Security breaches and oversight negligence
Security is vital to all businesses and schools are no different. Schools take this subject very seriously to provide a safe environment for staff and students.
Security breaches can occur in many guises but can ultimately be classified as Physical or Cyber.
Physical security is the protection of people and property from actions and events that causes potential damage or loss. In this age of cyber activity, it is easy to lose focus of the physical threats we face daily. But just remember, a firewall is useless if an attacker takes a hammer to your server or removes a storage device.
Cyber Security has become one of the most common bywords for protecting against the most prolific threats in today’s world. It includes the protection of computer systems and networks from information disclosure, data theft, data damage, or other malicious cyber activity. Cyber breach methods are numerous and come in various forms such as automated attacks including, viruses and malware, and deliberate targeting and intrusion of systems, otherwise known as hacking. However, these are all malicious activity.
Both cyber and physical breaches can also be the result of a fourth factor, what we call Oversight negligence.
Oversight negligence is innocent and is the result of important tasks and processes either being overlooked or forgotten. This is often owing to the numerous tasks and high workload school admin staff and school ICT coordinators have on their plate.
Just a few examples of oversight negligence relating specifically to IT are:
- Not managing and monitoring network admin access correctly.
- Not disabling email accounts of staff who have left.
- Not locking doors to secure areas such as the server room.
- Not running regular virus scans.
- Not ensuring clear authorization processes are in place.
- Not checking climate controls in sensitive areas.
Of course, the above are just a few examples, with there being far too many to document here, but by the very nature of what is listed it is easy to see how oversight negligence can occur when you also consider the daily workload school ICT coordinators face in ensuring the smooth running of teaching and learning.
So, what can you do?
This may sound obvious, but have you thought about implementing a daily task list? This is certainly something we practice at SBS on behalf of our IT customers.
Start by listing all the regular and often monotonous tasks you already undertake. Add to this all the additional tasks you know should be happening but often get overlooked. Finally, take the time to consider what risks exist which could be mitigated with a simple and quick regular check.
You now have your daily task list. Next assign each task to an individual, in doing so you are creating accountability, which will miraculously increase the likelihood of these checks happening.
Finally, ensure there is a robust and strict end of day sign of process, without this the entire concept is flawed, staff need to know that what they are doing is valued. By signing this work off it is further underlying the importance of these checks and creating a positive, proactive culture.
Get in touch today
Please contact the ICT Service Desk on 0345 222 1551 • Option 1 or email ICTservicedesk@schoolbusinessservices.co.uk
