As districts look ahead to the beginning of a new school year, it’s important to make sure your information technology equipment and networks are in good working order. Summer may see a decrease in computer usage, but that doesn’t mean you can ignore your network, equipment, or maintenance procedures. Here are some important considerations for keeping your technology environment safe over summer break and into the fall semester.
1. Keep things clean
No matter how clean your server room, equipment will collect dust. Those little particles can create big problems. Make sure you physically clean up the equipment as part of your campus closeout and reopening procedures. The work doesn’t stop there. You should also designate someone to periodically clean server rooms during extended breaks.
2. Protect against power fluctuations
Texas is experiencing a heat wave that could cause rolling blackouts. Verify that your uninterruptible power supply (UPS) is in working order. This device will give you time to properly shut down your servers if your campuses lose power. Also, confirm that your UPS contains a surge protector. If not, consider investing in a standalone surge protector to guard against power surges caused by severe weather.
3. Allow updates and patches to run
Hackers don’t stop launching attacks just because your students are on summer break, and they’ll definitely be on the offensive when the school year begins again. It is imperative that security updates and patches continue to be installed in your system year-round.
If you don’t have staff available to run updates, consider deploying an automated patch/update server to ensure you have the latest and greatest protection.
It is also helpful to create an automated distribution list that your servers generate for your IT staff. This report will verify the success of updates and patches so you can be sure the server is doing its job.
4. Back your data up
Make sure your backups continue to run year-round. You’ll also want someone to confirm the backups are functional and can be used to get the system operational again in the event of a ransomware attack or system failure.
With less user demand on your system, summer is an ideal time to run a drill in which your IT team restores your network environment from backups. This training could improve your team’s effectiveness and response time if a network emergency occurs during the school year.
Pro tip: Skyrocketing cybercrime losses have driven a difficult market for schools seeking coverage. Fund members with Privacy and Information Security coverage should prepare for their your next by embracing these four best practices, at minimum.
5. Monitor server logs
Your servers can tell you if they need help. Set up a distribution list so your IT team receives a daily error notification/log from your servers. Make a habit of checking daily to see if critical errors are reported.
Keeping a close eye on your network logs could also alert you and your team to suspicious activity that might indicate hackers are probing your network for vulnerabilities or trying to break in.
6. Maintain equipment
Equipment in use deteriorates over time. This is especially true for public-facing equipment. Walk your campus, surveying your ports, cables, and public terminals. Without students around, your IT team will have a chance to replace malfunctioning, outdated, and unsafe equipment.
This is the time to take care of all those little bits of maintenance you didn’t time for during the school year:
- Ports might need rewiring or new face plates.
- Keyboards and mice in libraries might need to be replaced.
- You might even deploy a new secure local area network for your HR or accounting team and need to reconfigure network segments and ports as a result.
Additionally, computer waste builds up during the year. Establish a relationship with a technology waste recycling company, and have them pick up that trash and create space in the server room.
7. Upgrade your technology
Before the fall semester begins, take advantage of the opportunity to upgrade equipment, software, and operating systems. Audit your servers, migrating away from platforms that are set to lose support (Windows Server 2008, for example) and moving to newer, supported versions of server operating systems.
You should also inventory your equipment to determine whether older devices need to be replaced. Some older Wi-Fi routers, for example, cannot operate on the newest encryption standards (you should at least be on WPA-2). If your Wi-Fi routers and access points are using older standards (WEP or WPA), summer break is your chance to upgrade and secure those devices.
8. Train your team
Staff may have enough downtime to increase their cybersecurity savviness during extended breaks. Annual cybersecurity training is barely enough. If you have a chance to expose your team to advanced security concepts, it’s a big win for your district.
Training that addresses previous cybersecurity incidents your organization has experienced can be especially relevant and impactful. The Fund can set up custom, needs-based training for members with Privacy and Information Security coverage.
Can’t get to every tip?
It’s important to take advantage of the opportunities a quieter campus and schedule provide and boost your cyber defenses. We understand, however, that you might not be able to work all eight of these tips into your cybersecurity initiatives during the summer and early fall.
At minimum, make sure critical considerations like backups, patches, and equipment maintenance are delegated to qualified employees or automated and verified via distribution groups or other means.
Fund members with Privacy and Information Security coverage who suspect they have been the target of cybercrime should immediately report the incident online or by phone at 855.295.8344. If you have questions about cybersecurity education or consultation, contact Privacy and Cyber Risk Consultant Lucas Anderson.