Whenever I go into classrooms and train students (and teachers), I try to emphasize the importance of being careful with your passwords. In fact, I have posted in this blog about password creation and safety multiple times. For many people that have been in education as long as I have (or longer) the question arises about why it is so important to keep our passwords and system safe - we're not handling nuclear material or doing things that will lead to people dying. The issue is that in today's world, data is one of the most powerful items that exists. The hacking of Equifax was so huge because of the numbers of people who had data stolen and the type of data that was stolen.
Student data represents a virtual gold mine to cyberattackers. With data contained within our School Information System, criminals would be able to start opening credit accounts in the name of students. Imagine your child reaching 18 years old, trying to open a credit card account, and being denied because they have over 10 years of bad credit history. That is what could happen if students' data is stolen. The worst part about this is that most parents will check their own credit on a regular basis, but will never think about checking their child's credit history. Thus criminals can have multiple years to abuse a child's identity without ever being caught.
In our district, the Information Technology department does our best to put in place protections to prevent cyberattackers from gaining access to our students' data. We have robust firewalls protecting our network, threat management software to detect and stop malware and viruses, and we limit access to our systems to verified users. A lot of companies employ such measures to make their networks and systems safe. Unfortunately, still many of them get attacked. One of the most common reasons systems get penetrated is user mistakes. What type of mistakes lead to this occurrence? People click on the wrong email and give over information or install software designed to infiltrate a system is on type of mistake, but the most common mistake is password security. Choosing a robust and difficult to guess password is the first step, as I've mentioned in previous posts. Using default passwords is essentially just as bad as having no password at all. Also, writing down passwords in publicly visible places - like a sticky note on your monitor or taped to your keyboard - is just as bad. No body should even need to know your password for any reason. If they have a valid reason for accessing your accounts, there are methods for system administrators to reset your password to get into your account. Remember, password security not only protects you, the teacher, but it also protects the data of your students.
Schools are becoming a large target for cyberattackers. Why would this be? Is it the employees' data that attackers are attempting access? They are the ones with income and bank account. But that is not the reason - the real reason is student data. Recently, the Takeaway had a short segment on this danger titled Hackers Target Student Data as Schools Report Increasing Cyberattacks. You can listen to the segment below:
Student data represents a virtual gold mine to cyberattackers. With data contained within our School Information System, criminals would be able to start opening credit accounts in the name of students. Imagine your child reaching 18 years old, trying to open a credit card account, and being denied because they have over 10 years of bad credit history. That is what could happen if students' data is stolen. The worst part about this is that most parents will check their own credit on a regular basis, but will never think about checking their child's credit history. Thus criminals can have multiple years to abuse a child's identity without ever being caught.
In our district, the Information Technology department does our best to put in place protections to prevent cyberattackers from gaining access to our students' data. We have robust firewalls protecting our network, threat management software to detect and stop malware and viruses, and we limit access to our systems to verified users. A lot of companies employ such measures to make their networks and systems safe. Unfortunately, still many of them get attacked. One of the most common reasons systems get penetrated is user mistakes. What type of mistakes lead to this occurrence? People click on the wrong email and give over information or install software designed to infiltrate a system is on type of mistake, but the most common mistake is password security. Choosing a robust and difficult to guess password is the first step, as I've mentioned in previous posts. Using default passwords is essentially just as bad as having no password at all. Also, writing down passwords in publicly visible places - like a sticky note on your monitor or taped to your keyboard - is just as bad. No body should even need to know your password for any reason. If they have a valid reason for accessing your accounts, there are methods for system administrators to reset your password to get into your account. Remember, password security not only protects you, the teacher, but it also protects the data of your students.
