October is National Cyber Security Awareness Month (NCSAM).  This is why*!

—Cyber-crime damage costs to hit $6 trillion annually by 2021

—Cyber-security spending to exceed $1 trillion from 2017 to 2021

—Direct attacks on individuals to effect 6 billion people by 2022

—Global ransomware costs exceeded $5 billion in 2017

—Educational and public sector institutions are targeted—according to Verizon’s 2018 Data Breach Investigation Report** 43% of incidents reported impacted the education and public sector.

Following are some tips to help you and your organization avoid becoming part of these statistics:

1. Keep a clean machine: Keep security and critical software up-to-date on all devices. This is your best line of defense against viruses and malware.
2. Lock down your login: Usernames and passwords are not enough to protect key accounts whether email, banking or social media. Use multi-factor, or two-factor authentication when available, to pair your username and password (i.e. something you know) with a message to your phone (i.e. something you have) or your fingerprint (i.e. something you are).
3. Password protect: Lock your mobile device with a passcode security feature such as a fingerprint or finger swipe pattern (with at least one turn). A passcode should have at least six digits.
4. THINK before you use an app: New apps may be “cool” and convenient; however, only download apps from trusted sources. Also, limit your apps access to your device such as location services.
5. Own your online presence: Secure your privacy and security settings on social media, web services, and devices. Also, limit how and with whom you share information.
6. Get savvy about use of Wi-Fi: DO NOT purchase or transmit personal/confidential information on unsecured or public networks. Use your network or use a mobile hotspot when using laptops or tablets “on the go” to secure your Internet use. NEVER, use a public computer to shop, login to accounts, or do anything that requires personal information.
7. Turn off Wi-Fi and Bluetooth when idle: Only enable Wi-Fi and Bluetooth when required and disable the Wi-Fi auto-connect features.

Schools are technology-rich environments. The tech infrastructure must be optimized to accommodate and protect the confidential student and staff personal data, by using encryption, reducing access, backing up data, redundant systems, etc.  Schools should consider eliminating storage of sensitive data when possible.

Additionally, ASCIP has resources to help you stay safe and secure online.  Contact ASCIP Risk Services today to learn how.

Sources:

* https://www.csoonline.com/article/3153707/security/top-5-cybersecurity-facts-figures-and-statistics.html

** https://www.verizonenterprise.com/resources/reports/rp_DBIR_2018_Report_en_xg.pdf