School districts across the country are training their employees to identify and stop cybercrime. No matter how informed and prepared your team is, however, cybercriminals constantly find new ways to attack. In many cases, their schemes rely on human error.
The accidental release of staff, student, or parent sensitive information has the power to tarnish your organization’s reputation. Data loss prevention (DLP) tools help ensure that when employees make mistakes, technology has your back.
How does DLP work?
Rather than one piece of software, DLP is a suite of applications that help prevent data loss from within your network. DLP works to protect data while at rest and in motion. In its simplest form, DLP might consist of firewall and antivirus software. However, when security professionals discuss DLP, they are likely referring to more advanced systems.
These advanced systems can identify sensitive information such as Social Security numbers, birthdates, health records, and financial account numbers, and prevent that data from being copied without authorization or sent out of your network. The application determines which data is sensitive by scrutinizing information such as keywords and points of origin within the network.
If an attempt is made to copy sensitive information, the process will be stopped. If a staff member attempts to send an email that contains sensitive information, the send process will be terminated, or the outbound message will be encrypted.
Nearly 40 percent of malware is delivered through infected Microsoft Office files and PDFs. Too often, attacks hinge on employees opening infected email attachments. DLP tools add a layer of security to your sensitive data.
California district learns tough lesson
In 2019, an employee at Centinela Valley Union High School in California fell victim to a phishing scheme. A cybercriminal “spoofed” an email from the superintendent. Spoofing is when a hacker creates a fraudulent email that looks legitimate enough to convince a victim to follow its instructions. The email requested the W2 information and Social Security numbers of the entire staff. Unfortunately, the recipient complied with the request and released the sensitive information.
If the district had protected its network with DLP tools, this attack would have been prevented. When the employee attempted to respond to the spoofed email, the DLP system would have scanned the message for sensitive information, recognized the Social Security numbers and W2 information, and taken action to prevent data release.
For example, the system might have warned the employee that the email contained sensitive information and asked him or her to confirm they wanted to send the message. In other cases, the system might refuse to send the email, or it could encrypt the sensitive information so the cybercriminal has to contact the district for the decryption key.
Ready to protect your network with DLP?
Cybercriminals increasingly attack the education sector. Unfortunately, the question is when, not if, your district will be targeted. Many security platforms come with DLP tools that simply need to be configured and activated. In this case, no new purchases would be required to add DLP to your security suite. Your organization’s IT team will likely be able to provide you with additional insight.
Expert help from the Fund
The Fund provides Cybersecurity and Data Privacy coverage, guidance, and resources to members with Liability coverage. This includes an online training course that fulfills the state-mandated annual cybersecurity training requirement. To report a Privacy and Information Security claim, call the Fund at 855.295.8344. For more information about cybersecurity or to request guidance on this topic, contact TASB Privacy and Cyber Risk Consultant Lucas Anderson.