Is your School's Office 365 Platform safe from Cyber Attacks?

21 Jun 2021

Check out the most common data security errors schools and colleges make…and how to prevent them!

 

"After Healthcare, Education is the most targetted industry by cyber criminals"

Verizon 2021 Data Breach Investigation Report

 

This year alone, 75% of Irish organisations experienced cyber attacks. The recent ransomware attack on the HSE has highlighted just how easy it is for cyber criminals to gain access to an organisations’ data, causing distress and leaving vulnerable people’s sensitive information in the wrong hands. But what can schools and colleges do to prevent this?

Having spent the past 20 years securely setting up and managing the Office 365 platforms of hundreds of schools and colleges to prevent cyber attacks, the same security weaknesses present themselves time and time again. In this blog I outline the key security risks all schools and colleges should be aware of with the steps needed to prevent data and security breaches from taking place.

See how secure your school's cloud platform really is!

Our engineers have created a school security survey to allow schools to assess which areas they most need to focus on. Click here and take 1 minute to complete this short survey:

Take School Security Survey

 

Created by our school engineers based on the most common school security issues, download our School Security Top Tips.

Download Now

 

2327 image

 

School Security Risk Number 1 – Not Configuring the School’s Communication and Collaboration Platform

Office 365 gives schools great features and functionality for communication, collaboration and teaching and learning but, like any cloud-based system, it needs to be securely configured to ensure that students and staff are working in a safe environment. 

The main areas to focus on are email and collaboration solutions such as Microsoft Teams and Microsoft OneDrive. These are the services that are most at risk if not correctly configured and are constantly being updated with new features and functionality that many schools are not aware of.

One school in the south-west of Ireland contacted Wriggle Learning after students had shared a link to one of their class meetings on social media. Several external people then used the link to join the class meeting and caused disruption before the teacher was able to remove them. We worked with the school to configure their meeting options and policies to ensure that all teachers had complete control over the people joining their online classes and to put procedures in place to prevent this from happening again. This emergency response was completed within the same school day and all staff and students were protected within hours of the original incident. 

Unfortunately these kind of disruptions have been all too common in schools over the past 18 months but luckily there are some simple steps schools can take to prevent this: 

  • Safely configuring Microsoft Teams meeting settings on all school accounts will ensure that these accounts remain safe
  • Developing and communicating a school-wide policy on the use of these platforms ensures that all staff and students remain protected while communicating online

Wriggle’s cloud service team have put in place and managed the Microsoft Teams policies of hundreds of schools to ensure that only students can access their class meetings and that Microsoft Teams is a safe, secure, and reliable environment in which to communicate and collaborate with staff, parents and students.

Talk to one of our experts today to see how we can assist your school with securely setting up and managing your school’s Microsoft Teams and OneDrive accounts.

 

2323 image

 

Security Risk Number 2 – Not Securing School Email Accounts

Phishing attacks are responsible for 93% of all cyber attacks. These attacks generally happen via email and can leave schools and colleges wide open to all of their credentials and personal data being stolen or leaked.

In another school that our team encountered, a student email account was phished and was used to relay spam mail to hundreds of external contacts within the school community. This caused a chain reaction where the recipients responded to the spam mail, causing more and more accounts to be compromised and leaving the school significantly exposed. Wriggle Learning’s engineers traced the original attack back to its source, locked down all exposed accounts and retrieved the situation within a few hours of the original breach. Policies were then put in place to strengthen defences to phishing attacks in the school to ensure that a similar event would be prevented in the future. 

In the case of this and other phishing attacks on schools, the key steps our engineering team took were to:

  • Carry out an extensive audit of the school’s Office 365 services and configurations and any anti-spam software in place
  • Strengthen and extend the school’s anti-malware and anti-spam protection to pre-empt and stop phishing attacks before they become a problem

Not all types of anti-spam software prevent phishing and other attacks on school accounts. If you’re not sure whether your school’s security software protects your school accounts sufficiently, talk to one of our experienced engineers today.

 

2328 image

 

Key Security Risk Number 3 – Not Configuring the School’s Data Sharing Options

Schools have access to the personal data of every family and staff member within their school community, including financial, medical or psychological information on many students. Not all staff need to have access to this information and yet many schools have no policy or settings put in place to separate school data and ensure that it cannot be shared by a third party.

To secure a school’s data sharing options, the Wriggle engineering team take steps to ensure that:

  • Staff automatically have access only to the data that is necessary for them to know
  • Files and personal or sensitive data stays safely within the school’s secured database and cannot be shared either deliberately or accidentally by any staff member

 

This blog highlights just three of the most common security risks encountered in schools each year. For further information on how to ensure the correct settings are in place in your school or college to prevent data breaches or cyber attacks, download our Education Engineers' Top Security Tips for Schools and Colleges.

Download School Security Top Tips

 

See how secure your school's cloud platform really is:

Cyber attacks on all organisations have increased tenfold over the past year alone and it is vital that schools and colleges review their systems and policies to ensure that their data remains safe. Our engineers have created a school security survey to allow schools to assess which areas of school security they most need to focus on. Click here and take 1 minute to complete this short survey.

 

Take School Security Survey

 

2325 image

Fintan is the Cloud Services and Office365 Lead at Wriggle Learning. With over 20 years’ experience delivering software solutions for teaching and learning, Fintan helps customers securely setup, manage and get the best use from the Office365 suite and Cloud Services for education.

 

Is your school’s Office 365 platform set up safely and ready for the new academic year?

Talk to one of our experts today to get your school’s security settings in order.

We use cookies to improve our website. By continuing to use this website, you are giving consent to cookies being used. More details...