If you are running a school and rolling out online classes as the pandemic continues to create havoc, you’d better take a lesson or two in cyber security.

Cyber security experts say that the online window is not secure and teachers may end up exposing themselves and their students to security threats if they are not trained in cyber hygiene etiquette. Before they go into remote learning mode, schools and educational institutions should be aware of the likely security vulnerabilities and challenges in the cyber space.


“The Covid-19 pandemic necessitated the shutdown of schools and educational institutions across the country. Online classes have become a norm, and not an exception, making them prime targets for cyber attackers,” said Sunil Sharma, managing director sales, Sophos India & SAARC.

He listed out five key elements that schools and educational institutes should consider to ensure a safe and secure online learning experience to their students.

1. Phishing scams

“We’re seeing an uptick in coronavirus related phishing scams, and so the chances of phishing emails making their way into the inboxes of teachers, administrators, and students is very high,” he said.

“Staff must be provided with comprehensive guidance that allows them to identify such emails. Schools must deploy advanced email security that blocks phishing emails, prevents data loss, encrypts emails, and offers comprehensive protection against phishing,” he added.

2. Advanced malware attacks

As students and teachers spend more time online during lockdowns, they are susceptible to inadvertently becoming victims of an account takeover.

This, he argued, would allow criminals to log in to a school’s network, launch a ransomware attack, and take control of the data of teachers and students.

3. Scarcity of skilled staff

The availability of trained cyber security experts is very scarce. Schools should ensure skilled IT professionals to manage their network security and devices, besides taking care of the end point security.

“Critical reports identifying risky users, or which offer more information about regulatory compliance, might not be leveraged effectively,” said Sharma.

This can give cyber criminals an opportunity to exploit weaknesses in schools’ cyber security infrastructure to infect the network.

4 Firewall

Schools must deploy a firewall that detects and blocks ransomware at the gateway, and also prevents its lateral movement.

5. Antivirus and web filtering

Schools will be able to block access to inappropriate websites and stop risky files from being downloaded by using a good anti-virus solution.

Phishing can also be prevented using advanced endpoint protection technologies to stop the attack chain and predictively prevent such attacks.