Schools should restrict access to data even within the organisation, change passwords of their internal systems at regular intervals, and not have passwords that can be guessed easily, an additional commissioner of Kolkata Police said in his address to school principals on Tuesday.

"Institutions at this age must have a cybersecurity policy, follow basic cyber hygiene and report cybercrime and have dialogue with law enforcement," additional commissioner of police (II) Pranav Kumar said.

He was a speaker at the 103rd annual conference of the Association of Heads of Anglo-Indian Schools in India.

Speaking on awareness of cybercrime and cyber safety, Kumar said that restricted access means, for example, that finance personnel should not have access to human resource data, and vice versa.

Cyberattacks on school websites are not uncommon, he added.

During the session, educators highlighted emerging online risks.

Terence John, director of education and development at the Julien Day Group of Schools, said that students often morph images of teachers or peers, creating fake content.

"It's important we address these issues," Terence Ireland, principal of St James’ School said.

It’s not just a local issue. Michelle Gardner, principal of St Jude’s School, Dehradun, said: “Children making memes of teachers can tarnish the reputation of schools.”