Spurred by the global COVID-19 pandemic, remote teaching has become a standard part of just about every educator’s toolkit. Teachers worldwide have been forced to adapt their teaching styles. Schools have quickly adapted their curricula and rolled out remote learning tools that allow for online collaboration, interaction, document sharing, and much more. And, though many have adapted to this new approach to learning, many schools have struggled to protect their data. With that in mind, let’s look at a few best practices for keeping data safe in a hybrid teaching environment.
Expand Your Security Basics
Schools have a demanding network environment as it is. Hundreds of students and teachers must securely access the network from all over. Yet, universities in particular have become the victims of highly targeted attacks. And, now that students and teachers are scattered across the map, admins must consider ways they can expand and build on security essentials. Suddenly your network is basically anywhere, so you might want to work with your team to answer these questions:
- For devices that are loaned to students or staff, how can you ensure that antivirus, spam filters, and other basics are up to date so threats can’t find their way into the network?
- How are you managing network access? How will personal devices access the network securely?
- What security policies are in place to create secure access to cloud applications? Think tools like multi-factor authentication and secure password policies. Remember, Zoom in particular had a lot of security issues toward the beginning of the pandemic. What can you do to anticipate and prevent future issues with remote learning tools?
- For document sharing, what guidelines and policies do you have in place that ensure students and teachers can work collaboratively while preventing sensitive information from falling into the wrong hands?
Adopt the 3-2-1 Backup Rule
Schools should already be backing up devices like servers, desktops, and other endpoints. But what about the devices that might not connect to the primary network every day? Consider pushing backup agents to school-owned equipment as a starting point. For student- or staff-owned equipment, provide recommendations for backup software, and note that many software vendors offer educational discounts for students and teachers. Beyond a basic backup, you may want to adopt an updated approach to the 3-2-1 backup rule. Have three total copies of your data. Store two of those copies in separate locations. One near the endpoint itself (usually on a secure external hard drive), one off-network and in an offsite location, and another in the cloud. This is a great way to ensure that crucial curricula, student data, and other information is safely backed up.
Add Backups for Cloud Apps
There are two ways to think about cloud backups. The first is what we covered above: using the cloud as a place to store backup data from remote student and teacher devices. Just be sure to consider your recovery options, since storing a backup and being able to recover it are two different things.
The second way to think about cloud backup involves backing up data created in cloud-based apps like G Suite and Microsoft 365. Educators, students, and administrative staff might be using these to create and share documents, collaborate, and so on, making them critical to your organization. Taking backups of this data gives you extra protection in case of accidental overwrites and deletions, sync issues, malicious deletes, virus infections, and ransomware attacks. It also gives you the ability to recover data on a granular level. Google, for instance, no longer stores deleted items after 30 days. With backups, admins are in control of retention policies. Even if someone accidentally deletes crucial information, they can still get it back after 30 days, assuming backup retention policies are set up accordingly.
Educate the Educators
One of your biggest challenges might be ensuring that educators, admins, and students are following IT best practices. For many educational organizations, it’s wise to create a curriculum around data security best practices. It’s one thing to set up tools with built-in policies, but quite another to help your network users understand the role they play in preventing attacks that can result in a data breach or data loss. Work with your organization’s administration to determine the best approach for getting the word out about ransomware, social engineering, backup best practices, and so on. Your users are one of your first lines of defense, so make sure they’re armed with the knowledge they need.
Universities, public schools, and other educational organizations are big targets. Cybercriminals understand that these places are home to lots of sensitive data, and they’ll stop at nothing to get it. That’s why admins must stay hyper-vigilant in protecting data, especially in a world where teachers, students, and administrators are working remotely. The world has changed and it’s time to adapt—or suffer the consequences.
Not sure how to apply backup best practices to your organization? Reach out to StorageCraft to see how its data protection suite can keep your data safe no matter where it’s created.