4 Cybersecurity Tips for Schools
INNOVATIVE LEADER AWARD WINNER - Cybersecurity tips for securing your school or district's website from award-winning technology director Emmanuel Ajanma
As technology director of Barre USD in Vermont, Emmanuel Ajanma has led the movement to revamp the district's cybersecurity. These efforts earned him the award for Best Implementation of Data Privacy & Security at a recent Tech & Learning Regional Leadership Summit in Maryland.
A former Catholic priest, Ajanma began his career in education teaching in parochial schools and found that he wanted to teach full-time. “If we are to secure our future, we do it through educating the young ones because they are the leaders of tomorrow,” he says.
Ajanma, a native of Nigeria, was drawn to technology in particular because he saw years ago that it would become increasingly intertwined with learning. “Everything we do in the classroom and everything we ask, we are relying more and more on technology,” he says.
That’s part of the reason cybersecurity is so important because when there is a breach in a school district these days, learning can grind to a halt. Ajanma shares some of his advice for securing school networks.
1. Cybersecurity Tips for Schools: Add Segmentation
One initial cybersecurity step everyone should take is to implement segmentation, says Ajanma. “That is the very first project that I did as a technology director,” he says.
This divides a network into semi-independent segments protected by firewalls, which can limit the damage in the event of a security breach in one of the segments. “It wouldn’t spread if something happens at the high school or the middle school, or at the central office or wherever it is. It will be limited to a particular segment of our network,” he says.
This is such an important step that Ajanma’s advice is, “Do it yesterday.”
Tech & Learning Newsletter
Tools and ideas to transform education. Sign up below.
2. Make School Stakeholders Aware Cybersecurity is Everyone’s Responsibility
Another key in a successful school cybersecurity program is getting buy-in from teachers, students, administrators, parents, and anyone and everyone who interacts with school devices or the school network.
“Cybersecurity is not only a technology department issue, it's all hands on deck,” Ajanma says. To get help from all stakeholders, Ajanma works with the school board to create cybersecurity policies based on best practices.
However, having good policies is only the first part of the equation. “You need folks to actually know what the policies are and practice those policies,” he says.
To ensure that, Ajanma has launched online cybersecurity training modules for all staff, which helps ensure they not only know the policies but help the technology department stay vigilant in regard to cybersecurity.
3. Implement Multifactor Authentication
Another step Ajanma recommends is multifactor authentication, a two-step or greater login process that requires the user to do more than just enter a password.
While multifactor authentication has been Cybersecurity 101 for years now, many school districts still do not require it, and technology directors often face pushback when they try to launch the programs. Ajanma’s department was able to avoid this by sharing stories about cybersecurity breaches, including one that happened in a neighboring district, which highlighted the risk for educators at Barre USD.
“This is not something that is only happening in New York City or in California, it can happen here in Vermont, it can happen in every district,” he says. Ajanma is also intentional about linking news of hacks to information on prevention solutions and strategies.
4. Be Proactive Rather Than Reactive
Ajanma uses tools to monitor the school network for any anomalies or strange behavior, plus he holds regular tabletop exercises with his staff and tries to get school leaders involved in drills.
In addition, Ajanma tries to be forward-thinking in recognizing new threats and advises others to do the same. For instance, he is starting to look at the ways ChatGPT and other AI language models with the capability to generate code might create malicious software.
“I don't want to wait until it's happened,” he says. “I'm trying to be proactive.”
- Building CTE Pathways Between Schools and Local Businesses
- School Cyberattacks: How the FBI Works to Protect School Districts
To share your feedback and ideas on this article, consider joining our Tech & Learning online community here
Erik Ofgang is a Tech & Learning contributor. A journalist, author and educator, his work has appeared in The New York Times, the Washington Post, the Smithsonian, The Atlantic, and Associated Press. He currently teaches at Western Connecticut State University’s MFA program. While a staff writer at Connecticut Magazine he won a Society of Professional Journalism Award for his education reporting. He is interested in how humans learn and how technology can make that more effective.