Six ways to protect your school district’s data with guidance from CISA and Salesforce
- Published in: Education Blog
- Written by Kate Kieres
The average cost of a data breach in the education industry is 3.86 million
Last month, the Federal Bureau of Investigation (FBI), the Cybersecurity and Infrastructure Security Agency (CISA), and the Multi-State Information Sharing and Analysis Center (MS-ISAC) issued a Cyber Security Advisory after the Los Angeles Unified School District, which serves nearly 700,000 students, was the victim of a ransomware attack. Attackers successfully infected the district’s computer networks with malicious software, resulting in “significant disruption” to the district and some of its services.
Government agencies warn that “K-12 institutions may be seen as particularly lucrative targets due to the amount of sensitive student data accessible through school systems or their managed service providers” and raised concerns that such incidents “may increase as the 2022/2023 school year begins and criminal ransomware groups perceive opportunities for successful attacks.”
Security Best Practices – Preparing for Cyber Incidents from the FBI/CISA/MS-ISAC:
It is more important than ever before that K-12 education institutions take preventative measures to ensure that sensitive student information is safeguarded against potential threats. Below are some essential security practices provided by the CSA. They include specific actions that organizations can take right now to prepare for potential incidents and decrease the likelihood that they will be carried out in their communities.
- Maintain offline backups of data and regularly maintain backup and restoration. By instituting this practice, the organization ensures they will not be severely interrupted and/or only have irretrievable data.
- Ensure all backup data is encrypted, immutable (i.e., cannot be altered or deleted), and covers the entire organization’s data infrastructure. Ensure your backup data is not already infected.
- Review the security posture of third-party vendors and those interconnected with your organization. Ensure all connections between third-party vendors and outside software or hardware are monitored and reviewed for suspicious activity.
- Implement listing policies for applications and remote access that only allow systems to execute known and permitted programs under an established security policy.
- Document and monitor external remote connections. Organizations should document approved remote management and maintenance solutions and immediately investigate if an unapproved solution is installed on a workstation.
- Implement a recovery plan to maintain and retain multiple copies of sensitive or proprietary data and servers in a physically separate, segmented, and secure location (i.e., hard drive, storage device, the cloud).
Six ways your Salesforce Org provides protection from New and Emerging Threats
Organizations currently using Salesforce have access to some of the industry’s most secure tools and practices.
- Multi-Factor Authentication(MFA). This requirement adds an extra layer of protection against common threats like phishing attacks, credential stuffing, and account takeovers. Implementing MFA is one of the most effective ways your company can increase the security of your Salesforce data, and it is now required for all Salesforce clients.
- Run a Security Health Check with Every Release. A Health Check tool is a standard component of all Salesforce products. It allows admins to manage security settings in a single dashboard and to identify and fix potentially vulnerable security settings.
- Set login IP ranges. Login IP Ranges limit unauthorized access by requiring users to log in to Salesforce from designated IP addresses — typically your corporate network or VPN. Using Login IP Ranges, admins can define a range of permitted IP addresses to control access to Salesforce.
- Consider adding Salesforce Shield to your overall security strategy. Shield complements your security features with enhanced encryption, app, and data monitoring, and security policy automation. Shield can help admins and developers build a new level of trust and transparency in business-critical apps.
- Educate users regarding common phishing tactics. Everyone with access to sensitive data is a potential entry point for an attacker, so be sure that users in your organization are provided with customized access to only the data necessary for them to carry out their specific job responsibilities.
- Prevent or mitigate social engineering threats, such as phishing attacks, that target individuals within the organization and seek to secure an individual’s username and password. In addition to Multi-Factor Authentication, using strong passwords and biometric authentication tools can also reduce threats to your org.
More security information can be found on the Salesforce Security Best Practices Page and their Safe Remote Work Environments Blog.
How can Buzzbold help?
As a certified Salesforce Implementation partner, Buzzbold can support schools and districts in consolidating the number of separate software systems used for administrative purposes, thereby increasing software interoperability and data security. In Salesforce, student data is housed using some of the most advanced technology for Internet security available today.
Through our support and training success plan, Buzzbold can provide your organization with support in backing up data securely on a regular basis and advise you on additional steps that you can take to enhance data security. We can also ensure that your Salesforce software is up-to-date by monitoring and installing release updates that improve the performance, logic, security, and usability of Salesforce products.
Your school district’s IT team is busier than ever before. Through a partnership with Buzzbold, you can help ensure that your student data remains safe and that the potential risks associated with a cyber attack are mitigated to the greatest extent possible.