PROVIDENCE, R.I. (WPRI) — Breach attempts, including phishing emails and ransomware threats, happen constantly at schools and universities, according to Nicholas Tella, the director of information security and adjunct professor in the College of Engineering and Design at Johnson & Wales University.
“We have to keep an open environment,” Tella explained. “We can’t block certain sites and we can’t block students from going to certain sites, whereas a bank or a financial institution could.”
“I call it a target rich environment for the bad guys,” he added. “They have everything. They have a name, a date of birth, a social security number, and a home address.”
IN-DEPTH: Back to School Coverage »
Federal law protects the privacy of student records and schools have systems in place to protect that data, but breaches can happen if someone does something as simple as clicking on a link they shouldn’t.
“The key is getting enterprise data solutions that are storing the student data that have the necessary security in place to meet all of the federal, state and local guidelines that dictate how that data should be maintained,” Tella said. “The second step is training your faculty and staff on how to handle that data.”
In a recent report to the U.S. Congress, the Kentucky Department of Education said its schools faced more than 4 billion breach attempts in 2017.
The Rhode Island Department of Education (RIDE) told Eyewitness News it does not track similar information, but said data security is a priority.
While schools are protecting students’ data, parents can also help kids protect their digital footprints.
“It’s about creating a digital profile. Everything you do follows you,” Tella cautioned. “Unfortunately, if you’re capturing some silly moment that you’re in, it could be used against you down the line.”
Tella said parents should also consider installing remote wipe technology on family devices. If a device is lost or stolen, you will have the ability to delete the personal information that’s on it.