How to Secure your schools Microsoft and/or Google tenant

Here at Next Gen IT we are seeing an increase in cyber-attacks, and tenancy breaches across the estate of schools and education facilities we manage. At best it can be a disruption to your work, at worst it can take email and documentation down for days and cause major disruption.

Below we have outlined several things your organisation can do to keep your more secure from cyber-attack.

Spam protection

A high proportion of attacks come through email.  Spam, malicious emails or a phishing attacks are designed to get the user to enter details that are then captured and used for malicious reasons. A great way to protect against this is to implement spam protection. Microsoft and Google do have levels of spam protection built in, but there are several dedicated spam filter systems that will do a much better job, but do come at a cost. With this you should expect fewer emails received into your school’s mailbox that are of malicious intent.

Password manager / MFA tool

Browsers are really good at Keeping your passwords, and its made things a whole lot easier having your passwords and user details saved for your convenience. The issue with these is they don’t store them in an encrypted format, most virus’s or malware on a computer will pull the passwords from a browser in seconds, leaving all your details exposed. Password managers and MFA tools have made the process of storing passwords just as easy and much more secure, if you can invest in one, at least for the main users in your organisation then do so. Keeper and LastPass are two examples to name a few…

Password policy (that you really do stick too!)

A good password policy can be setup by your IT admin, change your password every 3-6 months, and include numbers, special characters and capitals. If used within conjunction of a password manager tool it will be nice and easy to create a good password that is difficult to crack.

Backup

Microsoft and Google do not backup your emails, documentation or information, you are required to do this. They will store it and make it available to you, but they are not responsible for backing it up, if your account gets hacked and your work is deleted, its gone! Backup your school’s tenancy so it can be restored if required.

 

Reduce the number of unused accounts on your tenancy

When staff leave their account should be archived and then deleted after 3-6 months, any data that is required should be migrated to another live account. If you manage student accounts, the same applied for leavers. Try avoiding generic mailboxes like admin@ or finance@ you can create aliases that sit on top of your account that will capture emails to this address if needed.

 

2FA, 2FA, 2FA…

Switch on 2FA or MFA for every account you can. 2FA or MFA is the process of authenticating your login with another device like your phone. We have done it with online bank accounts for years, but now its time to add this to your email account and any other accounts that will let you add it. It works and stops a huge number of breaches. and just a reminder never share a 2FA code or OTP (one time passcode) that is text to your phone.

 

Security policies for your tenancy

Within Microsoft and Google you can change the security features of how it flags unsecure logins. This can include things like user’s login in from outside of the UK, or what happens when Microsoft flags a user’s activity as suspicious. Have your IT admin check over these settings to keep them as tight as you can without slowing down efficiency.

 

Antivirus, patching, licensed servers and PC’s

Ever wondered how passwords are leaked onto the dark web without you ever knowing? Well in some cases its because the user of the account is running an unsecure device. It maybe that it isn’t updated (patched) with the latest windows or IOS update. It could be running malware or housing a virus which is designed to key log and capture details. Any reputable IT admin will insist on Anti-virus, an active windows licensed device (this includes servers!) and good patching to keep your device up to date.

 

If you are concerned about the security of your organisation, would like to talk with us about the options you have available to ensure better security, here at next gen IT we would love to take the opportunity to discuss this with you and work with you on a plan to improve the integrity of your IT systems.

 

Steven Lightfoot

Managing Director

Next Generation IT