Tackling the very real risk of online attacks in schools

We are a connected society; however, the more connected we are, the more susceptible we become to breaches. We consider new insights into the UK’s attitude to staying safe online and combine these with some expert advice to help keep your students and staff safe online

Cyber attacks involve hackers attempting to damage or control your school’s computer network. The goal can be to destroy, steal, or withhold data for ransom. For example, we recently reported a security breach which was brought to light by the BBC; in this incident, a Durham-based sixth form centre ended up having to pay a ransom in order to regain access to their own data.

To help you prepare your staff and students for the dangers of the online world we’ve taken a look at a national survey by NatWest. Combined with some expert advice, you can use this data to help you identify the areas where people are most in need of education about staying safe online.

 What can you do to get staff prepared for online dangers?

In any school setting staff can really impact the security of a school’s computer system. This can be in a direct sense – for example, by having access to passwords – or indirectly – through the security of the devices they connect to school networks. How do you tackle these problems?

Remind staff about the importance of good ‘password hygiene’

1. Avoid saving passwords to browsers: the NatWest survey revealed that 53% of the nation admit to saving passwords to internet browsers and 41% of us have the same passwords for multiple accounts. The problem with both of these habits is that one successful scam can give a fraudster access to multiple work and personal accounts – and even student, parent or colleague data.

2. A refresh on secure passwords

  • Passwords should be unpredictable; using a mix of symbols, capitalisation and numbers can help to achieve this.
  • Passwords should be changed regularly.
  • Passwords should be different for each account.

Consider getting help from technology

Mikko Hypponen is the chief research officer at F-Secure. Recognised worldwide as a cybersecurity expert, he’s spoken at TED and been interviewed in the international media. Understanding that it can be hard to remember multiple, secure passwords, Mikko takes a different approach. “Do not try to remember your passwords. Use a password manager. That’s the only way to have a unique and strong password in every service. This is what I do.”

Ensure staff are updating personal devices (as well as work ones)

Another surprising statistic from the NatWest study is that 22% of us don’t know what security software is best for our devices. Managers may be in control of making sure that any school mobiles, tablets or laptops are updated, but what about staff members using personal devices in school? It’s something to consider if employees are allowed to connect their ‘phones etc. to the school’s wifi network.

You might also like...  From the magazine: PFI – unplugged

Educating children and young people about online dangers

The study’s data makes it easy to see exactly what young people struggle with, enabling you to give them the best advice. While the youngest group surveyed in the study was aged 18 to 24, the behaviours of this group give us a strong indication of the attitudes children are leaving school with.

Young people overshare on social media

We should all take care with what we share on social media, but young people, in particular, are too relaxed about their privacy settings. For example, Snapchat is a social media channel favoured by younger people; it’s also the social media platform with the least careful users when it comes to security settings.

In fact, 21% of all survey respondents who used Snapchat admitted that they haven’t set strict privacy settings. Snapchat users are also the least concerned about identity fraud, with only 28% saying that they are worried about it.

Tell young people about the importance of keeping personal information private

The survey also revealed that young people are the most trusting with their personal information – for example, their bank details. 13% of young people surveyed said that they’d shared their online banking password with someone, either online or in person. This is something that should never be done.

This permissive attitude goes beyond financial information; a massive 84% of young people said they feel comfortable sharing other personal information online, too. For 69%, this included sensitive information like their date of birth – a valuable piece of information for any fraudster

From just a couple of such crucial examples, it’s clear that young people are in dire need of advice. “Never post anything online that you wouldn’t mind seeing posted on the cover of a newspaper,” Mikko Hypponen cautions. Even if you think your post is not visible to everyone, it could very well be.”

His expert opinion makes clear just how dangerous online sharing can be!

Five lessons to be learned

Let’s round up the key takeaways from the survey.

  1. Avoid saving passwords to browsers – especially on shared or public computers.
  2. Remind your team about the importance of good password hygiene.
  3. Warn everyone not to ignore security updates on their personal and work devices.
  4. Young people need to be reminded about what’s appropriate to share on social media and strongly encouraged to review their security settings.
  5. Personal information like your bank details, passwords, address and date of birth should never be shared online.

Don’t forget to follow us on Twitter, like us on Facebook, or connect with us on LinkedIn!