How education IT teams can prepare school districts for ransomware

Cybersecurity is even more important with widespread remote learning--here's how education IT teams can ramp up awareness

Despite the challenges of keeping cybersecurity a priority while also trying to adjust to remote learning, there are still steps that IT professionals in the education sector can take now to ensure they’re keeping sensitive student data safe from cyberattacks, and minimizing the potential for downtime that could impact learning if an attack is able to slip through the cracks.

Building a ransomware response plan

Just like in any industry, education IT teams should have a plan to follow when a ransomware attack inevitably strikes. Establishing a crisis team with district leadership, IT leaders, and department heads is a good first step – this group can help map out the district’s IT infrastructure and identify the critical systems and data that most need protection. Compliance considerations will also need to be part of this discussion, as some types of student data have strict rules under regulations like FERPA. The last thing a school district needs when dealing with the fallout from a ransomware attack is to be slapped with fines for exposing sensitive student data.

To successfully mitigate ransomware during an attack, education IT teams must also test their ransomware response plan ahead of time. Recovering quickly to reduce downtime is important to restoring learning. Regular testing eliminates confusion about what steps need to be taken and speeds up the process; the faster infected systems can be isolated, the less widespread the damage will be.

Integrating cybersecurity with data protection is also something to consider when developing a plan for ransomware, especially as many IT managers have tighter budgets due to COVID-19. All-in-one solutions meet various IT needs in one centrally managed console, which lowers costs and offers a level of simplicity that may be especially helpful for smaller education IT teams. By taking a two-pronged approach and integrating security with backup and disaster recovery protocols, education IT teams can more easily neutralize the ransomware threat – removing the segmentation between the two makes the process of detecting and preventing attacks, as well as recovering potentially impacted systems and data, smoother.

Making students and teachers cyber-ready

Educating students and teachers about best practices for cyber hygiene can also help stop cybercrime before it starts. As part of training to prepare for virtual teaching and learning, education IT teams should also offer cyber awareness training – with education being moved online, students must learn the warning signs of a phishing attack like suspicious attachments or unknown links. Particularly for students who are communicating with their teachers online for the first time, it’s essential to outline the potential risks and things to look out for.

They should also have access to a remote backup system that automatically backs up data, without requiring manual intervention by the IT team. This will help to free up IT resources to focus on security, while also ensuring that student data isn’t lost due to confusion around what to back up, how often, and where to store it. Further, many people assume that SaaS-based systems like Microsoft Office 365 automatically back up their data, but this unfortunately isn’t the case, meaning a third-party data backup system is required to keep this data safe. All school-issued devices should be connected to this remote backup system, which will ensure emails, schoolwork and other student data are backed up and instantly accessible in case of an attack that encrypts files.

While the decision has yet to be made about whether remote learning will continue full-time through the fall, the COVID-19 pandemic has demonstrated a clear need for the education sector to make technology a more integral part of the learning process. With this comes an increased risk of cyberattacks in an already-hard-hit sector, but having a ransomware response plan in place and taking proactive steps to develop security and disaster recovery best practices are key to keeping student data safe and school systems up and running.