Schedule a demo

Delivering Data You Can Trust

3 min read

5 Ways Passwords Threaten Your School's Digital Security

June 12, 2020 at 8:30 AM

Because schools aren’t handling vast numbers of consumer transactions, it's easy to mistakenly believe them to be the last place likely to be hacked. Consider this - over 700 breaches of K-12 systems have been reported since 2016, and over 100 known incidents just in 2019! While restaurants and retail represent “get rich quick” opportunities for cyber-criminals, school databases are warehouses of sensitive personal information that could be mined for months or even years before detection. After all, who's looking at the credit of a first-grader on a regular basis?

Traditional password access is only so secure. All the different login prompts and password management apps in the world camouflage one basic truth - passwords are inherently weak. As the role of technology in schools deepens, and with AI and machine-learning enhancing the power available to cybercriminals, it’s time to examine new ways to access district software systems that sidestep the need for multiple passwords.

Passwords Get Recycled

Like so many people, you’ve probably recycled a password once or twice in your life. You’re not alone - over 70% of people are guilty of reusing passwords for personal and professional applications.

It’s an innocent mistake that could make hacking your home and your school extremely easy for someone with the resources, time and motivation. In order to minimize access to the dozens of applications in use, each platform should have an entirely unique password. 

Easily Guessed Passwords Are Easily Hacked Passwords

Similar to remembering unique passwords for 26 software applications or more, recalling overly challenging passwords requires more effort than you’d like to expend. You’re not alone in that, so there’s a bit of solace to be had there. Millions of people are using “password”, “welcome”, “1234” or another easily guessed password as their safeguard between security and danger.

The risk of using an easily guessed password is compounded by the likelihood that the password is not unique to one system but is shared across several applications. Taken in tandem, this is an area for exploitation that few schools, let alone businesses overall, are prepared to confront. “An ounce of prevention is worth more than a pound of cure”. Indeed. 

Passwords Aren’t Kept Secure

We won’t ask for a show of hands - everyone has stored their passwords in a little notebook left on their desk at some point in their lives. 25 years ago - before technology became so widespread and necessary - you probably thought nothing of it and incurred little to no risk as a result. We haven't lived in that world in a very long time, though.

The problem arises when too many people, including business managers and executives, keep their passwords on sticky notes or scrap bits of paper. If anyone walking past your desk can see your password or it could easily be swept into a trashcan, how safe can it really be?

At the risk of sounding like the technology director for your district, you should never share your password or username - guard it like you do your Social Security Number or bank account! You might not think twice about it, but if the password you use for Netflix, Amazon or your work portal doesn’t follow the first two points in this list, you could be sending out digital invitations for hackers. 

Passwords = 0, Hackers = 1

Because of the inherent weakness posed by passwords, even the laziest of hackers can easily access your network using ill-gotten passwords. Millions of passwords are being bought and traded on the digital black-market every day, and phishing emails have become convincing enough to trick even the most cautious of people into handing over their login details. If you looked in your email Spam folder, odds are pretty good that there's more than a few sophisticated password hijacking schemes hiding out that look to be from Amazon, eBay or even your bank!

Critical Users Aren't Being "Password Safe"

All it takes is one compromised user account for a cyber-criminal to access your
systems. That access point can be anyone in your school system, though the majority of
hacks begin with access through privileged accounts
. If the people
with the most senior levels of access to your district’s servers aren’t being “password
smart”,  the damage potential is catastrophic!

The first and most crucial line of defense against intrusion begins with access to the apps your schools depend on. With schools depending on dozens of diverse software
systems for classroom management, student achievement, records keeping and
operations, K-12 account management has been thrust front-and-center. An end-to-end single sign-on system gives verified users the freedom to forget complicated passwords and move smoothly across applications. Better yet, SSO helps boost protection against illicit access while giving staff and students in your district the sense of peace
of mind they crave. 

Want to learn more? Schedule a conversation about Easy Access with a Level Data expert!

David Barrett
Written by David Barrett

David Barrett is Level Data's Digital Marketing Specialist, having joined the team in 2019. With a large family filled with teachers and school administrators, David brings a lifelong passion for education and a background in content creation and digital marketing to the table. His prior experience covers a diverse range of industries that includes real estate, eCommerce and freelancing for nonprofits and small businesses. In addition to digital marketing, David is an accomplished photographer, coffee-enthusiast and self-professed creative nerd.

Post a Comment

Featured Case Studies