(Photo by Joseph Pearson)
The issue of cybersecurity is an ongoing concern for the Holy Family Roman Catholic Separate School Division, as they partner with companies like IBM to keep them up-to-date with the latest methods of maintaining a high level of security of personal data of staff and students.
Superintendent Chad Fingler provided an update to the Holy Family board at their monthly meeting, which was held virtually on Wednesday evening.
鈥淲e know that education has a vast amount of information, both private and personal,鈥 he said, noting that schools can become primary targets of hackers who want to mine that data.
He touched on phishing, which is a method of using fake emails to get people to click on and provide a portal for them to come in and look around the school鈥檚 system, as it were, or to plant a Trojan or ransomware as they lock the school鈥檚 system down for a ransom.
鈥淓ducating staff on how best to mitigate security is huge,鈥 said Fingler. 鈥淣early all virtual security issues are due to human error. We have money budgeted every year so we can stay on top of it.鈥
Part of the funding is to have partners like IBM, who carry out a robust security scan with a third-party vulnerability test to assess how well set-up a school division鈥檚 computer system is to keep hackers out, he explained, noting that every time they think they鈥檙e on top of it, something new pops up.
One major change for security is to have all of their data on the cloud rather than all in a physical server in a school or the division office, said Fingler, who noted that they have to buy a whole new server every five or six years as it ages out and the warranties come off.
鈥淣ow we鈥檒l buy space in the cloud and will be billed just for the space we use rather than use an entire storage box,鈥 he said. 鈥淲ith that comes major security improvements as our data is no longer sitting in a metal box in a school.鈥
He added this also keeps the data safe should a fire, flood or burglar break in and cause damage to a school鈥檚 computer system or server.
For students, Holy Family also uses net nannies which monitor what sites students are visiting or using, and a teacher can go on and see what site every student is on.
With remote learning needed once in a while due to COVID-19 issues, Holy Family鈥檚 IT expert can also ensure that the Chromebook machines sent out are kept secure.
Part of the operational procedures used also are digital citizenship agreements, which must be signed by all staff members along with the professional development they are provided for the use of technology.
Password protection is another area that they deal with for staff, administrators and board members. Fingler said one solution, suggested by IBM experts, is to use a phrase that has 16 or more characters and is easy to remember, making it very, very difficult to break because of how long it is. Suggestions were phrases like 鈥淚 like Hawaiian pizza鈥 or 鈥淚 like to golf on Sundays鈥, ones that are personal and easy to remember.
At the same time, trustees and staff need to stay away from so-called 鈥淕olden Ticket鈥 passwords, which are passwords someone uses for everything. Fingler pointed out if a hacker cracks it, they then have access to everything that password is used for.
鈥淚 feel very proud of what we鈥檝e done in Holy Family, as security is an important process for us to consider. We continue to journey with it,鈥 said education director Gwen Keith.
