Running an Australian school is a balancing act. Limited time and budgets as well as the ever-evolving nature of education means that often cybersecurity is low on the list of priorities.
Unfortunately – as schools embrace the Internet and applications that are revolutionising classrooms, cybersecurity becomes more and more important in keeping the classroom running, as well as in the duty of care required to keep students personal information safe.
As schools embrace bring your own device (BYOD) styles of education, connected devices such as laptops, tablets and smartphones are now often required on campuses.
There are also many Internet of Things (IoT) connected technologies in schools such as smart boards and virtual reality (VR) headsets that are valuable tools to facilitate learning for both staff and students.
Australian schools ‘soft targets’
With the rise of all this connected technology, schools sometimes underestimate the risk that such an open environment poses to their IT infrastructure, staff and students. With limited budgets and manpower to dedicate to security, Australian schools are seen as ‘soft targets’.
As a result Malwarbytes has detected and cleaned more than 62,000 pieces of Malware from Australian schools in the past 12 months.
The Australian Mandatory Breach Disclosure legislation that came into effect in February 2018 is also highlighting the extent to which schools are being targeted.
Of the 19 notifications from schools from April to June 2018, almost half are believed to have been the result of a malicious or criminal attack.
Malwarebytes has recently completed a survey of the cost of such attacks in Australian institutions. Of the organisations surveyed, two-thirds had experienced some form of malicious attack.
The cost of dealing with a major breach in a 2,500 seat organisation (including IT, operations, legal fees fines, etc) was US$165,000.
While this is a lot of money, it’s around half of the global average. We expect this amount to rise as Australia tightens up legislation over the next few years and schools need to be prepared for how this will impact them.
The solution can be simple
Principals need to understand their responsibility to disclose data breaches that occur and the potential impact this could have on their school. The good news is that simple measures can be taken to dramatically reduce risk in schools.
Schools should aim to build ‘Cyber Awareness’, and encourage regular password changes and increased complexity. Conducting regular backups and ensuring new software updates are installed when they become available also helps protect schools from breaches.
Technology-wise, it’s important to remind people that although they may be safe ‘at school’ they may not be when they access the Internet outside of this network.
Instances of Android based malware have increased in 2018, so while it is important to have a next-gen antivirus on PCs – Macs, iPhones and Androids should also be protected using a security app, such as the one Malwarebytes offers.
Solutions like this offer multiple layers of protection to everyone both on and off campus, and schools are deploying them all across Australia, including at All Saints Grammar in Sydney.
School takes proactive approach
Like many other institutions, All Saints Grammar recently moved toward a complete BYOD environment. As a result, the school had multiple endpoints that were increasingly at risk from rapidly evolving malware systems.
After its payroll system became infected, the school looked for a solution that would protect its many end points from compromises that occur both on and off campus.
Ultimately, All Saints Grammar deployed Malwarebytes Endpoint Protection. The solution also identified a number of issues across the network, and actively blocked attacks before they became an problem
As our education system develops, schools must update their existing and often outdated security infrastructure.
Only by anticipating and understanding the risk, can they deploy solutions that will protect both staff and students, across whatever device they use on their networks.
FREE TRIAL - FOR YOUR FREE TRIAL OF MALWAREBYTES ENDPOINT PROTECTION visit www.malwarebytes.com/FreeSchoolTrial
Jim Cook is the regional director, Australia and New Zealand at Malwarebytes