According to a recent report by oneadvanced.com, 27% of UK educational institutions are unprepared for a cyber-attack, and as much as 47% of institutions are not aware of how the Data Protection Regulation (GDPR) applies to them. It is clear that educational institutions are lagging behind when it comes to cyber security and, should this trend continue, they may be liable to some pretty hefty fines once the GDPR comes into play.
One of the biggest issues faced by educational institutions is the rising threat of DNS attacks. According to report carried out by EfficientIP – a leading provider of network services – 76% of respondents claim they were the victim of at least one DNS attack in past year. Compliance fines aside, the costs associated with DNS attacks are still high – with some claiming that it cost them hundreds of thousands of pounds to deal with. According to the report, 28% of the educational institutions affected by DNS attacks in the last 12 months have admitted that sensitive data was stolen during the attack, and some of that data included intellectual property.
As with healthcare, the data held by schools, colleges and universities is very valuable. Unlike credit card data, academic records can be used multiple times, for multiple purposes, and for an extended period. It’s blindingly obvious that the education sector needs to step up its game, but what exactly can they do?
To start with, regarding DNS attacks, they should start using purpose-built DNS security technology, ensure that DNS server software is up-to-date, and perform a deep DNS transaction analysis. Other non-DNS related issues include;
- The use of web filtering and monitoring to enable institutions to control internet access by black/white-listing URL’s which may contain malicious content.
- Educate all staff members and students about ransomware to ensure that everybody knows how to spot phishing emails.
- Being able to identify critical assets and carry out a risk assessment.
- Making sure that technology is up-to-date and that patches are applied as soon as they available.
- Ensuring that cyber-attacks are quickly detected when they occur.
- Backing up sensitive data and having a system in place for recovering the affected systems following a breach.
It is crucially important that educational institutions know exactly who has access to their critical data, and how that data is being accessed. It may seem obvious, yet many organisations (not only educational institutions) still do not have solutions in place that enable them to gather such information promptly.
Sophisticated IT auditing solutions, such as LepideAuditor, provide numerous valuable features that help organizations in the educational sector increase their cybersecurity. They allow you to view current permissions and how those permissions are granted, and will automatically detect, alert and respond to suspicious permission changes – either based on a single event of the threshold condition. Likewise, such solutions allow you to detect, alert and respond to suspicious file and folder activity, account modification/deletion, inactive user accounts, privileged mailbox access, as well as automate the process of reminding users to reset passwords and other tasks. Finally, these solutions are capable of automatically generating the reports necessary to meet regulatory requirements, and once the GDPR has come into effect, providing compliance reports will no longer be optional.