Can you tell the difference between a harmless email and a phishing email? What if it came from your boss? Clicking on a link from a phishing email can give a hacker access to your entire organization’s network, exposing clients’ and employees’ personal information. Many organizations provide training for their employees to help them learn to spot the signs of a phishing email and avoid clicking on any suspicious links. But what can academic institutions do to prevent students from exposing their data?
If a student clicks on a phishing link, an institution’s sensitive data can also be compromised. Students need to be properly educated on the importance of keeping their school’s data safe and how they can help. Awareness is the key to lowering network vulnerability, and is often a neglected component within an institution’s cyber-security ecosystem.
While phishing emails are a major way for someone to gain access into a network, they are also easily avoidable given proper training. It is important for students to know when it is okay to click on a link in an email, and when they should seek assistance. Some phishing emails are simple to identify. They come from a random email address, have long and confusing links, and claim that “you have won the lottery” or some other obvious ploy.
However, malicious actors are getting smarter, making their emails more targeted and realistic than ever. These emails can come from a colleague’s account and have references to specific information that can cause you to believe it is real. It is important to always be skeptical when reading emails. If anything seems out of the ordinary, it is better to ask than to click the link.
A great way to raise awareness is to point out students’ personal stake in the matter. They may not think that clicking on a suspicious link could cause them any harm. Informing students about the valuable data that your institution safeguards can help unify you with your students in cyber security matters. Student financial information, Social Security Numbers, home addresses, and more are being stored within an institution’s network. Making students aware of this and the severe consequences if the data is exposed will help in reducing network breach vulnerability.
It is not expensive to get your students involved in your cyber-security strategy, and it greatly reduces an institution’s network vulnerability. While segmented networks, firewalls, and other technological defenses also play a large role, they can’t be the sole security measure taken by an organization. The strategic combination of technical and non-technical components is the best way to help prevent breaches and to be prepared if a data breach ever occurs. Educating your employees and students on cyber-security threats and best practices to better secure your network is the first non-technical step in securing your institution’s data.
COMPASS has developed a methodology to assist institutions with developing a customized, cost-effective, and practical approach to cyber security. This approach combines the discipline of project management with the latest cyber-security technology and data-protection best practices. In today’s hyper-connected world, every school is just one data breach away from being a leading story on the news and social media, which can severely damage its reputation and brand. Find out how to protect your institution. Contact COMPASS for your initial IT network security health assessment. And for commonly used terms and defense techniques, download our Cyber Security Lexicon.
