Cybersecurity incidents targeting schools and universities are on the rise again. Over 950 schools and colleges were hit with ransomware in 2021. These attacks impacted nearly a million students and cost schools over $3.5 billion in downtime alone. Ransoms demanded ranged from $100,000 to over $40 million and on average schools faced four days of downtime and almost a month of recovery time after attacks. A recent survey by Sophos found that nearly half of the K12 institutions surveyed had been targeted by ransomware, facing more than $1.5 million on average to recover.
Lincoln College, a school of about 600 students in Illinois, was struggling financially after COVID when they were struck by a ransomware attack last spring. The attack locked them out of their enrollment, recruitment, and fundraising data. The university paid the $100,000 ransom but still was not able to recover all of its data. Unfortunately, the school was forced to permanently close its doors in April 2022 due to the impact of the ransomware attack and the pandemic.
So, how do you protect your institution’s data and keep your name and your superintendent’s name out of these types of headlines?
Two friends are hiking in the woods when they come across a bear. The bear charges the friends, and they turn and try to run away from it. The first friend asks, “How are we going to outrun the bear?” The other replies, “I don’t have to outrun the bear. I just have to outrun you.” The same is true when trying to prevent ransomware attacks. You don’t necessarily have to spend millions of dollars to keep your institution secure. Hackers and other cyber threats are looking for the easiest targets and the lowest hanging fruit. With that in mind, just doing a few small things can help keep your organization secure.
Setting up two-step verification (2FA) may be the single biggest step you can take to prevent cybersecurity attacks. Two-step verification is an added layer of security that will help keep your users safe. Your users would sign in with something they know (their password) and something they have (typically a verification code sent to one of their devices). Even if a user’s password is compromised, the account is still secure as the attacker would have to have both the password and the 2FA code to login. Super administrators can enforce 2FA in the Admin Console. Check out our upcoming webinar to learn more about deploying two-step verification within your organization.
Attackers are also looking for easy accounts to log into. It’s critical that your organization change default passwords in your network, firewall, and security tools. Additionally, it’s important to set up password policies in the Admin Console. You can set a minimum password length, password complexity, prevent users from reusing old passwords, and configure password expiration policies. Getting ready to create password policies? Check out these Password Tips from Google to share with your users.
Are you ready to upgrade the security of your organization? Google Workspace for Education Plus is the ultimate Google Workspace edition. Education Plus gives you additional storage for your domain, teaching and learning tools like originality reports, premium features in Google Meet, and advanced security features like the Security Investigation Tool, Context-Aware Access, and Target Audiences.
The Security Investigation Tool allows you to quickly and easily identify, triage, and take action on security and privacy issues in your Google Domain. With the Investigation Tool you can monitor file sharing, conduct organization-wide searches within multiple sources, investigate devices, and pivot your investigation across multiple sources and data sets.
Does your organization ever need to delete phishing emails or emails sent by mistake? If you don’t have the Investigation Tool, the only way to search and delete emails is with the command-line tool GAM. The GAM option requires you to be fluent in Linux and looks at emails one inbox at a time. So, if you have a large organization it may take five or six hours for GAM to delete your emails. During this time your users are still reading their emails, opening links, and forwarding the threat to other users. With the Investigation Tool, however, you can find and delete threats in moments.
Context-Aware Access gives you the ability to control access to apps based on a user’s location, device, and IP address. Using Context-Aware Access, you can create granular access control policies for apps based on attributes such as user identity, location, device security status, and IP address.
With Context-Aware Access you have the ability to block logins from specific countries and IPs. You can also use Context-Aware Access to prevent users from outside of the country from signing into your domain’s Admin Console.
Target Audiences are groups of people—such as departments or teams—that you can recommend for users to share their items with on a more controlled basis. You can add them to users’ sharing settings in a Google service, such as Google Drive or Chat, to encourage users to share items with a more specific or limited audience rather than your entire organization.
By default, when your users share documents in Google Drive they are prompted to share with everyone in the organization or everyone with a link. With Target Audiences you suggest the perfect audience for your users to share documents. Using the example of a high school teacher, you are able to create target audiences for all staff at that building, all students at that building, teachers in the teacher’s department, and all staff at the district office. With target audiences, your users can quickly and easily find the perfect group of users for file sharing. In addition, your district is infinitely more secure as the documents are shared with the right audience rather than posted publicly on the internet.
Security Center provides advanced analytics and security dashboards so you can monitor security events in your organization. The dashboards display information related to file exposure, email security, logins, file sharing, suspicious activities and more. You can even use the Security Investigation Tool to create custom charts for the information causing you the most concern.
Is your organization as secure as it can be? Have you configured all of the security features available in Google Workspace? The Security Health page gives you the ability to conduct your own security audit and compare your settings against Google’s best practices. Recommendations found on the Security Health page will explain why you should consider the recommendation and step-by-step guides that will walk you through how to implement the changes.
Your organization receives thousands of emails a day. Security Sandbox in Google Workspace for Education Plus allows you to automatically scan incoming email attachments for malware, ransomware, viruses, zero day threats, and other cybersecurity threats.
Create Google Groups that automatically update so your groups are always accurate. Dynamic Groups creates groups based on job titles, departments, buildings, organizational units, 2-step verification status, and more.
Google Workspace for Education Plus is the edition that gives you the security features, tools, and analytics you need to make your institution as secure as it can be. Want to try out Google Workspace for Education Plus in your own environment? Sign up for a free 60 day trial!
Kincaid IT is here to help you get the most out of your investment in Google Workspace and we’d love to help you better secure your domain. We offer Google Workspace for Education Plus licenses, security audits, and a free security ebook. Looking for more help? Check out an upcoming webinar or sign up for an upcoming security summit.