.st0{fill:#FFFFFF;}

Cyber Security

Staying Internet Safe at School

 February 18, 2020

By  Anton Kiorolgo

Cyberbullying has become a problem in schools, there is no doubt, looking at the statistics on the problem. Approximately 15% of the children and teenagers included in the study reported that they have been bullied by text or online communication.

All things on this list a school IT department should be able to easily handle or completely negate – however, we live in an ever-changing world, connected to an ever-changing internet that doesn’t give time for IT techs and department heads time to catch up.

To attempt to curve bullying in schools, the federal government has launched schoolsafety.gov to provide educators resources on bullying, but it is up to all parties involved to keep schools safe – both physically and online for students.

While there are plenty of educational tools online to help schools, educators and school systems tackle the issue of bullying, it is important that all parties involved take an active role in the process as a whole.

Staying Internet Safe at School

Students and educators face the typical set of threats when using the internet in a school setting:

  • Viruses
  • Email scams
  • Malware

All things on this list a school IT department should be able to easily handle or completely negate – however, we live in an ever-changing world, connected to an ever-changing internet that doesn’t give time for IT techs and department heads time to catch up.

The Latest Threats to Students While Online

  • Oversharing: We’ve all been guilty of accidentally oversharing online at some point – accidentally posting relevant information such as vacation dates, important events, revealing information, and other forms of accidental data leaks. Students are facing this problem as well, accidentally posting personal information such as their name, address, age, phone number, and ID numbers on sites without realizing or being aware of the risk involved.
  • Sexting / Sextortion: Sexting is the act of sharing private sexual messages or photos, typically by texting or social media messages. Cybercriminals, and in some cases other students the victim’s age, taken possession of these images, messages, or both, and demanded extortion money in exchange for notsharing them publicly online. Paying the ransom is never suggested, as there is no guarantee that the files will be deleted after payment, or that the images will not be posted anyway, after the payment.
  • Ransomware: Ransomware is a type of malware computer exploit in which a cyberattacker encrypts a user’s files, usually the entire system, and demands an extortion payment before providing the encryption “key” to reverse the process and allow the user to gain access to their files once again. Paying the ransom is never suggested, as there is no guarantee that the files will not be deleted after payment, that the encryption key will work, or the attacker has saved the files on their end.
  • Inappropriate Content: Students can accidentally come across illicit material online via searches, clicking links absentmindedly, as pop-up windows online, or posts and messages shared on social media.
  • Cyberbullying: Bullying has changed in form from being punched on the schoolyard to being reputation-smeared publicly online. Cyberbullying can include sharing private data (doxing), posting negative comments, posting embarrassing images or videos, or sharing harmful content about the victim. There have been multiple cases of cyberbullying entering into criminal behavior, causing mental harm and even suicide.
  • Online Predators: Online predators use digital contact methods such as social media networks to gain their victim’s confidence as a friend, or sometimes something more serious, to meet with their victim in person. Their tactics include exploiting feigned mutual interests, romantic interest, or common acquaintances.

How to Prevent Incidents

Technology has come long past simple website content blockers and easy-to-bypass filtering software. While these tools are still helpful, students are resourceful and online-savvy, able to find ways around the systems built to protect them.

  • Responsible Use Policies (RUPs): Responsible Use Policies (RUPs) outline the baseline of acceptable standards for network users, including what sites can be accessed, online behaviors, academic integrity while online, and how information will be stored and used. Students and their guardians are expected to understand the Responsible Use Policy (RUPs) and follow it. Some responsible use policies also outline the outcomes for not following policies outlined in the RUP.
  • Content Filtering / Content Blockers: While maintaining a technical framework is the first, most essential step in the process of securing your school’s network, the other half of the digital battle is to ensure that all users understand the risks of poor online behaviors. Much like driving a car, a vehicle with amazing safety features is still not effective with a bad driver behind the wheel.
  • Digital Citizenship: Many school systems have begun the process of educating students on online safety beyond the typical computer class of typing, PowerPoint, word processing and basic graphical editing – these classes involve lessons on privacy and security, online communication, cyberbullying, digital footprints, online self-image, copyright, and basic safety.
  • Staff Training:
    • OnGuard Online: The Federal Trade Commission (FTC) has launched the OnGuard Online website to provide educational materials for educators across grade levels.
    • NetSmartz®: This site, containing a wide variety of age-appropriate content and activities for elementary schoolers and tweens, is focused on directly teaching essential online life skills such as spotting threats, protecting themselves, and reporting risky activity.
    • Stop. Think. Connect.: The U.S. Department of Homeland Security has provided a website filled with educational material for educators through all grade levels on how to begin the online conduct discussion.

Preparing for an Incident

Step One: Put Together a Planning Team

  • Assemble all important stakeholders such as school staff, community partners, school board members, and IT staff. These assembled stakeholders will create and be held responsible to execute and maintain the plan.
  • The team should assess all risks the institution’s network faces, and work to determine which threats are of the greatest importance, working backward to determine where the greatest emphasis should be placed.

Step Two: Determine Goals

  • Once threats and challenges have been identified, it is important to define the end goal, answering the essential “who, what, when, where, and why?”

Step Three: Implement

  • Armed with the set of goals, IT staff should be put in place to implement the plan of action.

Step Four: Upkeep and Testing

  • Regularly review the plan to ensure plan standards are being met.
  • Revise the plan yearly to keep up to date with the latest changes in technology and adapt to new security challenges.
  • Ensure that team members are properly trained. Required continuing education courses are suggested to ensure this.
  • Regularly test all systems involved to ensure their accuracy and that they are up to date.

Should an Incident Occur

Reporting

Should an incident occur, reporting will be different depending upon the individual reporting it. However, all users must be versed in the proper protocol to ensure reports do not dead-end or not receive due attention.

  • Students: Students should report victimization or a threat as soon as they are aware, or an event occurs. Reporting should be done to a teacher, counselor, or trusted adult. From there, the individual who has received the report should escalate it to the member of staff designated to handle them. If there is immediate danger or criminal activity, the report should be escalated to local law enforcement.
  • Staff: Staff should immediately report victimization or a threat to the appropriate member of staff designated to handle them. If there is immediate danger or criminal activity, the report should be escalated to local law enforcement.

After the initial report has been made, it is essential to understand the pieces involved. Incidents are like a clock – the problems compounding on as time goes by, with the intricacies of the event being the gearwheels. Just like in fixing a clock, those in charge of resolving the event must understand how the event before beginning to resolve the problem. This is why continuing education and ensure the proper individuals are part of the action plan is critical to its success.

It is recommended to use NCMEC’s CyberTipline to report a concern by submitting an online report at https://report.cybertip.org/ or calling 1-800-843-5678.

Want to join in the conversation? Talk with us on social media!

Facebook: https://www.facebook.com/secfirstit/

LinkedIn: https://www.linkedin.com/company/securityfirstit

Hashtags: #internet safety #safety,internet #online safety #school #internet safety video #safer internet day #internet safety for kids #internet safety videos

Continuing to Keep Schools Safe

It takes a concerted effort to keep students and faculty safe in both the physical and digital word, the problem being that challenges and threats change and new ones develop every day.

In keeping students and faculty safe online, there are other solutions available outside of organizing a large IT staff – such as pairing with a reputable IT solutions company to secure your school’s network, they can help to prevent an attack before it has the chance to develop.

Enjoyed this article? Take it with you as a .PDF!

Having trouble finding trustworthy IT support?

Please contact us to schedule a consultation.

Subscribe to our newsletter now!