“As technology changes the way we communicate, connect, create, consume and innovate, it is democratizing access to opportunity. Education is no exception.” ~ Laura Andreessen
The use of technology in the classroom has become increasingly common in school districts across the United States. As schools and teachers collect student data and share resources online, the need for cybersecurity in schools has escalated. Teachers and staff must have the resources they need to protect students’ privacy.
At Alludo, we work with school districts every day to provide dynamic and engaging online learning environments for professional development. We designed the Alludo K-12 CyberSmart Training program — a comprehensive platform for curating, publishing, managing, and measuring cybersecurity training — because we want teachers to have the resources and tools they need to protect their students.
What Kind of Resources Do Cybersecurity Experts Use?
Cybersecurity should be a priority for anybody who uses a device to go online. We all need to acknowledge that there are bad actors out there who want nothing more than to steal data and use it for their own purposes.
The job of cybersecurity experts is to thwart them and they have many tools at their disposal to help them do so. Here are some examples:
Encryption Tools. Encryption is a powerful defense that scrambles data, making it unreadable and unusable to anybody who isn’t authorized to have it.
Network Security Monitoring Tools. Networks must be protected because if someone gains access, many devices may be compromised. Network security monitoring tools help experts analyze data and detect any network-based threats.
Antivirus Software. Antivirus software is something most internet users are familiar with. It detects and quarantines computer viruses, worms, malware, ransomware, adware, spyware, and Trojans.
Firewall Tools. Installing a firewall helps protect networks, data, and users from intrusions by providing an additional layer of security.
Web Vulnerability Scanning Tools. Web vulnerability scanning tools provide a heads-up when a user encounters a risk such as cross-site scripting, SQL injection, or path traversal.
Penetration Testing. Penetration testing tools work by simulating a cyber attack on a network or system, which allows cybersecurity professionals to protect against future potential attacks.
Managed Detection Services. Managed detection services monitor systems for intrusions and send an alert whenever a problem is detected.
Packet Sniffers. Any time data comes into a system, there’s a risk. Packet sniffers intercept network traffic and incoming data, log it, and analyze to detect potential cyber threats.
Teachers aren’t usually cybersecurity experts, but understanding the tools that experts use may help both teachers and classified staff to be more mindful of potential threats.
15 Cybersecurity Resources for Schools and School Districts
Here are 15 cybersecurity resources that we believe are helpful for schools and school districts. We’ve broken them down into three categories to show you where we think they may be used.
Resources for Teachers and Classified Staff
Here are the resources we’ve identified for use by teachers and classified staff.
Some of the specific topics include FERPA and IDEA compliance, technical support, protection of students’ health information, and guidelines for information sharing.
#2: Student Privacy Compass
Student Privacy Compass is an organization dedicated to providing educators with the information security resources they need to protect students’ privacy.
All of the resources created by Student Privacy Compass are available under a Creative Commons license and they will send you copies of their videos or slide files to use if you request them.
#3: National Initiative for Cybersecurity Careers & Studies
The NICCS has a robust website where it makes its Cybersecurity Education and Training Assistance Program (CETAP) available to K-12 teachers across the United States.
The program provides curricula and educational tools to help teachers educate their students about cybersecurity. While the focus is on growing the next generation of cyber-literate workers, they also empower educators to prioritize student privacy.
NICCS offers in person and virtual workshops for teachers, making it a valuable resource to improve cybersecurity in schools.
Some of the resources they provide include the following topics:
Building technology infrastructure
Data breach response
Data security and monitoring best practices
They have data security checklists and training kits that may be downloaded by teachers and parents.
Resources for School Districts
Here are the resources we believe are most helpful for school districts.
#5: Security Onion
Security Onion is an open source tool that allows school districts to set-up a monitoring system using their helpful wizard.
While we don’t believe this tool is a replacement for a professionally-installed monitoring system, it can be useful for districts who need to boost their security quickly.
#6: Cuckoo Sandbox
Cuckoo Sandbox is a unique tool that provides school districts and administrators with the option to inspect a suspicious file in a safe environment.
The “sandbox” is an isolated space where unfamiliar files can be opened and run to test for malware. Using its full features requires some expertise but the basic function is something all school districts can use.
Use of unauthorized applications can be a serious issue in schools since students may not know how to research an app before downloading it. Docker provides separate containers for apps to run, isolating them from the network.
By isolating apps, districts can minimize potential damage if an app has security holes or contains malware.
OpenVAS is a tool that can work in conjunction with Docker. It’s a source vulnerability scanner that would be complicated to use without a container tool.
With Docker, you can use OpenVAS to quickly analyze sources for potential vulnerabilities and risks, minimizing the chances that you’ll download malware.
NIPAP is an IP management tool that school districts can use to track IP addresses and the data stored there.
While NIPAP is not a security tool on its own, it can be used in conjunction with other tools to track data and minimize risks.
#10: Multi-Factor Authentication
Multi-factor authentication is a security tool that can augment protection from passwords by requiring users to confirm their identity a second time.
Two of the most common MFAs include verification codes sent to a mobile device and fingerprint scans.
#11: Backup and Recovery
Backup and recovery is not a tool, but it can be a resource in the event of a data breach or malware intrusion.
School districts should set up a system that automatically creates a backup of essential data. Most backup systems today are run in the cloud, but you may also want a physical backup on a thumb drive. In the event of a ransomware attack, you can use your backup to recover your system data.
#12: Endpoint Detection and Response
Endpoint detection response is a term that refers to any tool that monitors security by keeping an eye out for intrusions and malware and isolating them as soon as they are identified.
Every school district should have a robust monitoring system to protect their networks and any sensitive information stored there.
Resources for Students
As we noted above, students may also benefit from Student Privacy Compass and the resources listed there, but we have three additional resources that may also be useful.
#13: Cyber Quests
Cyber Quests is a site created by the USCC, which we mentioned above.
It has an array of games to help kids learn about cybersecurity. There are varying degrees of difficulty and complexity, but most games are best suited for high-school students.
StopBullying.gov is a site that’s dedicated to education about bullying and how to prevent it.
Since a lot of bullying today happens on social media, we recommend this resource to help students learn about cyberbullying and how to identify it and report it.
#15: FBI’s Safe Online Surfing
The FBI has created a safe online surfing site to educate students about cybersecurity and other cyber safety issues.
The website has games and activities that make learning fun and simplify some of the complex cybersecurity issues around staying safe online.
At Alludo, we take cybersecurity seriously and it’s part of our mission to help educators do the best possible job of protecting themselves, their students, and their schools.
Teachers enjoy learning about cybersecurity and privacy when they have a choice in what they learn and earn rewards for completing courses. Using gamification in our Madagascar learning platform drives teacher engagement with professional learning.
Support Teachers and Classified Staff by Educating Them About Cybersecurity
Cybersecurity is about more than installing antivirus software and a firewall. In a school district, everybody from the assistant superintendent to support staff must make security and student privacy a priority. The 15 resources we’ve listed here can help you get started.
Are you ready to provide teachers and classified staff in your district with the cybersecurity resources they need? Alludo can help! Click here to get your free trial of our online learning platform, Madagascar, with our privacy and security mission with 17 tracks included for you to review.