With the news this week that the number of data breaches reported by schools increased by almost a quarter in just two years to 703, and further warnings about the increasing vulnerability of schools to cyber attacks, London CLC’s Krzysztof Jurek looks at three areas where everyone can help to keep their data more secure.
How strong are your passwords? If you’re still using 1234 or ‘letmein’ then you really need to up your password game. Follow our step by step guide to choosing a good password and discover the easy way to come up with a secure phrase that should satisfy all password requirements. Once you’ve done that, never write down your password either physically or digitally (don’t keep your passwords on a digital post it for instance…) and don’t share it with anyone – even your colleagues. If that sounds too daunting a memory task, consider using a password manager.
2. Public displays of data
Don’t display sensitive information in public. This sounds simple but consider how working on a train or in a cafe can expose data and login details to observers. Use a special screen cover if you do need to work in public. Think about how and where you use your phone – what sensitive data can people overhear?
Be alert to phishing scams. Emails will often appear as though they come from a recognised source but by showing the details of the email address you can see where the email originated. Don’t assume that an email is sent by X Y just because the X Y is in the email subject or signature – check the sender email address carefully (look for typos in the email address such as HMCR instead of HMRC). Of course, if the email relates to money, check the email especially carefully and always double check account details with a phone call any if you are depositing any large sums of money.
These three tips are just the start – all schools need to have a good basic cyber-security measures in place, especially as they are at a serious risk of large fines from the Information Commissioner’s Office if they fail to report data breaches, following the introduction of GDPR in May 2018.
The government’s Cyber Essentials scheme, is a good place to start for jargon-free advice to help make your school’s data more secure.