Staff Cybersecurity Training

Cybersecurity might seem technical, but it’s vital for teachers and school staff to understand and follow best practices. Schools and districts increasingly rely on technology and connectivity. These services enhance learning, but also expose schools to cyber threats. The stakes are high: a successful cyberattack can halt learning and compromise student privacy. Even trusted systems can be attacked, and human vigilance is often the last line of defense.

Cybersecurity Training Topics

Use these topics to learn how to protect our district from cybersecurity attacks! By understanding the threats and following these fundamental practices, you can significantly reduce the risk of a cyber incident at the district and foster a safer digital environment for everyone in the school community.

Phishing & Email Scams: Think Before You Click

One of the most common threats you’ll face is phishing–fraudulent messages that trick you into divulging information or installing malware. Phishing emails often pretend to be from a familiar source, such as the district IT department, a colleague, or a known company, but they actually come from cybercriminals. The goal is usually to get you to click a malicious link, open an infected attachment, or reveal sensitive data like your login credentials.

Example Scenario

You receive an email that looks like it’s from your principal, asking you to purchase gift cards for a school event. The email address, however, is slightly off (e.g., [email protected] instead of [email protected]). This is a red flag–it’s likely a phishing scam. In another case, you might get an “IT notice” asking you to “verify your account” by entering your username and password into a linked website. If you look closely, the link may be a spoofed address (e.g., mail.schooldistrict.example.com instead of slzusd.org).

How to Spot a Phishing Email

Attackers are clever, but their messages often have telltale signs:

Suspicious Senders – The sender’s email address or domain is off by a letter, or it was sent by a public email service unrelated to the supposed organization. Always verify that the email is from an official school domain or a known contact.

Generic Greetings and Urgency – Phishing messages might start with “Dear User” instead of your name, and they often pressure you to act immediately (“Your account will be closed if you don’t click now!”).

Spelling and Grammar Mistakes – Many scam emails originate overseas. Be cautious if an email claiming to be from a professional source is riddled with errors or awkward language.

Mismatched Links – Hover your mouse over hyperlinks without clicking to see the actual URL. Phishers often use links that look legitimate but have subtle misspellings or extra words (trust.wiki-media2.com instead of trust.wikimedia.com). If the URL doesn’t match the organization exactly or it uses an odd domain, don’t click it.

Unexpected Attachments or Requests – Be wary of attachments you didn’t expect, especially if they ask you to enable macros or run programs. Likewise, be skeptical if an email asks for sensitive information like passwords or financial details via email.

What to Do If You've Been "Phished"

If you suspect an email is phishing, do not click any links or attachments. Verify the request through another channel; for example, call the colleague or department on a known phone number to confirm. If you're still unsure, contact TIS. It’s always better to double-check than to be tricked. Remember, cybercriminals exploit trust–staying alert can prevent a major security incident in your school.

Malware & Internet Scams

Beyond email, threats can come from general web browsing and online activities. Content filters and firewalls effectively block malicious sites, but no system is perfect. Always practice safe browsing habits, be aware of common web-based threats, and maintain a healthy skepticism online. By avoiding the sketchy corners of the internet and being mindful of what you click, you greatly reduce the chance of getting hit with malware or other cyber nasties.

Beware of Malicious Websites & Pop-ups

Just visiting an infected website can sometimes install malware on your computer. This is less common now, but it is still possible, especially if your system isn’t up-to-date. Stick to reputable websites, especially on school devices. Do not click strange pop-up messages or alerts like, “Your computer is infected, click here to scan now!” These are often traps (so-called “scareware” or “malvertising”) that lead you to download malware. Instead, close the browser, or use Task Manager if it won’t close, and inform TIS if needed. Use web browser extensions or features that block pop-ups and warn against known bad sites (many browsers do this by default).

Beware of Vishing & Smishing

Phishing can also happen via phone calls (“vishing”) or text messages (“smishing”). For example, you might get a text that appears to be from your bank or a call from someone claiming to be the district IT helpdesk. Treat unsolicited communications asking for sensitive information with skepticism, no matter the medium. If someone calls claiming there’s an urgent tech problem and asks you to navigate to a website or give them access to your computer, it’s likely a scam! Verify by contacting TIS directly.

Only Download Files/Plugins from Trusted Sources

It's OK if you need a PDF worksheet from a curriculum website, but avoid downloading random files or software from sites you arrived at via web search without vetting them. Also, be cautious of browser plugins or extensions; for example, some might look helpful for converting files or blocking ads, but rogue extensions can spy on your browsing. Again, stick to extensions recommended or approved by TIS.

Beware of Email Attachments from Outside the District

We covered phishing emails, but even legitimate-looking emails from unfamiliar senders (like a vendor or a parent you haven’t corresponded with before) can carry infected attachments. If you get a strange attachment (especially .zip or .exe files) from someone you don’t know, be very careful. When possible, have TIS scan it. On Windows, you can right-click and scan with your antivirus as a first check. When in doubt, confirm with the sender through another known channel that they meant to send you a file.

"Trust but Verify" All Links

When researching online or looking for teaching resources, you might search and end up on new websites. Be cautious about clicking ads or “Download” buttons–some can be disguised as malware links. If you need free resources, try to use well-known educational repositories. A common trick is fake “Play” or “Download” buttons on sites that trick you into clicking something harmful. Use your browser’s status bar (hover to see the link) to check where a link goes before clicking it. When in doubt, don’t click! Ask TIS to check a website that's asking you to install software or browser extensions.

Be Mindful of Personal Device Use/Home Networks

With remote learning and take-home work, you might sometimes use personal equipment or networks. If you’re checking school email on a home computer, ensure the computer has antivirus software, and that it is not used by others to visit risky sites (family members inadvertently could introduce malware). Avoid storing confidential school files on personal devices. When possible, use a school-issued device for school work. If you must use personal devices, practice the same security measures–strong passwords, updates, etc.–and consider asking IT if they have a secure VPN or other tools for remote access.

Back Up Important Data

Sometimes, despite precautions, malware strikes–particularly ransomware, which can lock you out of your files. The best mitigation (besides prevention) is having backups of important data. If your school provides network drive storage or cloud drives, use them for important documents rather than keeping the only copy on your local machine. This way, if your computer is compromised, your data is still safe on the backup. Get in the habit of storing or regularly copying your important files–lesson plans, grades, and so on–to a Google Drive or Microsoft OneDrive. If you need to save a file locally, periodically copy it to a secure external drive or cloud as backup.

Strong Passwords & Account Security

Your password is often the only thing between a hacker and sensitive school information. Weak or reused passwords are a leading cause of school data breaches. Always use strong, unique passwords for your school accounts (email, grading systems, etc.) to make it much harder for attackers to gain access. See the SLZUSD Password Protocol for district password guidelines.

Characteristics of a Strong Password

A good password is easy to remember but hard for others (humans or machines) to guess. Follow the district password protocol guidelines when creating/managing passwords. You could also consider using a password manager app, as long as it's been approved by the district. Password managers can generate and securely store complex passwords for your various accounts. Then you only have to remember one master password, and you'll be less tempted to reuse the same password multiple times.

Real-World Example

A teacher used the same password for a personal shopping account and their school email. When the shopping site was hacked, attackers obtained the password and tried it on the teacher’s school email, and it worked. The attackers then accessed sensitive student information in emails. This could have been prevented with unique passwords (and the next topic, multi-factor authentication).

Always Protect Your Credentials

Multi-Factor Authentication (MFA): An Extra Layer of Security

Multi-factor authentication is one of the most effective tools for securing your accounts. MFA means that in addition to your password, you need a second step to log in–typically a code from a smartphone app or a physical security key. At SLZUSD, we use Cisco Duo MFA, which helps block most unauthorized access attempts.

Why MFA Matters

Even the strongest password can be stolen through phishing or a data breach. MFA stops attackers from getting in with just a password. For instance, if someone tries to log in as you from a hacker’s computer, they would also need your phone (to get the code) or another factor that they don’t have. Users who enable MFA are significantly less likely to be hacked, because a stolen password alone isn’t enough to breach the account.

Example Scenario

Imagine you accidentally clicked a phishing email and entered your school account password on a fake site. Without MFA, the attacker could immediately use your password to access your email or systems. But with MFA enabled, the attacker would be prompted for that second factor (which they don’t possess). You would likely receive an alert or prompt on your phone, which is a warning sign–you could then change your password and notify IT, preventing a breach. In this way, MFA can act as a safety net for mistakes.

Use Our MFA, Cisco Duo

Follow the district’s guidance for using Cisco Duo. Once setup is complete, you’ll log in normally with your password and then enter a code or approve a prompt on your phone. It might add a few seconds to your login, but it dramatically increases security.

Treat MFA codes like passwords–never share them. If you get an unsolicited MFA prompt on your phone (when you’re not trying to log in), deny it and report it to IT; it could mean someone has your password and is attempting access. Using MFA wherever possible makes your accounts much harder for any attacker to compromise.

Device Security & Safe Technology Use

Modern classrooms and offices are filled with devices: desktop computers, laptops, tablets, smartphones, interactive whiteboards, and more. Keeping these devices secure is just as important as safeguarding your passwords. Here you'll learn digital security practices (updates, antivirus) and physical security for your devices. Following these guidelines will help you greatly reduce the risk of accidents or attacks. A secure device means that even if someone tries to breach it, they'll hit a wall.

Keep Devices Updated!

Just like lesson plan templates get updated, so does software. Outdated software can contain vulnerabilities that attackers exploit. Make sure your computer, tablet, and phone install updates and patches as soon as they are available. TIS will manage critical updates for district-provided devices. Allow them to run their updates and restart your computer when prompted. If you see reminders for OS or app updates, don’t ignore them! Enabling automatic updates wherever possible is a good set-and-forget safety measure. Keeping software current closes the doors hackers use to get into systems.

Use Antivirus and Approved Software

Most school computers include antivirus/security software. Do not disable it. It helps catch malware that might slip in. Only install approved software or browser extensions. Avoid downloading free “cute fonts” packs or unknown apps from the internet; these often come bundled with spyware or adware. When in doubt, check with IT before installing something new for your classroom. Stick to official app stores and trusted educational software sources.

Lock and Secure Your Devices

In a busy school, devices can be lost, stolen, or misused if left unattended. Always lock your screen (Windows: Windows+L, Mac: Ctrl+Cmd+Q) when stepping away from your computer, even for a moment. This prevents students or visitors from accessing your account or files when you aren’t looking. If you have a laptop, never leave it in a classroom or car overnight. Keep it with you or in a secure location. The same goes for sensitive paperwork–a clean desk policy (no student data left out) helps ensure information isn’t inadvertently seen or taken.

Keep Mobile Devices Safe

Many teachers use smartphones or tablets for school email and apps. Treat your mobile device as an extension of your computer. Use a strong passcode or biometric lock (fingerprint/face ID) on your phone so if lost, others can’t access your email or student information. Be cautious when using mobile devices on public Wi-Fi (like at a coffee shop); avoid accessing confidential student data on unsecured networks, or use a district-provided VPN if available. Keep your mobile apps and OS updated. Hundreds of security fixes come through updates each year for phones.

Practice Classroom Technology Safety

In class, you might use shared devices like smartboards or student computers. Always log out of personal or teacher accounts on shared devices after use. If students use devices under your supervision, ensure they have limited access accounts. Double-check privacy settings on any classroom tech that records or stores data (for example, a classroom camera or microphone system). Only connect classroom devices to the school’s secure network–avoid using personal hotspots or unvetted internet connections for school activities, as they might bypass the school’s security filters.

Use USB Drives and External Media Safely

Be careful with USB flash drives or external disks. If you find a USB drive on school premises, never plug it into your computer–it could be loaded with malware. Instead, give it to IT. If you use USB drives to transfer files, use ones provided by or approved by the school, and scan them for viruses. When possible, use secure cloud storage (like Google Drive or OneDrive provided by the district) to transfer files instead of physical drives.

Device Safety Best Practices Checklist

Do I have up-to-date antivirus/security software running on my devices?
Are all my devices (computers, tablets, phones) installing updates regularly?
Do I lock my screen every time I walk away from a logged-in device?
Is my laptop stored securely when not in use (not left in a car or unattended classroom)?
Have I limited student access on shared classroom computers and logged out of my accounts?

Protecting Student Data & Privacy

Teachers and school administrators are entrusted with sensitive information about students, families, and staff, from grades and contact details to health records or IEP documents. Protecting this data is not only about compliance with laws like FERPA, COPPA, and CIPA, but also about maintaining the trust and safety of your students. By treating student and staff data with care, you not only comply with privacy regulations but also protect your students from potential harm, such as identity theft or embarrassment. Follow these key practices for handling sensitive data.

Use Secure Systems

Always use district-approved, secure systems to store or share student information. For example, enter grades in the official grading system, not a personal spreadsheet on your home computer. Always use your district email for district and school business, which is monitored and secured by the district. Avoid sending sensitive student information via personal email or texting–these channels might not be secure. If you need to send student data to someone, check if your district has an encrypted email option or a secure parent portal.

Access Controls

Only access student records you are authorized to see, and only do so on a need-to-know basis. Similarly, do not share access to systems or files with unauthorized individuals. For instance, if a colleague needs some data, it’s better to have them request their own access rather than logging in with your credentials. Most systems log user activity, so use your own accounts and keep them private.

Double-Check Recipients

When emailing or sharing files, especially those containing student data, double-check that you’re sending them to the correct recipient(s). A common mistake is emailing a student’s report or an entire class list to the wrong parent or an unrelated third party by accident, causing an unintended data breach! Take care when using email auto-complete; verify that you selected the right John Smith from the address book!

Limit Data on Portable Devices

If you store student data on a laptop, phone, or USB drive, consider what would happen if that item were lost or stolen. As a rule, try not to keep data on portable devices unless absolutely necessary. For example, avoid downloading large reports with sensitive info to your laptop if you can choose to view them over the secure cloud system. If you must have certain data files on a device, check if your IT department can enable encryption, so that without your password, the data is scrambled.

Clean Your Desk and Screen

Only Use/Recommend Approved Apps

New education tech tools are exciting. However, before you download or recommend that cool new app, website, or service, check with TIS to verify it is approved for student use. Entering student information into a random free app or website could inadvertently expose that data if the service isn’t secure. When in doubt, ask an administrator or IT about data privacy before using a new tool that asks for class rosters or personal details.

Be Mindful of Social Media

Many educators share classroom updates or student accomplishments on social media or class websites. Before you post, consider the following:

Ensure you follow school policy regarding student photos and names online; for example, do you have parental consent to post that group photo?
Never share personal details publicly (addresses, full names with identifying info, etc.).

What goes online can potentially be seen by anyone, including those with malicious intent. When posting, think: Is this content appropriate and safe if seen by people outside our school community?

Incident Response: What to Do If Something Goes Wrong

Despite our best efforts, mistakes and incidents can happen. Maybe someone clicked a bad link or a laptop was stolen, or you notice something odd (like files disappearing or a suspicious login notification). How you respond in those first moments can make a big difference in limiting damage. It’s important to be prepared and know the proper steps to take when a cybersecurity incident occurs.

1. Don’t Panic, But Act Promptly

Staying calm is key, but so is speedy action. If you think your device has malware (for example, you see a ransomware note or your computer behaves strangely after opening a file), follow these steps:

Disconnect it from the network immediately: unplug the Ethernet cable/turn off Wi-Fi. This can help stop the spread of malware to shared drives or other computers.
Power off the device if possible.
Contact TIS (see next step)

Don't feel embarrassed! Attackers are crafty, and they count on your shame to prevent you from acting quickly. Reporting the incident immediately is much better than quietly hoping the problem disappears. TIS can help (and has likely seen similar situations before!).

2. Report the Incident to TIS

3. Contain the Incident

Follow the instructions from TIS on what to do next. They may ask you to NOT use certain systems for a time, to change your passwords, or to alert other staff. If you accidentally emailed sensitive data to the wrong person, inform your supervisor immediately so the district can take steps, such as asking the recipient to delete the email.

If you suspect an account breach (for example, you notice emails in your “Sent” folder that you didn’t send), change your password immediately and notify TIS so they can investigate. The sooner an incident is contained, the less impact it will have.

4. Preserve Evidence Safely

It’s helpful to save evidence of what happened, but do so carefully. For example, if you got a phishing email, don’t delete it right away; forward it to IT or security so they can examine it (there may be details like headers useful for blocking future emails). If malware pops up a message, take a photo or screenshot of the message (if possible) to show IT. However, avoid interacting further with the malicious element. If it’s an email, don’t click links within it, just save the message. If it’s a virus, don’t try to run “cleaner” tools on your own unless instructed, as it might destroy evidence or make things worse. IT teams or forensic experts may need these clues to figure out what the malware was and how it entered.

5. Learn, Refine, and Stay Safe

After an incident is resolved, it’s worth reflecting on how to prevent a repeat. TIS may conduct a brief “post-incident” review. The goal is not to place blame, but to improve defenses. Cybersecurity is a team effort–if something slips through, sharing the story (in a constructive way) helps others be aware of new threats.

Finally, remember that cybersecurity is an ongoing process. Threats evolve, and so will the guidance from experts. Stay informed: participate in any training your district offers, read security bulletins or newsletters if they send them out, and don’t hesitate to ask questions. As the front-line users of school technology, teachers and staff are crucial to a robust defense. By staying vigilant, practicing good cyber hygiene, and fostering a culture where everyone looks out for security, you help protect yourself, your students, and your entire school community from cyber harm.