Keeping your School Website Secure in 2018

Written by Pano Savvidis // February 23, 2018

A recent study has found that the vast majority of school and education websites do a poor job of protecting their browsers security and privacy.

Whether it’s tracking tools used by advertising partners and companies, with little disclosure of such usage…Or lack of support in secure browsing for site visitors.

Put simply, all school websites must ensure that they invest in optimum security for the safety of their traffic, their staff, and their students.

But how do you ensure the safety of data, students, staff and potential parents of new students as they visit and share sensitive information on your website?

 

School websites must use HTTPS protocol as default

Simply put, HTTPS stands for ‘Hyper Text Transfer Protocol Secure’. The ‘S’ in this is very important as it guarantees the encryption of any data that is shared on your website.

If your website just uses the inferior HTTP protocol, third parties can track pages that your school website user views and the information sent online. These third parties can then inject malware and revise the content of the website pages being viewed. This could be particularly dangerous in the hands of a hacker or an internet troll.

 

School websites must keep software up to date

Ensuring that you keep all software up to date is crucial in keeping your school website secure. This software includes the server operating system and also any CMS or forum software that is used on your site. Hackers can work their way into your website and cause trouble through outdated software.

Your web hosting company should take care of your operating system security updates.

 

Don’t divulge too much in error messages

When you display an error message on your website, be very careful how much actual information that you give away. Don’t provide full exception details as they can make complex attacks on your website easier for the wrong people. Keep detailed errors in your server logs, giving website users just the information that they need.

 

Don’t underestimate passwords

It’s very important to use strong passwords for both your server and website admin areas. It’s equally as important to ask your web users to ensure that their passwords are strong. This will help them to protect the security of their accounts.

All strong passwords should use a minimum of eight characters, including an uppercase letter and a number or symbol.

If somebody hacks into the school website and attempts to steal your passwords, the use of hashed passwords could help to limit any damage, as these are impossible to decrypt.

 

Be cautious of file uploads

If you allow users to upload files to your website, it can be a big website security risk, even if it’s simply to change their avatar. The risk is that any file uploaded however innocent it may look, could contain a script that when executed on your server completely opens up your website.

If you have a file upload form then you need to treat all files with a great level of suspicion. If you are allowing users to upload images, you cannot rely on the file extension or the mime type to verify that the file is an image as these can easily be faked.

Even opening the file and reading the header, or using functions to check the image size are not full proof. Most images formats allow storing a comment section which could contain PHP code that could be executed by the server.

 

Choose the appropriate storage environment for your school website

This can make a huge difference in keeping your information secure and private. Many companies use cloud or web-based hosting to keep data physically safe when it’s off their website. Make sure that you choose a storage provider that has a valid SSL certificate. Also, check their terms of service so that you know exactly what security measures they take when storing your data.

 

Consider purchasing access to a reputable Virtual Private Network (VPN)

VPN’s can prevent snooping-based attacks along with other transmission-related intrusions and theft of valuable data. VPNs work by encrypting the channel through which your data is sent and received, and can offer protection towards your identity and credentials from others with access to the network that you are using.

With data security challenges growing in 2018, choosing trustworthy storage companies, strengthening passwords, and implementing security policies for all end users and machines in your school or home, will keep your data safe from most attacks.

Definitely consider investing in a VPN for added security, and make use of encrypted storage and transmission protocols such as SSL (Secure Socket Layer)

 

Make sure your school website is password protected and manage your information with care and attention to encourage the safety of all shared data available.

Get In Touch:

Your Full Name *

Your E-mail Address *

Your Telephone *

Enter your message here *

Thank You, your message has been sent.

Academy Schools

access

access device

Activities

advice

affordable

anti bullying

anti bullying month

Anti-Bullying Week

app

apps

assembly

assignments

Attainment

attendance

auditory

Augmented Reality

authentic learning

bbc micro bit

beatrix potter

Becta Guide

behaviour

Behaviour Management

behaviour management software

bespoke lesson content

best

Best Practice

BETT

BETT 2014

better

birthday

blog

Bloganywhere

blogging

blogging in school

blogging tools

Blogs

Bradford

brainwashing

budget

bullying

careers

ceop

charles dickens

children

christmas

Christmas message

class

classes

classroom

Cloud Computing

Collaboration

communication

Competition

confusing

continued professional development

CPD

Create your own character competition

creative school resources

cyberbullying

cyberbullying in school

Department for Education

Derbyshire

design

design your own egg

Differentiation

don'ts

dos

dropbox

e-learning

e-learning advice

e-learning events

e-learning in the classroom

e-portfolio

e-Portfolios

E-Safety

e-safety experts

e-safety in schools

e-safety survey

e-safety training sessions

Early Childhood Education Degrees

Early Years

easter competition

easter egg competition

easy to use

Ebacc

edtech

Education

Education and Technology Conference

education experts

education products

education technology

Education Tools

educational apps

educational technology

elearning

elearning apps

elearning competition

English

Enterprise day

eportfolio

esafety

esafety survey

Events

evernote

evolution of technology in schools

expert

experts

free e-learning products

free moodle events

free resources

free teacher events

free teacher webinar

free worksheets

French

Funding

gamification

GCSE

GDPR

Google

Google Apps

government

government guidelines

grades

Guest Infographic

guides

Handheld devices

Hardware

head office news

head teacher advice

head teacher of the week

help

helpful

History

Holy Family Catholic School

homework

homework block

homework month

homeworkanywhere

how to learn faster

how-to

ICT

ideas

IMLS Framework

improve

influential schools

Infographic

integrated e-learning solutions

Interactive Whiteboards

iPad

iPads

iPhones

jargon

Jobs

jotter

jotter mobile

Jotter Mobile app

Keighley

keynote

kids

kinesthetic

Laptops

laughing

LCMS

learn faster

learn faster advice

learn faster tips

Learn module

Learnanywhere

learner device

Learner Journey

learning

learning experience

learning faster

Learning Light

learning management

learning management system

learning management systems

Learning Platform

learning platforms

Learning Services

learning solutions

learning technologies

learning technology providers

Leicestershire

lesson plan

lesson planning

lesson plans

Literacy

literature

London

m-learning

Maths

mathsanywhere

message

messaging

microsoft

mindfulness in the classroom

missed

mlearning

Mobile

mobile app

mobile apps

mobile apps for schools

Mobile Friendly Websites

mobile learning

mobilegeddon

Modern Foreign Languages

money

MOOC

Moodle

Moodle 2

moodle 3.1

moodle 3.1 new features

Moodle 3.2

Moodle 3.4

moodle birthday

Moodle Conference

moodle experts

moodle lms

Moodle partner

Moodle SIMS Integration

moodle updates

moodle vle

most popular school website

Multi Academy Trust

Multi Academy Trusts

multiculturalism

national curriculum

Netbooks

new e-learning products

new elearning products

new elearning tools

New Ofsted Framework

news

newsanywhere

North East

North Yorkshire

Nottingham

Nottinghamshire

NQT

Numeracy

office 365

Ofsted

ofsted e-safety inspections

ofsted requirements for websites

ofsted school website requirements

online

Online Collaboration

Online Games

online learning

online learning solutions

online rewards system

online safety

online spellings tests

online tools

parent

parent communication

Parent Messenger

Parental Engagement

parents

passwords

Personalised Learning

Persuasive Technology

phishing

phone

Phonics

photos

Pi

pizero

planbook

podcast

Podcasting

poems

Poetry

powerpoint

presentation

press releases

Primary

primary education

primary lesson plans

Primary School

primary school competition

primary school website

primary school websites

primary schools

Prize

Procurement

product

professional development

promoting e-safety in school

PTT

pupil premium

pupil premium webinar

push notification

push notifications

quickvoice recorder

Radioanywhere

Raspberry

raspberry pi

RE

recruitment

reducing stress

Resources

responsive websites

revision

Riots

Safe Social Networking

Safeguarding

safety

save

school

school blogging

school blogs

school broadband

school competition

school eportfolio

School Information Regulations

school internet

School Jotter

school mobile app

school mobile apps

School Payments

school tips

School Web Design

School Website

school website design

school website help and advice

school website offers

school website system

school websites

Schoolanywhere

schools

schools technology

Science

scores

Sean Gilligan

Secondary

secondary learning platform

Secondary School

secondary school teachers

Secure Social Networking

security

SEN

senior leadership team

sharepoint

Shift Fatigue

silliness

SIMS

SKE

smartphones

SMS

Social Media

Social Networking

South Elmsall Carlton Junior & Infant School

spelling software

spellings

St Andrew’s Junior School

Studen

student engagement

Student Jotter

study

studying

studying tips

style

substitute teachers

Sugata Mitra

summary blog

support

tablets

teacher

Teacher Engagement

teacher resources

teachers

Teaching

Teaching Resources

tech savvy techer

technology

technology in education

technology in school

technology in schools

technology in the classroom

Test

text

texting

The Academies Show

The Achievement of Pupils

The Behaviour and Safety of Pupils

The BETT Show

The Quality of Leadership and Management

The Quality of Teaching

timeline

tips

tom starkey

top tips

Totara

totara lms

Tour de Yorkshire

training

training courses

tricks

Twitter

University

USA Moodle Partner

usage

useful

Video

video tutorials

Videocasts

virtual learning environments

virtual learning platforms

visual

VLE

vles

ways to save teachers time

Web Design

Webanywhere

webanywhere birthday

webanywhere events

webanywhere history

Webanywhere new products

webanywhere news

webanywhere office

webinar

Website Content

West Yorkshire

World Citizenship

York

Yorkshire