The only thing worse than a breach of your network is handling it improperly afterward, particularly if you’re a school. A network hack is one of the most serious technical issues your school could ever face. School networks store vast amounts of incredibly sensitive data regarding students, teachers, vendors, and more. After a breach, tensions naturally run high as parents’ and educators’ fears abound.
The first few days following a network hack are the most important. Here’s how your school should handle them.
Immediately: Bring in a cybersecurity forensics firm to determine the exact cause and scope of breach.
Even large schools with extensive in-house technical resources should utilize outside services when evaluating a breach. Objectivity is imperative for determining how a breach happened, how bad it is, and how it could have been prevented. It’s important to remember that most hacks happen many weeks (and sometimes months or years!) before ever being detected. The right cybersecurity firm won’t just identify the specific hardware and/or software that has been affected, they’ll actually make sure the breach is contained.
Immediately: Follow all state laws regarding how the breach should be reported.
Forty-eight U.S. states (as well as Washington D.C. and several U.S. territories) have laws on file that mandate how breaches must be reported. Every state’s law contains different provisions for who must comply, what constitutes “sensitive information,” and how notification must take place. Schools should retain counsel as soon as possible after a breach to ensure they properly comply with the complex network of laws pertaining to network security in their state.
As Soon as Possible: Inform parents, students, the school board, the county, and anyone else who needs to know.
Communicating the breach is both the most painful and most important part of the remediation process. It’s important to be as truthful and thorough as possible when explaining what happened to preserve trust between the school and the community. Schools should notify all parties in writing, providing additional outlets for communication should follow-up be desired. Ideally, a school that has been hacked will also offer individuals solutions for mitigating the potential ramifications of such a breach, usually in conjunction with its cybersecurity firm.
As Soon as Possible: Implement better network security for the future.
A school must take strong, decisive action to correct security vulnerabilities after a breach. Firewall protection has become an increasingly critical component of network security for educational organizations; Smoothwall’s next-generation firewall allows schools to stop bad actors before they ever make it past the network’s gateway. A solution that utilizes Deep Packet Inspection ensures that even the traffic that doesn’t want to be identified can be properly evaluated. At the end-user level, new policies should be put in place regarding BYOD, school-issued hardware, and password protection moving forward.
Literally billions of data records are lost or stolen every year. When data breaches happen to schools, they’re usually network-wide. It’s no longer enough for schools to be aware of the risk…it is their responsibility to be proactive against both real and perceived threats.
Is your school vulnerable to a network hack? Reach out to Smoothwall directly to discuss your risk factors and learn how a more comprehensive firewall solution can improve your school’s overall security.
Our specially developed technologies deliver real-time Dynamic Content Analysis™ of web pages, all without impacting on the users’ experience.