By Michael Webb, chief technology officer, Identity Automation.
With the rise of online curriculums and virtual learning in both K-12 and higher ed institutions, there has been a notable increase in technology dependance. This dependency on digital tools has not only exposed children to challenges related to cyberbullying, plagiarism and online safety, but it has also made school districts incredibly vulnerable to increased cyberattacks.
Risk abounds year-round and according to hackers, student data is among the most valuable information in their sphere. They are aware that students are using personal and financial data for the first time, and find it easy to exploit their lack of awareness in safeguarding their digital identities.
Countering such attacks with the proper resources and tools can be especially difficult if there is little to no room in the IT budget for enhanced cybersecurity efforts. According to a recent report released by the Center for Internet Security, approximately one in five K-12 organizations dedicate less than 1% of their budget to cybersecurity.
While technology continues to create endless opportunities for learning, the seemingly alarming lack of cyber defenses compounds the allurement to sophisticated cybercriminals. As a result, the ever-growing data security challenge requires an effective approach to cybersecurity that first involves the development of responsible, appropriate and empowered use of technology through enhanced digital literacy.
Digital literacy starts with enhancing effective cyber skills through online awareness, (password safety, digital identity, phishing) and empowering students to protect their safety and privacy as much as possible. ISTE, the International Society for Technology in Education, defines digital literacy as including “the knowledge of and the ability to use digital technologies to locate, evaluate, synthesize, create, and communicate information. Being digitally literate includes having an understanding of the human and technological complexities of a digital media landscape. A student-friendly definition of digital literacy is using technology to explore, connect, create, and learn.”
While the above definition may feel like a lot of generalized digital capabilities wrapped into a couple sentences, they all have a commonality. They simply cannot happen if the ecosystem that supports and enables schools and their students is not consistently secure. Students can be taught several practices to help keep a strong security posture.
When doing something:
- Maximize privacy and security settings when using social media
- Don’t connect with someone on social media unless you’ve met them in person
- Visit a website directly instead of using third-party links
- If something doesn’t seem right or different than usual, alert a trusted adult
- Always assume there is a chance that strangers reaching out online may not be real
When receiving something, exercise caution with:
- Messages from someone with whom they’ve never previously communicated
- Any requests asking about their family or friends
- Unsolicited links that should never be clicked
- Unexpected requests to change a username or password
- Phone calls with requests to take some action online
- Any form of outside (non-district) messages asking for personal details
Each of these scenarios can lead to cybercriminals learning information about the student – allowing them to figure out access pathways or even direct credentials that are privileged, a super valuable asset. The protection and safety of children should be paramount within districts on a 24x7x365 basis. Encouraging safe navigation of the digital world while strengthening technological skills that will provide lifelong support can be key to mitigating ransomware risk. By ensuring staff and students keep their cyber training fresh and up-to-date with real-world examples of what to look out for, the safety of digital identities is much more likely to be maintained.