Skip to content
New Blog Banner Image
Damien Snare4 min read

Is your school cyber safety savvy? Reducing your online risk.

Threats to cyber security are an ever-present danger to businesses in any industry.

In fact, the latest report from the Australian Cyber Security Centre (ACSC) found that malicious cyber activity in Australia continues to increase in frequency, scale, and sophistication. The ACSC received 94,000 cybercrime reports in the 22/23 financial year alone and, crucially, they note that many of these could have been avoided or substantially mitigated by good cyber security practices. 

With this in mind, we’ve compiled some things that you may want to consider when reviewing or developing your school's strategies to reduce online risk.

The Cost of Inaction

Cybercrime is one of the most pervasive threats facing Australia and the most significant threat in terms of overall volume and impact to individuals and businesses. While implementing strong counter-measures may appear costly, the direct and indirect costs of reacting to a threat could be significantly higher, such as: 

  • Investigating the extent and impact of a compromise 

  • Developing and implementing reactive strategies with shorter timelines 

  • Recovering data, rebuilding, and hardening networks 

  • Loss of productivity, income and intellectual property 

  • Reputational costs, negative news and media exposure

Stay up to date

Software updates can often get a bad rap, whether it’s losing unsaved work due to a forced update and restart, or annoying notifications that happen at the most inopportune times. We’ve all been guilty of ignoring those updates at some point (or switching off automatic updates completely). Before you do that next time, it may be worth considering why the update is there in the first place.

In the case of the well-known ‘WannaCry’ ransomware attack, a vulnerability was exploited that had already been patched by Microsoft, and a simple update could have prevented much of the damage that was caused worldwide.

Passwords

Weak passwords provide an easy way to circumvent the other measures you may have in place. 

Think about all of the online accounts that you currently have - chances are they span across your work and personal life, including social media, banking and more. Now how many of those accounts use the same password? #guiltyrighthere 

You should keep in mind: 

  • Having a different password for each account 

  • Replacing old passwords with a much stronger passphrase, which is harder than traditional passwords to crack 

  • Checking that default passwords that can come with some accounts and devices have been changed 

  • Investigating how quickly you de-activate access to accounts that are no longer used. (For example terminated staff, or parents and students who are no longer with the school.) 

Physical Assets

Are your physical IT assets protected to the same standard as your virtual systems? Safeguarding your fixed and portable assets is an obvious but sometimes missed first line of defence. 

Things to keep in mind might be: 

  • Critical IT infrastructure such as server rooms - are there policies in place to control, limit or log access? 

  • How easy is it to connect to your school's network?  

  • How long do devices and software accounts stay logged in for (i.e. time-outs) in case devices are accidentally left unattended? 

Back it up!

Do you know how quickly your school could get back up and running in the case of an event? 

Backing up your critical systems can not only help in a fast recovery from theft or security breaches, but also from other complications such as natural disaster, hardware failure or loss of devices.  

  • How often are you taking backups of critical data? At a minimum, daily backups are a sound strategy 

  • Don’t put all your eggs in one basket- consider both online/offline and onsite/offsite storage locations for your backup sets – TASS offers a robust cloud solution to help keep your data safe 

  • Are the processes and responsibilities for backing up and restoring data clearly outlined? 

What's your Digital Footprint?

A digital footprint is a collection of information about a person gathered by tracking online actions. According to Rob Livingstone, active data traces such as social media posts, uploading content, web browsing and device usage all contribute to our digital footprint.  The information that you leave behind could be used for unsavoury means.  

Some ways to reduce your digital footprint while operating online include: 

  • Checking your privacy settings for browsers, apps, and digital accounts (especially social networks) 

  • Use anti-tracking tools or ‘private browsing' mode 

  • Delete unused accounts or memberships

Education – Not just for students

You may have employed high-tech digital and/or physical safeguards and developed stringent policies, but they lose effectiveness if staff are either unaware or do not understand the importance of following them.

Research shows that nearly half (47%) of Australians feel confident in their cyber security, yet just 34% have put in place extensive security measures. So education needs to be a key part of your strategy. Regularly facilitating professional development on network and IT policies with staff can provide a strong cornerstone to your school's cyber safety.

Consider avenues to upskill staff on how to keep themselves and the school safe while online, including what to do if a breach of policy (accidental or not) occurs. 

Damien Snare

Damian works in Professional Services at TASS.

RELATED ARTICLES