All Resources

Tuesday Tips: Cybersecurity with Expert Sangar Safi

Grow Schools

June 29, 2023

FacebookTwitterLinkedInEmail
Youtube Live Sangar Safi

In this session, Sangar Safi joined us to answer questions on cybersecurity for school leaders. So many important elements of cybersecurity were discussed, including safeguarding student data, attack prevention, data encryption, user behavior monitoring, and cyberattack response plans.

You can watch more videos like these on our YouTube channel: Grow Schools – YouTube

Read Full Transcript :

Michael B.:

Hi everybody and welcome to our Thursday Charter Chats on all Things, conversations with school leaders and challenges you might be facing. This week we are talking cybersecurity as a follow up from our webinar to Wednesdays or Thursdays ago. I can’t even remember the time between now and the national conference, so I forgive me for that. But I’m really pleased to welcome Sangar Safi from Software MSP and his team who contributed just so much knowledge and good info for school leaders related to cybersecurity today. So we’re going to kick off that conversation. First, I should say hello to Sangar and ask how you’re doing, my friend. How are things going?

Sangar S.:

Hello Michael and everyone else. I’m doing great, thank you very much. Looking forward to next week, get a week off. So excited to be here.

Michael B.:

Yeah, same for us as well. Okay, let’s hop right in because we keep these conversations to 10 minutes so school leaders can hop right in and out. We are going to start at the top with our first question and if you’re joining us live please feel free to drop your questions into the chat. If you’re on a desktop, it’s on that right-hand side. If you’re on mobile if’s just below the little screen you’re seeing us. So do give us some questions if you’ve got related to cybersecurity challenges you may be facing, but we’ve got a couple prepped for this conversation and we’ll start with number one for Sangar. What are the most common cybersecurity threats that schools face right now?

Sangar S.:

There are many threats right now, but I think I highlighted three of them as the main ones right now that we’re seeing. Phishing attacks where someone emulates someone else and try to obtain personal data. Ransomware attacks, these are malicious software that encrypts the victim’s data and demands ransom for release. As you can say, it says ransomware and then the last one is DDoS. These are attacks on a network in an infrastructure to overflow the traffic and make the infrastructure internal inaccessible to legitimate users. This is a common practice where a lot of data will be sent to a website, local networks and things like that. These are the common things that we’re seeing right now in school and education market.

Michael B.:

Yeah, good call outs for those three there. And we dove pretty deep into those topics for the webinar. I will drop the webinar URL into the chat right now if anybody wants to go take a look at that webinar for individuals to hop in and dive into those conversations a little bit deeper. Next question relates to just the huge amount of data that schools are going to have at their disposal related to both not only their administration and school leaders and teachers data, but also the sensitive data around students. Are there some top three or just a couple ways that school leaders can think about to ensure the security of that student data and sensitive information that you’d recommend?

Sangar S.:

Yeah, I think one of the most valuable thing the school leaders in the schools hold is data. This is data for student and data for staff. There was in a recent analysis where data was put above oil as the most sought out commodity. Hackers are very interested in obtaining data, especially data that relates to students. It has a lot of sensitive information such as healthcare information, parent, social security, and others.

Now there’s multiple things a school leader can do to secure all this data. It starts with strong access, control and authentication. Making sure that nobody’s able to access the network or data within an organization very easily. Put as many parameters in place to ensure that you have a bulletproof process in place. Encryption of data and storage is very important. You want to store data. Once someone accesses the data, you want to make sure that their data is retrievable from a secure location outside of the cloud infrastructure where the data may be, and also do a regular security audit and training. It’s very important run simulations, see if somebody can get in and obtain the data that you are storing. So these are the three main components that a school can implement. Not complicated, not hard at all to do, but definitely doable.

Michael B.:

Yeah. During the webinar we got some questions related to the security of data specifically in one platform that we know a lot of school leaders leverage, which is Google workspace. Obviously Google’s done an incredible job of cornering the market when it comes to education opportunities and they have an entire suite that helps school leaders do their work from email to docs to all the apps in between. And we got a couple questions about how to make Google workspace as safe as possible and there were a couple tips that your team provided. I was hoping we could just take a moment to rehash some of those tips related to making sure that your Google workspace is as secure as possible.

Sangar S.:

As you mentioned, Google has been a champion in the education market in providing services to schools and taking into consideration what are the needs for school and education market. Google Workspace is a secure application or a platform. They emphasize heavily on data protection. They do have a security measures that protect data within the Google workspace. They utilize encryption to safeguard the data and rest during the transit, both within their data centers, which is an important aspect of it, and also transferring data between users and Google servers. Compliance and certification is important for Google and they’ve been the champion of compliance. They have implemented strong compliance within their infrastructure to ensure they meet all regulatory requirements to protect data for anyone who uses their platform. They also have strong user authentication and access control. Google has implemented MFA, which allows for user to access their platform authenticating multiple ways to ensure that they are the right people, they can access their platform and also access the data as well.

Now Google also has incident a response and monitoring, which allows for certain protocols to be in place when there’s a breach. They’re able to identify and then also respond to that in a timely manner. Although Google Workspace is a great platform, you can never assure any platform is secure enough. An organization, especially charter schools, must implement security parameters outside of Google Workplace and this kind of falls back on them and their school leaders, school IT outsource internal whatever they may be. A hygiene of strong password is extremely important. Implement a password system where they’re very hard, secure and not able to penetrate easily. Again, as I mentioned, multifactor authentication is extremely important. Put that as a practice that should be implemented. Educating staff control and access privileges to make sure who has access. You can’t just give everybody access to everything. That’s how you get breached. And also follow some guidelines from the industry expert of what needs to be implemented alongside Google guidelines as well.

Michael B.:

Yeah, I want to touch on a couple things there. You mentioned MFA and then defined it, the multifactor authentication. I want to make sure that our school leaders are understanding those definitions commonly referred to as two factor authentication as something they may have heard already. And also just good call outs for tools that can be helpful in that regard. Obviously our browsers, including Google Chrome or Microsoft Edge or Safari, all have really strong password managers that are encrypted. Those can be a solution that can be helpful to create strong passwords. I think that’s a core tip we’ve got to make sure school leaders understand is we cannot have the sort of typical word. 1, 2, 3, exclamation point these days. School leaders need strong passwords that are unique to specific systems because if they get compromised and they do not have unique passwords in those systems, the easiest way that hackers can go into systems is just to do that replication of passwords in different places.

So take advantage of those tools. And there’s also standalone tools that I know your team utilizes with schools. 1Password, LastPass. There are other ways, physical wearable USBs that can provide two-factor authentication. So there’s numerous ways that school leaders can help on the multi-factor authentication or two-factor authentication platforms that are out there. I want to ask, are there any emerging trends or technologies that school leaders should be aware of to enhance cybersecurity beyond just MFA two factor authentication? We talked about endpoint management during the webinar and managed services as a part of a way to help make sure that they’re as secure as possible. Anything else school leaders should be thinking about as they’re breaking for the summer and thinking about investments they may want to be making as they end next school year?

Sangar S.:

Yeah, yeah, definitely. Technology’s evolving especially in the cybersecurity space, but so are the access by hackers as well as we put in application and tools in place to prevent them. They’re developing tools to get in and it’s a cat and mouse game that they’re playing. So some of the emerging technology that definitely schools need to look for is one of the things that we’re seeing a lot is artificial intelligence. It’s very important machine learning. The Chat GPT of the world outside from just students growing and writing an essay and chat AI platforms are utilized to create malicious malware and tools and application and even write emails that look exactly like the email that a principal or a parent or somebody else will write. It is very important to pay attention to those implement tools where you can mitigate and reduce some of those threats to schools.

Many organizations are heading into the cloud. It’s very important to have cloud security as much cloud security as possible, implement applications, implement tools where you’re able to give less access to those applications in the cloud from anywhere, especially working over the summer. A school leader may be home, they may want to access some of the applications. You want to make sure proper tools are in place where all those things are protected. Another couple of things that I want to point is the IOTs internet of things. And these are wearable devices. These are sensors, these are smart boards. They all talk back to the internet. You want to make sure that those are protected. Just don’t put them on your network, not putting anything to ensure that people can access those. Those have become an easy target for hackers to get into a school infrastructure environment and do whatever they need to do.

You mentioned endpoint security. You want to protect all the endpoints that are all implemented within an organization. The last item I want to bring up is the user behavior analytics. You want to make sure there are tools that understand the user behavior. How is a user accessing applications within an organization? If there’s any abnormal activities, you want to understand all those things. There are applications and tools that can give you data on that and based on that you can create proper cybersecurity postures and things like that. These are some of the items they’re emerging. There’s quite a few more, but that’s why we’re here to make everyone aware what what’s out there and what to look for.

Michael B.:

Yeah, the tip on internet of things, the IOT, all the connectable and wearables is a big one. And one tip I’ve heard even as a homeowner and having your wifi inside your home schools have got wifi as well that they’re connecting these platforms to. And one way to try and create a layer of security is obviously don’t allow those core IOT connections to access your main wifi connection that gives access into different places within the organization. So just little things that schools can do to make sure that they’re as secure as possible when it comes to all of the connections that are happening on their campuses. We’re getting to almost the 15-minute point, but I think there’s been so much good information Sangar. If you’ve got an extra minute or two, I’ve got one last question I’d love to ask you. Do you have-

Sangar S.:

Sure.

Michael B.:

Do have an extra minute for us? Perfect.

Sangar S.:

Yeah, definitely.

Michael B.:

So when something happens, obviously, there’s a protocol that schools have got to respond to so that they can effectively respond to a cybersecurity or breach. And I want to caveat this question that for many school leaders you have insurance that covers. You are required in some states to have insurance for cybersecurity incidents and those are going to have a specific protocol that is required in order to not violate your insurance terms. So I’m making the legal disclaimer from our lawyers that tell me I’ve got to say that, but are there specific things that you would recommend that schools do at a bare minimum when they have a cybersecurity incident or breach?

Sangar S.:

The first thing, what schools should be implementing is an incident response plan. And they need to activate a response plan anytime there’s a breach, what is the first thing they do? It’s very important to document everything, create audit logs of understanding how their infrastructure is put in place, run some tests and then have those audit logs available to them in case of an incident. Isolate and contain. If there’s an incident that takes place, isolate the situation right away, contain it, make sure that doesn’t infect. Once it infects, it spreads. You want to make sure that it’s isolated and then contained, gather evidence, some of the mechanism that you can put in place and understand how did it happen, why it happened. And the last thing, a couple of things that you want to do is notify the proper and relevant parties.

This includes notifying appropriate parties such as parents, if it’s an impacting parent and student data has been breached, you want to make sure that people are aware that an incident took place, maybe their social security or healthcare information was compromised. And the last thing is make sure you engage your IT. Don’t let it go by the wayside. Engage your IT, internal IT, external IT, and consult with cybersecurity experts to really understand what happened. There are some tools that can literally isolate everything from you for you, from end to end. And based on that information activating, isolating, and gathering data, you’ll be able to identify where the breach happened, how it happened, and how to prevent it in the future. There’s many things, organizations out there that can provide some of these tools and applications and services as well.

Michael B.:

I think one of the things you and my team should work on is a guide for these incidences because there is so many nuances that need to be laid out for school. So maybe we’ll think about doing that as we head into the fall. I could ask you 100 more questions, but we keep these as tight to 10 minutes if possible. And now we’re at the 16 or 17 minute mark Sangar. So I’m going to wrap things up and just say thanks for everyone for joining us. We will of course have Sangar and the Software MSP team back as we head into the fall and kick off back to school initiatives with our school leaders. So look for those opportunities to join us again and send us your questions. We’re happy to tee those up to have conversations with his team about cybersecurity challenges that school leaders face.

We are taking a break for the month of July, so we’ll be back in August. To get notified about when we’ll be back live just subscribe to our channel on YouTube or if you’re one of our email subscribers, we thank you for that. You’ll get an alert towards the end of July when we be back here Thursday, 10:00 AM Pacific, 1:00 PM Eastern on All Things Challenges for School Leaders. Sangar. My big thanks and I hope you and your team have a wonderful 4th of July and summer holiday. Take care.

Sangar S.:

Thank you, you too. Thank you very much. Have a good one.

Want to share?
FacebookTwitterLinkedInEmail