4 Cybersecurity Tips for School Staff & Students

20 Oct 2022
Eric Muckensturm
Eric Muckensturm
IT Strategy Manager, Cybersecurity, Learning Technology Center

Each year in October, the US recognizes Cybersecurity Awareness Month, a multi-week opportunity for civilians, businesses, and institutions – including K-12 school districts – to recommit themselves to protecting digital networks and data.

This year’s theme is “See Yourself in Cyber,” a reminder that everyone has a role to play in cybersecurity. In K-12 schools, that includes teachers, administrators, and even students – all of whom rely on safe, secure digital infrastructure on a daily basis.

Now’s a perfect time to get everyone in your school on the same page for cybersecurity. Here are 4 tips your staff and students can follow to #BeCyberSmart and make your district’s networks safer going forward:

Tip #1 – Utilize Multi-Factor Authentication (MFA)

Leading cybersecurity organizations agree – multi-factor authentication is one of the best methods for preventing unauthorized account access. According to the Cybersecurity & Infrastructure Security Agency (CISA), this added layer of security can prevent up to 99% of account hacks, whether you’re at home, at work, or at school.

Many digital platforms – including Google, Microsoft, and social media platforms like Facebook and Twitter – now allow users to implement MFA on their accounts. Teachers in particular can benefit from using MFA on their work devices (though students can also utilize it on their personal devices at their own discretion). 

Utilizing MFA is a quick win, too. Setting up MFA typically only takes a few minutes, but can make an outsized difference in keeping your accounts safe from nefarious intrusions.

Tip #2 – Create Stronger Passwords

You’ve heard it before, but with good (research-backed) reason: stronger passwords are one of the keys to reliable cybersecurity, both at an individual and institutional level. With a strong password in place, hackers have a harder time accessing your personal accounts and in turn, a harder time accessing your district’s networks through you.

But what constitutes a “strong” password? CISA recommends incorporating these up-to-date best practices for password creation:

  • Never use the exact same password twice
  • Use the longest password permitted by each platform (12-64 characters)
  • Use upper and lowercase letters, numbers, and special characters
  • Do not create passwords that are based on personal information that can be easily accessed or guessed

Passphrases are also a novel way to create a password that is more secure without entirely diminishing memorability. Use a Passphrase can be used to create these kinds of passwords, as well as provide tips for customizing passphrases to avoid cracking via a dictionary attack.

Tip #3 – Manage your Passwords

Now that you have a bunch of unique, hard-to-crack passwords, you’ll need somewhere to store them (and no, a pile of sticky notes or a sheet of paper with all of your passwords back to 1999 won’t work). Today’s cybersecurity experts recommend using a password manager to streamline and simplify the use of strong passwords.

With a password manager, you’ll only need to remember one extra complex password in order to access all of your other passwords, both on desktop and mobile devices. Google users can utilize their built-in password manager, while DashLane, LastPass, and 1Password are popular with many users.

Tip #4 – Run Updates Now (Not Later)

Everyday, online hackers find new ways to leverage digital exploits to their advantage. For that reason, all users should routinely run software updates on the operating system (OS), anti-virus, firewall, and all other software.

Turning on automatic updates can make this a no-brainer. Also, if your district’s technology team asks you to run an update, do so without delay. Clicking “Remind Me Later” only adds to the likelihood of you becoming a target for an otherwise preventable cyber attack.

Supporting Every Role Toward Stronger Cybersecurity

The Learning Technology Center works year-round to provide cybersecurity support to Illinois K-12 districts, through technology consultations and weekly networking opportunities. Our Tech Services team can also help your district protect mission-critical data with the latest data privacy resources and trainings.

Individuals with a stake in cybersecurity can also learn from state and national voices at SecurED Schools, the LTC’s virtual summit on K-12 cybersecurity and data privacy. This year’s program will feature two days of hands-on sessions geared toward transforming cybersecurity posture and responding to emergent threats targeted at educational institutions.

Eric Muckensturm
Eric Muckensturm
IT Strategy Manager, Cybersecurity, Learning Technology Center

Eric provides a multitude of services to help Illinois public school districts improve their overall security posture and maturity, including through the implementation of standards, frameworks, and industry best practices.