Websites provide almost unlimited opportunities for learning and research within the education environment and safe access to these sites is vital, but increasingly criminals are using fake sites to harbour threats to your network security with seemingly harmless downloads containing malware.
Email traffic remains the single biggest entry-point for Ransomware and other viruses to access your network. Schools are seen as soft targets, with as many users accessing the network in a medium sized primary school as do in a large corporate office building. How many businesses do you know that have 400 users with different skill levels and with age groups ranging from 4 to 70 all accessing a network?! Even cloud solutions like Microsoft O365 and Gmail from Google are not immune.
Spear phishing is rapidly becoming the most significant security threat in business and attacks in Education are on the rise. Countless individuals and organizations have unwittingly wired money, sent tax information, and emailed secure credentials to criminals who were impersonating their employer, colleague, or even a trusted friend. These attacks are compelling and cannot be stopped with existing email security solutions—creating devastating results for those affected. No one is immune to a well-crafted Spear Phishing attack- least of all vulnerable and impressionable young people and their time-pressured teachers.
It’s not just criminal activity that can affect your data; there are also the possibilities of data loss due to natural disasters, hardware failure, power surges or just human error (the biggest cause of loss being inadvertent data deletion). Backing up all of your data securely and regularly is vital.
In a nutshell: Secure it, monitor it, back it up and train your users!
Computeam Secure offers a complete set of advanced threat protection software and solutions to do just this, monitoring networks and ensuring that your staff and pupils’ data is protected from all of these threats.
We work with several security solutions providers including Barracuda (Computeam were recently awarded the prestigious Barracuda MSP partner of the year 2018) and ESET for anti-virus and encryption.
Good quality antivirus software is the first stage in securing your network and user devices but it’s no longer enough. With an increasing amount of data residing in the cloud, we recommend a wider approach:
Barracuda Essentials provides the most complete, simple, and affordable solution for protecting emails and data in Office 365, Microsoft Exchange, and G Suite. It combines award-winning email security, as well as a tamper-proof email archive to ensure compliance and simplify searches that might be required under GDPR. For Office 365, Barracuda also offers full cloud-to-cloud backup and recovery of all your emails and files.
In addition, many of our clients now choose to encrypt data on devices that leave their network and put in place extra security on remote access and online services by deploying 2-factor authentication, for example SMS passcodes in addition to a password. All of the above services can be included in a single annual subscription.
Our monitoring service is based on Barracuda Sentinel, and can automatically detect and prevent spear phishing attacks that evade traditional email security systems. The Barracuda Sentinel AI engine learns organization’s unique communication patterns, and uses these patterns to identify anomalies and quarantine spear phishing attacks in real-time. This high-value service generates reports that might also form part of your training and awareness-raising strategy (see below).
For our managed service clients, we can also arrange a full domain security audit which will scan the windows network and look for vulnerabilities such as weak user passwords.
In the end any security system can be compromised so a high-quality, automated, off-site backup service is essential. That is exactly what Computeam offers to our managed service clients in partnership with Barracuda Backup. Once an initial installation is completed, files and folders are automatically backed up in the cloud and are encrypted beyond the 128-bit encryption methods typically used for online banking. We also communicate with our servers using SSL (Secure Socket Layers) technology, ensuring your data is encrypted both in transit over the internet and in storage.
Good awareness from staff is an essential part of any cybersecurity strategy for your school. We can signpost the way to useful online guides, arrange for a specialist trainer to visit and deliver an INSET, or even deliberately target your network and users to reveal weaknesses (known as “Penetration testing” or “White Hat Hacking”) and use these as learning opportunities.
We understand that every school has a different challenge in maintaining security online and that budgets for many are already stretched. We are confident that by taking a planned approach and prioritizing the right areas, you can achieve a minimum level of protection without breaking the bank and work with your service provider to develop your network security over time.
Advice is always free at Computeam so please get in touch to discuss any ideas or concerns you have about data security today.
Posted on October 14th 2018