting them. This invisibility can represent the highest achievement in modern campus security design. Read Now

  • Torrance USD Standardizes Its Mass Communications

    The Torrance Unified School District is a cornerstone of the Torrance, Calif. community, dedicated to providing a high-quality education that prepares students for success in college, career, and life. Serving a diverse student population, Torrance USD delivers a comprehensive and enriching educational experience from kindergarten through high school. The school district comprises 17 elementary, eight middle, and five high schools, one continuation high school, and one alternative high school.  Read Now

  • How a Rural School District Enhanced Safety, Reduced Vaping, and Improved Efficiency by Modernizing Security

    As educational leaders, our primary mission is creating safe, productive learning environments where our students can thrive. Today, that unfortunately means addressing ever-evolving challenges that range from security threats to the growing epidemic of student vaping, all while managing tight budgets and (for many of us) geographically dispersed facilities. Read Now