Cyber Security

What was initially something primarily used for business applications eventually turned into something many people can’t fathom living without. Wi-fi has come a long way since it was first made available to consumers in 1997 and is now something that schools across the globe rely upon. While adults have adopted wi-fi into their daily routines, most children were raised with wi-fi and have always been digitally connected. The benefits wi-fi provides are undisputed, but the risks are still being realised everywhere, including the classroom.

Schools are in a difficult position, because they need to prepare their students for the jobs in a digital workforce, yet they also have a duty to keep their students safe. Without wi-fi, they’re missing out on innovative ways to teach their students with technology that includes personalised learning applications and digital whiteboards.

Teachers, parents and students alike all expect wi-fi in schools today. However, when schools first started exploring its benefits, there were likely only one or two rooms in the school that were connected to the internet. What’s more, that might have been only allowed during specified times. Today, wireless devices are part of the curriculum, and if the wi-fi stopped working unexpectedly, teachers would have to restructure their teaching plans for the day.

All this reliance upon technology is an attractive target to cyber criminals. Would-be hackers see school databases as tempting targets with their servers that contain a significant amount of personal data. And the threat isn’t always from the outside. Attacks can happen from within as well. After all, why would a student care about the security of your school’s online environment unless they truly realise how a cyber-threat could affect them personally? And with many students taking personal devices to school and using them (whether they’re allowed or not), the threat increases significantly.

It is absolutely vital that schools pay attention to the security of their wi-fi networks in order to protect staff and students, secure personal information and remain functional while aiding the learning of its students. This article explains why and how to make cyber-security a crucial part of school security.

School Wi-fi Extends Beyond the Walls of the School

Considering children spend a majority of their time at school, there’s an expectation that the school will be as digitally connected as their home. There are countless learning apps that are highly beneficial to students and teachers alike. They’d be missing out if they didn’t have access to such tools.

But it isn’t just students who need or expect wi-fi. Teachers need it for those same reasons, and school administrators rely on it so they can communicate with parents, maintain the school website and ensure regulatory compliance, security and record keeping. Additionally, staff may need access to the school’s digital resources while they’re at conferences or attending other off-site functions. As such, it is important to provide secure remote networks if they’re using school devices or their personal devices to access such tools.

In addition, staff may need to access digital school resources while away for conferences, training or other off-site educational activities. Providing secure remote networks on school devices can help provide an additional layer of protection when used off-site. The main reason being that you can’t trust the public networks they might be using, so you need an additional layer of protection to protect against breaches in those locations.

Parents are also involved with your school wi-fi, although indirectly. Do your teachers send emails to parents? Do parents email your teachers? The answer is likely an astounding ‘yes’. What would happen if a parent accidentally sent a virus as an email attachment and a teacher clicked on it? Without proper precautions, it could cripple your entire network.

Another push for the need for wi-fi in schools is physical safety in schools, which is a growing concern. More schools are relying on surveillance systems, and they require wi-fi in order to effectively monitor the entire school campus.

How school Wi-Fi networks commonly work

Shockingly, all that many schools require in order to log in to the network as a type of unencrypted wi-fi that requires only a username and password. That’s only slightly more secure than offering it to the entire public, like most shopping centres and cafes. It is important to know that both types of unencrypted networks transmit all the data passing through it in the open so anyone can incept it as it travels between the router and a device. Even though requiring a password offers some protection, hackers will always look for a way to access the system.

One way to make an unencrypted network more secure is to use WPA2, which separates and isolates each user’s session so nobody else on the network can access it. Again, however, hackers will try to find a way to access these isolated sessions despite the fact that WPA2 makes them safer. A more effective precaution is to create the safest online environment possible and train users on proper cyber-security practices.

Best Practices for a Secure School Cyber-Security

Providing secure, yet reliable wi-fi that meets the needs of a school can be a daunting task. There are many moving parts and logistics that need to be considered when devising a cyber-security plan that addresses the vulnerabilities that school wi-fi creates. Take these best practices into account:

  • Consider your threats—When creating a security plan of any kind, it is important to think of where your threats are coming from. This isn’t so easy to do with cyber-security, as there are so many different threats as well as different ways to access your network. Here are a few:
    • Professional hackers who look for weak networks that haven’t patched security vulnerabilities
    • Past students or malicious members of the community with the intention of scaring staff and students
    • Students inside the network who may attempt to access private information
    • Anyone inside the network—whether students, staff or administrators—who inadvertently distributes a virus to the entire network
  • Install separate networks—Make sure that you have a separate network for students and a separate network for teachers. This ensures that if a breach occurs, it is limited only to that specific user population.
  • Hide the service set identifier (SSID) of the school’s networks—The administrative networks should be hidden from the list of available networks. If you want to provide specific teachers and administrators access to the networks, give them the exact names of the networks so they know which ones to look for.
  • Use multi-mode security monitoring—Consult with an IT expert to see which type of security monitoring method would be best for your school. There are two modes—active and passive—that security monitoring is offered in. Active monitoring systems flag threats, block access to inappropriate websites and alert IT staff to suspicious activity as it is occurring. In contrast, passive security monitoring involves logging every behaviour conducted over the network and periodically checking it for unusual or inappropriate activity.
  • Train your staff—While staff might not maliciously inflict a cyber-attack, they may inadvertently allow one. That’s why staff training is so important when it comes to securing a school wi-fi network. Human error is natural, and the stress of a full workload can cause a staff member to accidentally open the school wi-fi network up to hackers. Making them aware of simple cyber-security protocols can go a long way. Regularly remind them of these safe cyber-practices:
    • Log out of the network whenever you’re not using it. Never walk away from a computer while you’re still logged in, and never leave for the day without logging out first.
    • Never share the names of administrative networks or logins with students. No matter how trustworthy they seem, providing it to that one student puts the responsibility on them to keep it safe and prevent it from getting it in the wrong hands.
    • Keep passwords and logins in a safe location, never written down in a place accessible to students, other staff or visitors. If you need to share a login with other staff members, find a secure way to do so.
    • If you see any suspicious activity or emails, report them to a designated staff member or IT support. Never open or forward emails from unknown sources. Also, never click on a suspicious link, as it could allow hackers access to the entire network, even if it is on your personal device connected to the school network. Watch out for suspicious email addresses and websites that may mimic legitimate ones.
  • Utilise a virtual private network (VPN)—VPNs create an encrypted pathway between the wi-fi network and a device, making them ideal for individual student devices. Essentially, they prevent data from being intercepted while being broadcast over the open wi-fi. They also hide your IP address and mask your location, making it slightly more difficult for hackers to access your true identity.
  • Make sure your security measures can handle the needs of your wi-fi network—Whenever you have large amounts of people trying to access a network at the same time, network failure can occur. In turn, such network failures can create security vulnerabilities. And if you have internet of things devices (IoT devices) that use up quite a bit of data, that may slow down your wi-fi connection even more. When you think of everything that is demanding the speed of your wi-fi, it is no wonder that poorly designed or slow networks can’t handle the capacity expected of it. Regularly assess whether your wi-fi network needs to be updated to manage higher traffic demands. You can also consider putting policies in place that restrict students from using the wi-fi for personal reasons.

Assessing the State of Your School Wi-Fi

Unless you’re an IT professional, it is difficult to know whether your school wi-fi is set up properly and doing what it is supposed to do. IT professionals know exactly what to look for and provide support when needed. Even if you have IT staff at your school, it may be worthwhile to hire an outside IT professional to come in and refresh them on certain threats and safeguards.

Cyber-Security Shouldn’t Be an Afterthought

No school, no matter how big or small, should assume that a cyber-attack will not happen to them. Waiting to instil cyber-security best practices can put the students, teachers, administrators, parents and the entire community at risk. Cyber-security should be as much of a priority as locking the campus doors is in the evening, and cyber-security plans should be re-evaluated regularly when wi-fi is used in schools.

To illustrate the ways school networks are vulnerable to cyber-attacks, consider how valuable your personal information is. If someone accesses your name, birthdate and any other personal information, they can possibly steal your identity. But if the fault was yours, you can take measures to prevent it from happening again. When parents or students trust you with their personal information, it is now your responsibility and needs to be taken seriously.

It is imperative that school custodians know what to do in the event of a cyber-attack. Although securing the network may be a primary concern, it is also important to be aware of the reporting obligations required by the GDPR in order to avoid legal consequences.

Final Thoughts

Wi-fi isn’t going anywhere, and schools will rely even more heavily on secure wi-fi systems as technology improves and is integrated even more into schools and campuses. Creating a secure foundation to protect against both external and internal threats can ensure that you receive value from your wi-fi system instead of making it a vulnerability. Be sure to involve experts who can provide advice on ways to provide an effective, secure wi-fi connection and prepare you for any changes as your school’s needs change and cyber-threats evolve.

 

Computers in the City, your Wifi protection partner

Computers in the City is London’s longest standing IT partner. With over 20 years’ experience, we can assist you to meet your IT support, digital security consulting and cloud computing needs. Let us help you protect your school wifi securely. We’re proud to be local, offering 24-hour support in straightforward language that takes the stress out of IT support.