The Nanaimo-Ladysmith School District is taking steps to boost cybersecurity measures.

The school district currently has more than 15,000 devices connected to its network — such as tablet and laptop computers, surveillance cameras and heating, ventilation and air conditioning — plus about 7,000 personal devices that connect daily, a report by business committee staff.

At last month’s committee meeting, Mark Walsh, secretary-treasurer, and Zeyad Merchant, chief information and technology officer, told trustees about the work to protect against online attacks. Walsh said the district faces “some serious cybersecurity issues, especially given the sensitivity and depth of personal information” it collects. However, he added that the district’s IT department is proactive.

“In general, we’re good about privacy in how we would respond to breaches…” Walsh said. “One of the reasons for bringing this report on board is multi-factor authentication. When you sign in to your DoorDash account these days, you must sign in via email and receive a text or other form of confirmation. . That comes down to SD68 as a basic security measure.”

Data breaches, holding people’s access to computers and information hostage through ransomware and “phishing” scams to steal personal information or upload viruses are some contemporary threats, the report said.

According to a Forbes report that looked at more than a dozen countries, 83 percent of schools were victimized by some form of ransomware in 2022, with K-12 “the most targeted industry, surpassing higher education and surpassing government. , construction and medical care,” noted an SD68 staff report.

Administrator Tania Brzovic asked about two-factor authentication, citing problems with the fingerprint option on mobile phones. There are many security options that people can choose from, but nothing is secure, the staff replied.

“The most common one you’re probably familiar with is text… There are also weaknesses in that, as the bad guys also have a unique ability to spoof and spoof mobile phone numbers, getting people to answer a text that is actually. coming from an illegitimate source,” Merchant said. “It’s now known that texts (short message service) are actually a weakness.”

He said there will be various options for two-factor authentication. Many people have multiple phones and there are some modern apps that are currently secure.

“I will highlight the importance of authentication in the second factor,” Merchant told the committee. “Back in the day, your firewall and the power of the internet was really what protected you. Today, your firewall… your current username and password… these are the most frequently targeted.”