A Guide for Educational Institutions to Avoid Insider Threats

A Guide for Educational Institutions to Avoid Insider Threats

Cyber security has to now be as central to the safety of students and faculty as physical security is.

  • By Isaac Kohen
  • June 12, 2018

Across the US education institutions have to take on the task of managing sensitive information that are not just critical for the organization but also for each and every student’s and employee’s life going forward. One data breach is all it takes to cause not just financial harm to a person but in some cases physical harm if it was accessed by a malicious individual. With issues such as bullying, harassment, and increasing radicalization common among students and people in the community data security becomes ever more important.

When it comes to data security as we know it has become increasingly more about insider threats. This is different than the past where there was just a focus on securing the perimeter around where data was stored. Now with the digitization of everything, a data breach is simply a matter of unauthorized access. This is mainly due to how easy it is to duplicate or download data upon seeing it. Insiders who are usually employees, contractors, and third parties sometimes are threats. In 2017, The Dark Overlord hacker group managed to infiltrate Columbia Falls School District and acquiring the data from students, parents, and faculty of more than 30 schools in the region. This resulted in classes being cancelled for three days. Hackers used the data to harass parents with death threats against their children and to faculty. Their ransom letter even alluded to the Sandy Hook shooting incident.

Cyber security has to now be as central to the safety of students and faculty as physical security is. With the right data any malicious actor can be a significant threat. Thankfully there are some steps that institutions can take to ensure the safety of their community on campus. While some school districts struggle financially the tools and practices for security are often inexpensive with a lot of savings.

Security Education & Training

The value of education on a topic should be of no surprise to educational institutions. While most are prioritizing creating a safe space for students and educators to have optimal outcomes, cyber security remains a vulnerability for most places. In today’s environment incidents such as what happened with Dark Overlord are common, but they often happen with the negligent aid of an employee or some other insider with access to sensitive data. Someone who is part of administration or faculty may open a link in a suspicious email. That link may trigger a download of backdoor access malware or ransomware. This ultimately results in a data breach. Simple incidents such as downloading attachments or clicking links can put many people’s lives at risk. As many educators know just a set of powerpoint slides does not reinforce knowledge. Instead what is needed is training. Students already have their activity monitored when they sign in to school computers which of course allows schools to identify and act on threats. However, when it comes to administration, they are not always monitored as closely. Administration and educators alike need continuous training to master security. Focus on topics such as phishing, ransomware, incident response, and communication practices.

Monitoring

The monitoring of applications and emails helps to mitigate user’s risky behavior. Monitoring is more than viewing a session, it involves the analysis of network log data to learn about behavior patterns on the network and by each individual user. This is called behavioral analytics and it is an increasingly common technology that integrates the practice of log analysis with machine learning to understand insider threats on your network. At minimum emails, applications, and keystrokes on terminals and the network need to be monitored.

Prevention

Training and monitoring alone will not keep your campus safe. There needs to be policies and practices in place that mitigate the exposure of sensitive data in the first place. One of the easiest things to do on your campus right now is to review and manage permissions to sensitive data based on role. Additionally it would help to review what is defined as sensitive. If the campus has information about social media accounts of a student for example, a leak could bring harm to that student potentially. Another preventative measure to take is to structure tasks and work to minimize stress. When employees are under stress they make many more simple mistakes, like opening a suspicious attachment or link.

Insider threats are able to be mitigated. Campuses have some unique aspects about them but the underlying security measures that need to be taken are similar to other organizations. When it comes to students campuses are often much more proactive about security than they are about their own faculty. Be sure to treat every person with access to the network as a potential security threat. You can learn more about insider threats from the guide developed by the Carnegie Mellon CERT team.

About the Author

Isaac Kohen is the founder and CEO at Teramind Inc.

Featured

  • Electrified Latch Retraction Locks Key Benefits for Retrofits

    Building owners and facility managers increasingly rely on electrified hardware to enhance security while meeting accessibility standards. Among these technologies, electrified or motorized latch retraction locks are especially effective for retrofit projects where existing door and frame conditions complicate upgrades. Latch retraction capable locks combine security, accessibility and code compliance benefits, making them ideal for retrofitting fire-rated and non-rated openings in schools, healthcare facilities, commercial buildings and more. Read Now

  • How Cloud Security Solutions Are Transforming Campus Safety

    Campus administrators today face a challenging mandate: deliver stronger security across their facilities while working within tighter budget constraints. From school districts focused on student safety to hospitals protecting patients and staff, the question remains the same: how do you build security infrastructure that evolves with your needs without requiring massive capital investments? Read Now

  • Rethinking Campus Security From the Inside

    For decades, campus security strategies focused on keeping threats outside school walls. But since the tragedy at Columbine High School, data has shown that many attacks begin inside the building, often in classrooms and corridors. This shift has prompted schools to rethink security from the inside and place greater emphasis on interior elements such as classroom doors. This shift is evidenced by a new generation of classroom door systems engineered to delay inside intruders and an ASTM standard that raises the bar on how these systems must be designed to defend against attack. Read Now

  • AI in Security: Advancing Campus Safety and Considerations for Implementing

    Artificial intelligence (AI) continues to capture attention across every sector, and the physical security industry is no exception. Once seen as experimental, AI-enabled analytics now underpin how organizations monitor environments, detect threats, and make decisions. What was once futuristic is now a practical necessity for safety professionals managing growing volumes of data, tighter resources, and increasing expectations for faster, more accurate responses. Read Now

Most   Popular