These 5 Easy Malware Policies Can Improve School Security

Despite the importance of school security, computers on educational campuses are considered to have the weakest level of overall cybersecurity. In the case of public schools, corporations, social do-gooders, and even the government often donate old and outdated computers to schools in an effort to save them money. But the devices do not adhere to safe computing standards and are riddled with digital vulnerabilities. In today’s world, where virus authors are now looking to construct the largest possible breach, the chance to profit from an unprepared school is too tempting to pass up.

Ransomware has an infamous reputation as being a misery-inducing plague on the healthcare industry, primarily because these healing institutions are notorious for having poor cybersecurity and overly exposed personal patient data. And because they do not have an effective backup system, ransomware has been wildly successful at breaching their systems and compromising this sensitive information. In an effort to retrieve their stolen data as quickly as possible, many hospitals simply chose to pay the ransom. The data hostage situations brought on by ransomware are bad enough in the healthcare industry—they could become devastating in a school environment where students are not aware of digital best practices or how to stay safe while on the internet. Aside from just educating teachers and students about how to identify and avoid cyber threats, we must also work to implement high-quality and up-to-date machines capable of deploying modern cybersecurity solutions.

When hardening the cyberdefenses of schools, without spending a lot of money or seeking outside funding, there are a few key questions to ask yourself:

Does the user need internet access?

It is up to a school’s IT team to determine if students, teachers, or administrators require internet access on their school computers, as it not always necessary. While administrators and teachers likely require online access to complete their daily work, it’s entirely possible students can accomplish just as much without this degree of access. In many cases, certain desktop applications are enough to perform the types of assignments they are given.

Internet privilege can be defined using the Windows Active Directory server, configuring only the accounts that absolutely demand internet access and separating apart those that don’t

What kind of privileges does the user require?

Whenever possible, a typical user should be restricted from having admin or power-user privileges. Those two accounts have the ability to install and remove software and configure new hardware for the computer, which can be dangerous in the wrong hands. Most users only need a specific group of applications to complete their tasks, which means they should not be authorized to do more. Limiting admin privileges hardens the security of the computer and network.

Is there a policy for BYOD?

Smartphones and tablets are ubiquitous these days, and schools need to formulate policies that regulate the use of these internet-enabled devices on campus. Are they allowed to use their devices and connect to the school’s wifi network? Is it alright to use a USB flash drive or a portable hard disk on a school PC?  These questions need to be clearly addressed by school administrators if they hope to create a culture of compliance for the whole campus.

Have you formulated a URL filtering system?

Assuming the first three questions have been properly addressed, the school then need to implement a way to filter the websites made available to students using a school internet connection.  Inappropriate, unapproved, or dangerous websites should be marked unsafe and blocked by default, an important step in keeping young people protected from malicious websites hosting malware.

Are students and teachers aware of their role in keeping school computers secure?

Everyone must have a clear understanding of how to properly use the internet while at school. This effort includes education, training, and practice. The easiest solution to the malware problem is to avoid infection in the first place, which means learning the art of self-protection is critical.