Hypersecu Blog

Check in weekly for news, events, and security tips

Protecting Student Records

A Simple Way to Secure Teacher Access

More and more schools are switching to a centralized student record system. It’s no wonder, considering that well-managed student data can make reporting and transfers easier, as well as provide education professionals with tools for collaboration and planning. There is a downside, however: with a centralized system, all that’s keeping a hacker from gaining access to report cards, test scores, student addresses and a host of other confidential information is a static username and password. And the thing is? These hacks aren’t always by some stranger in the dark. It might be one of their own students.

© | Dreamstime.com

Recent Exploits

A quick search on Google can provide a multitude of evidence that student records get hacked. In fact, there are a large number of hacks perpetrated by high school students that go beyond what we might expect. The simple fact is, if there’s a way to cheat, someone is going to try to take the easy way out. Hacking student records in order to change grades is just one example of what can happen when log in access is not properly protected.

Common Password Hacks

There are a lot of ways hackers can gain access to your passwords. We’ve listed the most common below. You can find more details about them here.

  • Mass Theft – Credentials stolen from large data breaches are sold off to the highest bidder and hackers will use them in hopes that the stolen username and password will unlock more than just the one original account.
  • Wi-Fi Monitoring – Hackers monitor open or public Wi-Fi networks and capture usernames and passwords as people type them in.
  • Phishing Attacks – There are many variations of phishing attacks and more are being developed every day. You can learn more about phishing attacks here.
  • Brute Force Attacks – Hackers use a program that will try all the various letter and number combinations, as well as specific words, to “guess” the correct password. It can be an effective method since there are only so many combinations depending on the number of characters used.

Protection with OTP

One-time password (OTP) tokens can be used to prevent the above attacks and others by adding a second factor to the authentication process, called two-factor authentication (2FA). Along with your regular log in credentials, the OTP token provides a unique value that is keyed in, allowing access to the service or software for only that registered user. A hacker without that specific OTP value is denied access.

Added Value

OTP tokens not only provide added security, they can increase productivity, too, since they can be used with mobile devices such as tablets and smart phones, in addition to laptops and computers. The best part? OATH compliant OTP tokens can be easily integrated into existing infrastructures, providing a simple convenient solution. This is a huge plus for schools, where disrupting the infrastructure can really negatively affect students and teachers.