UNOCHA, (2020). Guidance Note on the Implications of Cyber Threats for Humanitarians.
Cybersecurity Essentials for Education in Emergencies (EiE) Data
Adapted from UNOCHA Centre for Humanitarian Data (CC BY 4.0)
Why it matters
EiE data often contains sensitive information (school locations, displaced children’s details, staff contacts). A cyber incident could:
- Expose vulnerable students and teachers to risk
- Interrupt emergency education operations
- Damage institutional credibility and trust
Key Cyber Threats
- Data Breaches – unauthorized access to student or school records
- Ransomware – files locked until payment is demanded
- Phishing – fake emails trick staff into giving passwords
- Disinformation – false data spread to disrupt response
Essential Practices for Ministry EiE Data Teams
-
Prioritize cybersecurity as part of data responsibility
-
Make it a standing agenda item in EiE planning
-
-
Control access to sensitive data
-
Use role-based permissions (“need-to-know” only)
-
Remove access for staff who no longer need it
-
-
Strengthen authentication
-
Use strong, unique passwords
-
Enable two-factor authentication (2FA) where possible
-
-
Backup and protect data
-
Store backups offline or in secure cloud systems
-
Encrypt sensitive files
-
-
Keep systems updated
-
Apply software and antivirus updates regularly
-
-
Raise staff awareness
-
Train collectors and analysts to spot phishing emails
-
Share simple do’s and don’ts (don’t share passwords, don’t click unknown links)
-
-
Plan for incidents
-
Create a clear checklist:
-
Who to call if data is lost or stolen
-
Steps to isolate affected systems
-
How to notify affected partners/communities
-
-
Remember
Cybersecurity is not only technical — it protects children, teachers, and schools. Making small improvements now can prevent major risks later.
Source: Centre for Humanitarian Data, UNOCHA – Guidance Note on the Implications of Cyber Threats for Humanitarians (CC BY 4.0).