By Charlie Sander, CEO, ManagedMethods.
K-12 cybersecurity is much more challenging for IT teams now that school districts have shifted into remote learning. Students and staff are no longer in school buildings—at least not full-time—and can access sensitive data from anywhere, at any time, and on any device because of the cloud.
The COVID-19 pandemic not only caused a disruption in classroom environments, it also disrupted and forced a major shift in the cybersecurity strategies of K-12 IT teams. The data of students and staff, along with all the email, applications, and documents are now being accessed outside of school networks. IT teams are essentially flipped upside down when it comes to what needs to be closely monitored and are restrategizing to do so.
The use of cloud applications from afar, such as those within Google Workspace and Microsoft 365, is increasing and it’s causing IT teams to lose visibility and control of what is happening online. As K-12 IT departments and teams continue shifting cybersecurity strategies, here are three things to consider to be better protected.
- An Explosion of Access Points
Students and staff are continuing school and work from home, even after returning for a short period at the start of this school year. This means that the number of access points into a school district’s network and domain has virtually exploded.
Previously, students accessed school accounts from inside the classroom using devices that stayed in the building and connected to school networks. Now, districts are bringing hundreds of thousands of new devices into their digital environment, which students and staff are using to access school data from anywhere, at any time.
Further, this access largely comes from home and public networks, which aren’t typically as secure. District IT teams also don’t have any control when it comes to firmware and hardware updates of the technology being used in homes—and that’s if a home even has the means to have an internet connection.
In addition, not every student has access to a laptop to participate in remote learning and often have to share devices with a parent or sibling. This means student data is created and stored on personal devices, as well as the cloud, and poses a serious threat to the security of school districts.
Remote learning relies on new applications to support collaboration and communication among students and teachers. However, new vulnerabilities are being created simultaneously for IT teams to detect and mitigate moving forward.
- More Applications, More Vulnerability
Remote learning brings with it a new influx of applications to school districts. IT teams weren’t prepared to monitor and protect many of these remote learning applications this past spring, and may not have been ready still at the start of this school year.
School districts are using new video conferencing apps, such as Google Meet, Microsoft Teams, and Zoom to support remote learning. Cloud-based learning management systems (LMS) like Google Classroom, Schoology, Blackboard, and more have also increased in use. With these apps, students and staff may also have access to chat features such as those in Google Chat.
Although the increased use of these apps began this past spring, school districts continue to fall victim to cyber incidents that originate within them. These incidents include unauthorized access into a virtual classroom, attendees taking over classrooms by sharing their screens, as well as the spread of inappropriate and discriminatory content found inside of LMS platforms, chat, and file sharing apps.
The apps don’t just pose a security threat to school districts, they also put the safety of students and staff at risk if left unmonitored and unprotected. Because it’s not just outside hackers that are a threat to districts. Students and staff are just as much as a threat from the inside, and IT teams are having trouble monitoring for the security risks that originate from within.
- Monitoring and Controlling Internal Activity
The U.S. Government Accountability Office (GAO) found that students and staff are more likely to create cybersecurity, student safety, and data privacy risks that impact school districts than a cybercriminal—according to its analysis of data from The K-12 Cybersecurity Resource Center. What this means is that while IT teams are focused on preventing outside hackers from gaining access into a school district, monitoring what students and staff are doing on the inside is equally as important.
However, monitoring and controlling activity when students and staff aren’t in the building accessing email, files, and documents through the cloud makes it difficult for IT teams to detect threats. Further, students often behave more mischievously online compared to when they are in a physical classroom with a teacher. Less tech-savvy teachers and staff are often unaware of the potential risks of remote learning applications they are not used to or that are not configured correctly.
Moving to the cloud helps schools continue to teach students in a remote environment. But, school districts are now more vulnerable than ever before. Districts are always going to be at risk of a potentially harmful cyber incident by an outside hacker. It’s important that IT teams consider the incidents that students and staff are causing inside the cloud, whether maliciously or accidentally.