Email security for education: Mitigating risks and implementing best practices

As educational institutions increasingly rely on digital communication, email security has become a critical concern. Schools face unique challenges in protecting sensitive information and maintaining trust within their communities. In Clever’s Cybersecure webinar, “Enhancing Email Security and Vulnerability Disclosure in Schools,” Jim Siegl from the Future Privacy Forum discussed the pressing risks and effective strategies to bolster email security and manage vulnerability disclosure.

Email security: Challenges and risks

Email remains one of the most widely used systems in schools, making it a significant target for cyberattacks. One prevalent threat is email spoofing, where attackers forge email headers to make messages appear as if they are from trusted sources. This can lead to recipients unwittingly clicking on malicious links, opening malware attachments, or even transferring sensitive data or school funds.

Jim highlighted the vulnerability of school districts to such attacks, emphasizing that the risk is exacerbated by the extensive use of third-party services for email communication. The need for comprehensive email security protocols is paramount to safeguarding school data and maintaining operational integrity.

Implementing comprehensive email security protocols like SPF, DKIM, and DMARC isn’t just a technical necessity—it’s a fundamental step in protecting our schools from cyber threats. By adopting these measures, we can safeguard our communications, ensure the integrity of our data, and maintain the trust of our communities.

Jim Siegl

Senior Technologist, Future Privacy Forum

Email security: Strategies and solutions

Jim outlined three key DNS-based email security protocols that can significantly mitigate the risk of email spoofing: SPF, DKIM, and DMARC.

1. SPF (Sender Policy Framework): This protocol restricts who can send emails from your domain by allowing the recipient’s mail server to verify the sender’s IP address against an authorized list. While effective, SPF has limitations and works best in conjunction with other protocols.
2. DKIM (DomainKeys Identified Mail): DKIM adds a digital signature to the email, ensuring that the content has not been tampered with during transit. This tamper-proof seal is critical for maintaining the integrity of email messages.
3. DMARC (Domain-based Message Authentication, Reporting & Conformance): DMARC ties SPF and DKIM together, providing a consistent policy for handling emails that fail authentication. It also generates reports for domain owners, helping them monitor and improve email security.

It is important to implement all three protocols for a holistic approach to email security.

Adoption of email security tools in schools

How are schools approaching adoptions of these strategies? Jim analyzed data of all Virginia school districts to provide context. 

SPF, the first protocol, is widely used, with 84.6% of Virginia districts having implemented it, up from 60% in 2016. However, nearly 28% of these districts do not identify any additional IP addresses for sending mail, which could indicate a critical omission. 

DKIM uses digital signatures to authenticate email origins and ensure the integrity of the email content, but it is harder to scan for due to the need to know the DKIM selector name. 

DMARC, which ties SPF and DKIM together, is much less common, with only 16% of Virginia districts implementing it, and just 8% having a policy to quarantine or reject impersonated emails.

Email security for education: Takeaways and recommendations

1. Adopt comprehensive email security protocols: Schools should implement SPF, DKIM, and DMARC to protect against email spoofing and enhance overall email security. These protocols work together to verify the authenticity of emails and ensure message integrity.
2. Regular monitoring and gradual rollout: Implementing DMARC should be done gradually, with regular monitoring of reports to fine-tune spam filters and ensure that legitimate emails are not inadvertently quarantined or rejected.
3. Evaluate vendor security: When evaluating edtech vendors, schools should consider the adoption of these email security protocols as part of their vetting process. High adoption rates among vendors can indicate a stronger commitment to cybersecurity.
4. Use available tools: Utilize tools such as MX Toolbox to test the implementation of email security protocols. Schools can input their domain and those of their vendors to check the status and effectiveness of these protocols.

In conclusion, enhancing email security is a critical step in protecting school districts from cyber threats. By adopting comprehensive email security protocols and maintaining vigilant monitoring and evaluation practices, schools can create a safer digital environment for their communities.

To learn more about email security, you can watch Jim Siegl’s presentation and refer to his slides below.