IT Security: Top tips

This Guest Editorial is by Jamie Charlton, Sales Director of Sharp Business Systems UK.

As technology continues to advance, and as schools and students become increasingly more dependent on internet-ready devices, cybercrime is becoming more difficult to both deal with, and avoid.

The Department for Education now specifies that school managers, governors, and head teachers maintain an effective approach to online safety, requiring they intervene where appropriate.

The new initiative has been developed to defend, deter, and develop, and aims to regulate schools and the processes they apply to stopping cybercrime and data breaches.

With high-profile cyber attacks recently committed against the NHS, TalkTalk, Microsoft, Sony, and Marks & Spencer, it is easy to see why the Department for Education has intervened. Attackers can gain access to confidential data belonging to students, parents, and teachers with relative ease, unless processes are in place.

Simple tips

Management at a senior level

Legally binding government guidance says a member of the senior leadership team should be responsible for safeguarding the school. The appointed member of staff should regularly add cyber security to meeting agendas.

Establish strong foundations

To protect your school network from attacks, it is imperative you implement strong protective barriers, such as firewalls. By setting up these simple yet sophisticated security controls you can safeguard against unauthorised access or malicious content.
Regular content filter updates

Children are naturally inquisitive, often they don’t even know they could be clicking malicious material. Setting up thorough, smart content filters or restrictions can be a great way of protecting your school, network, and students.

Threats to be aware of

Sharp have listed the most common software used in cybercrime below, including some useful tips on how best to avoid or evade such software.

Ransomware

Q: What is it?
A: There have been high profile cases involving ransomware. Ransomware encrypts your files and demands ‘ransom’ in the form of bitcoins to get them unencrypted.

Q: What can I do?
A: Ransomware is constantly evolving, meaning that antivirus software sometimes struggles to stay ahead. So, as defensive software is not guaranteed to prevent ransomware, the first and most important line of defence is with you, the end user. Ensure that you and your students avoid clicking on suspicious links and websites.

Cyber-Attack

Q: What is it?
A: Cyber-attacks are usually employed by individuals or organisations, and targets computer information systems, infrastructures, computer networks, or personal computer devices. Cyber-attacks usually originate from an anonymous source that either steals, alters, or destroys a specified target by hacking into the susceptible system.

Q: What can I do?
A: Weak passwords are generally exploited by a cyber-attack, allowing hackers to gain access to your work computer systems. Therefore, using a strong password with letters, numbers, and capital letters strategically placed throughout is a good way of avoiding a cyberattack.

Social Engineering

Q: What is it?
A: Social engineering refers to the manipulation of people by ‘engineering’ them
to perform actions online or divulging confidential information.

Q: What can I do?
A: Social engineering normally comes in the form of emails disguised as your bank asking for account information. You should never give your account information over an insecure website. If in doubt contact your bank directly, being sure to avoid contact details on the email you are questioning!

Malware

Q: What is it?
A: Malware is short for malicious software, and refers to any software that is used to disrupt computer operations, gather sensitive information, gain access to private computer systems, or display unwanted advertising.

Q: What can I do?
A: There are generally two broad strategies used by criminals to try and break through a computer’s defences:

They try to install malware on your computers via breaking into accounts guarded by simple passwords.
They try to trick you into installing their malware from emails or websites.

In short, you should not open any suspicious emails or email attachments, and protect your accounts with secure passwords.

General Advice

Use secure passwords – ensuring that you have a secure and complicated password, and ensuring that you frequently change your passwords greatly reduces the risk of being the unfortunate victim of cybercrime.

Think before clicking links or opening mail attachments – Stop and think!

Before opening a suspicious email, instant message, text message, or messages on social networks like Facebook, LinkedIn, and Twitter stop and think. Is it safe? If your school has an IT department double check with them, especially if you have clicked something you don’t think you should have.

Never plug in a USB/Flashdrive from an unknown source

USB sticks and flashdrives are a common means of virus infection, however if you do not connect the device to your computer it has no way of transmitting a virus. This also applies to a USB stick that you may have connected to a home computers.

If you suspect that your machine has been infected with a virus or malware, simply disconnect your device from the network either by turning off the Wi-Fi and/or unplugging the network cable and seek IT support.

Cookie	Duration	Description
ARRAffinity		This cookie is set by websites that run on Windows Azure cloud platform. The cookie is used to affinitize a client to an instance of an Azure Web App.
cookielawinfo-checkbox-advertisement	1 year	The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Advertisement".
cookielawinfo-checkbox-analytics	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checkbox-functional	11 months	The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checkbox-necessary	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-others	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-performance	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
viewed_cookie_policy	11 months	The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.

Cookie	Duration	Description
vuid	2 years	This domain of this cookie is owned by Vimeo. This cookie is used by vimeo to collect tracking information. It sets a unique ID to embed videos to the website.
_ga	2 years	This cookie is installed by Google Analytics. The cookie is used to calculate visitor, session, campaign data and keep track of site usage for the site's analytics report. The cookies store information anonymously and assign a randomly generated number to identify unique visitors.
_gat_gtag_UA_129094303_2	1 minute	This cookie is set by Google and is used to distinguish users.
_gid	1 day	This cookie is installed by Google Analytics. The cookie is used to store information of how visitors use a website and helps in creating an analytics report of how the website is doing. The data collected including the number visitors, the source where they have come from, and the pages visted in an anonymous form.

Cookie	Duration	Description
ARRAffinitySameSite	session	No description available.
WFESessionId	session	No description available.

Journal

Journal

IT Security: Top tips

You might also like

JOIN OUR COMMUNITY

Our Partnerships

Our Partnerships

Airthings

NPW-LGfL recognised support

Citation