Tag: education IT

3 Strategies for Holistic Cybersecurity

Austin Anderson

By Austin Anderson, a certified network engineer and IT professional, who travels around Wisconsin helping school districts secure and optimize their networks.  

Schools are prime targets for cybercriminals not because their data is pricelessly valuable, but because criminals know school IT teams are chronically overworked, understaffed, and working within a tight budget.

While it’s important to invest in purposefully built and trustworthy software solutions, that’s just the beginning. Invest in your school’s cyberculture instead of isolating data security practices to IT teams alone, and soon keeping data safe becomes everyone’s job. A holistic approach to cybersecurity might be one of the strongest school CTOs and their teams can employ.

What does holistic cybersecurity look like?

Network security can conjure up images of a firewall that keeps bad guys out and only lets certain things in. It might be antivirus software installed, a network security plan, or some other high-level strategy. All these solutions are crucial, but there’s still more work to be done.

Just like you or I listen to the expert advice of doctors, we also partake in everyday practices to keep ourselves healthy. It’s the same concept with cybersecurity. A holistic approach invites everyone to learn more to scrutinize their own cyberspace habits. Training programs like KnowBe4 help users shift their mindset from passive trust of software to a proactive use of services including applications, social media, and other systems. The information employees share on personal social media is regularly mined by bad actors to gather intelligence they can use to infiltrate networks. Holistic cybersecurity strategies teach folks how to protect both personal and professional networks. Anyone can learn how to be more mindful in online spaces, and every little bit of practice helps secure district networks.

Though we tend to imagine computer networks as cloud formations, they also need very practical care. Physical security for data centers, hardware, and network devices all help keep systems out of harm’s way. Ensure doors lock and that data centers aren’t doing double-duty storing liquids or other items that might pose a physical threat.

Above all, this holistic approach (physical, software, and human firewall working together) is designed to work proactively to protect private data and minimize downtime. There’s no better time to improve than when you’re already feeling confident.

Get your leaders on board

Leading by example pays dividends for many reasons. It will help to roll out security changes to administrators, business managers, and leaders first. These folks have the largest share of responsibility in systems, and they’re most likely to be targeted in a phishing or other type of cyberattack. They should be the first people to be secured and the first to understand the stakes—that way, their training can trickle down to their peers, teams, and students. Understanding the “why” behind increased security measures is a worthwhile investment. That way, rather than advocating for IT to “ease up,” leaders can emphasize the importance of constant vigilance, even when users complain about using multi-factor authentication or other extra-secure steps.

Time spent recovering from an attack takes exponentially longer than strengthening your defense. A recent U.S. Government Accountability Office study found that learning time lost post-attack ranged from three days to three weeks (!) while total recovery time took up to nine months.

Continue Reading

The Greatest Challenges and Most Difficult Obstacles Facing Schools Regarding IT Services

Rich Benbow

Response from Rich Benbow, vice president, Western Governer’s University.

Some traditional colleges have a resistance to change and haven’t adapted as well as they probably could to digitize their programs. WGU is a digitally native university, so when the pandemic hit, it was easy for us to scale to meet the massive influx of new students who wanted to learn new skills and qualifications during the lockdown.

But not every traditional brick-and-mortar institution was able to adapt as quickly. I feel we have always been very innovative in being able to adopt new technologies, but other institutions don’t have the same infrastructure. Their governance can often prevent them from adopting new technologies and ways of teaching as quickly as possible. 

Whenever you digitize information, there is always a cybersecurity risk, but as a company, we always aspired to be at the forefront of technology and innovation. We have many dedicated departments who are committed to using top-tier technology to ensure students’ information is safe and secure. 

Students today use various devices to attend online classes – smartphones, tablets, desktops, etc. This means that we constantly have to adapt and ensure that our technology is compatible with the myriad of new devices continually being made. 

A New, Strategic Role For Institutional IT: Delivering Student-Centricity

Amrit Ahluwalia

By Amrit Ahluwalia, director of strategic insights, Modern Campus.

Historically, education IT professionals have supported their respective colleges and universities from the behind the scenes. They’ve provided and maintained the critical infrastructure that allowed their institutions to serve learners, largely in the shadows, maintaining everything from server racks to campus Wi-Fi, to the printers in the library.

Of course, leading technology is no longer a “nice-to-have” for any business, and higher education is no different. Arguably, the technological infrastructure is as critical to helping set learners’ expectations of the institution as programming itself.

So, for the modern education IT professional, the most important topic they should be focused on is the student experience—both inside and outside the classroom.

By modernizing the digital experience being used to engage learners, IT professionals can help their respective institutions make massive strides to becoming environments better suited to the expectations of the modern learner, no matter their age.

Everyone today is first and foremost a digital consumer; they use Netflix, Amazon and Uber on a daily basis. Modern colleges and universities need to ensure students are able to access critical institutional information, resources and administrative tools when and where they want.

This means creating a secure environment that allows students to log into a portal to access receipts, request (and pay for!) transcripts and perform other bureaucratic and administrative tasks that are usually performed by front-line staff. It also means creating environments that automate adaptive communications, ensuring that learners are receiving relevant messaging from the institution through their preferred channels at the right time.

What’s more, IT has a role to play in supporting the delivery of high-quality academic experiences. That’s not to say the CIO will be teaching classes, of course. But it does mean creating an infrastructure that allows program catalogs—which are generally PDFs uploaded to the website—to be digitized and updated from a single location. It also means creating workflow structures that allow program approval processes to be automated and simplified, so that everyone from the program chair to the accreditation body is in the loop when something changes.

Continue Reading

Education IT Was Booted To The Outfield

Response from Spencer Dunford, general manager, SmartDeploy.

While K-12 and higher education have been affected differently, they’ve both seen significant impact in their daily tasks and overall IT strategy due to changes in workplace and IT workload. IT for education was generally well-defined and entailed tasks that could often be scheduled weeks, if not months in advance.

Just as most every school year followed a predictable start, end, and vacation days between, so too did IT projects within that environment. In many cases even the emergency project was limited in scope in this “old” model of IT in education. IT could plan on summer lab refreshes, on-premise devices, and projects planned out with weeks or months to prepare, for example. COVID-19 changed this.

IT had to make an immediate shift to support remote learning for students, training for teachers, and in many cases, coaching up parents too. Many of the initial changes were quick reactions to the changed requirements. Now a new year has begun with these new rules.

All the while, budgets have not changed. IT teams are being stretched and challenged. This has created incredible opportunities to adopt new technologies at a speed that would have been unthinkable in the past. But it also has pushed generalists into new specialties, and even the rare EDU IT specialist into unfamiliar realms of new technology.

Continue Reading

IT Will Play A Crucial Role In Creating and Sustaining A Successful Educational Experience In 2020

CSM certification guide: Certified ScrumMaster exam ...

By Valerie Cimarossa, vice president of marketing and technology, University of Advancing Technology.

In what will likely be the most unpredictable and complicated school years on record, only one thing seems certain — with technology being such an integrated element of education (now more than ever) university, school and district IT departments will be expected to support their administration’s decisions. School technology staff will play a more crucial role than ever in creating and sustaining a successful educational experience for students.

First, the most important thing is to prepare for the students who aren’t comfortable coming back, and to be ready for a permanent shift in expectations. Humans, though they hate change, are adaptable. We’ve now acclimated to having virtual what we used to have solely in-person, and though many will want to come back, it would be detrimental to disregard the population that has established the expectation that they don’t need to leave home to learn.

Unfortunately, giving students the option to choose how they want to attend inherently means not giving teachers and school support staff the same choice. Of course, while we wish health and success to everyone, the likelihood that plans put in place in August and September will change before the end of 2020 is very high, and being prepared (mentally, at the very least) to deal with that, is the key to keeping morale at a remotely tolerable level.

For those who have staff at home there are a handful of other things to consider and have plans for. Foremost, security. A recent flood of ransomware attacks targeted specifically at schools have cost districts and universities tens of thousands of dollars or forced multi-day closures.

These attacks have only increased in frequency since the workforce has distributed onto less-secure home networks. One of the easiest ways to protect your institution’s private data is to ensure all staff members who are working at home are regularly performing their system updates and have some kind of malware protector installed.

If you own the devices your employees are using at home, you can administer the malware protection yourself for an added element of control over the situation. If you don’t, there are plenty of free options available for download. If your employees are downloading and administering their own updates and malware protection, it’s a good idea to update your technology usage policy to include the details what kind of update and scan schedule you’d like them to maintain.

Continue Reading

Lessons Learned By Providing Virtual Learning

By David Brasch, director of IT, Compass Charter Schools.

David Brasch

I am learning many lessons along the way for delivering the best virtual learning experience during this pandemic. The most critical being communication; when information is flowing in many different directions and decisions are made very quickly, communication must be clear across all stakeholders. This way, staff can set expectations and create stronger teams within Compass Charter Schools, resulting in improved morale during achallenging time.

Many families have technology at home that allows their scholars to learn virtually, but there are a number that do not. It is apparent across the information technology industry that many families do not have all that they need, fortunately, we were able to provide to our scholars and families, but many schools are not. There still are shortages of many different devices for virtual learning.

Another lesson that we learned is the importance of being able to provide essential networking and trouble shooting for parents and scholars at home. Many schools and learning centers have high-end networks and devices that are programmed to work efficiently. In a residential environment, these networks vary and may require special support to operate in a virtual learning environment.

These unprecedented times force companies to evaluate the way they serve their customers and redesign what that experience looks like to meet the demands that flood the market. Internet service providers are on the front lines and face an influx of requests for services.

This evaluation and redesign create many challenges because of the need for more technicians than are available to enter the home for installation and basic setup. This was a learning experience for everyone as we were able to see how dependent we are on technology.

I also want to share some best practice tips for an excellent virtual learning experience. Create and follow a schedule that will help achieve more productivity throughout the day and create a separation between personal time and learning time.

Have a designated clutter-free workspace that will keep distractions to a minimum and help stay focused on learning. Most importantly, this is an unparalleled situation that we are all dealing with, be adaptable, and flexible along the way.

Why K-12 Learning Needs More Connection

By Bridget Duff, director of vertical sales solutions, education, Cox Communications

Bridget Duff

Although numerous factors contribute to student success, many of today’s digital learning activities that drive great achievement begin with consistent broadband access. And while most of the nation’s schools have internet access, a recent report by the State Educational Technology Directors Association (SETDA), indicates that the quality and type of connectivity varies significantly – resulting in digital divides across the country.

When upgrading their IT architecture, school districts will sometimes fail to ensure their network has the capacity to support a growing number of devices and technologies coming into their classrooms, which area necessity for 21st-century learning. But luckily, there are a few ways that education IT leaders can plan to ensure their infrastructures can support school technology for years to come. Here’s how:

Wi-Fi connectivity needed for growing number of devices

Today’s K-12 students will enter a workforce that demands tech savviness, problem solving and critical thinking, among other skills. To be prepared, students must have the tools, in school and at home, to thrive in an increasingly digital community. Therefore, addressing sufficient broadband and ensuring digital equity aren’t simply wants – they’re needs.

When thinking about technology in schools, what comes to mind? Augmented, virtual or blended reality, the Internet of Things (IoT) and artificial intelligence? What about high-tech whiteboards, smart pods and one-to-one laptops or tablets?

To embrace these innovative learning environments and advanced methodologies, and others like them, schools need adequate intranet infrastructure. Without it, teachers who want to employ innovative, technology-enabled pedagogical methods are forced to abandon their lesson plans. As 87%of the country’s teachers use digital learning in their classroom, those left without the proper digital foundation can feel left in the dust.

Continue Reading

“Education-as-a-Service” is Suddenly Here… and There’s No Turning Back

By Matt Yeh, Senior Director of Product Marketing, Delphix

Matt Yeh

Nearly ten years ago, Marc Andreesen, one of the world’s most influential investors, famously proclaimed that “software is eating the world.” At the time, no one understood the magnitude of what that meant. But today, the world’s most powerful and prosperous companies are software companies that have brought a tidal wave of digital innovation and disruption to almost every industry from retail and banking to manufacturing and insurance.

And the next frontier for software? Education.

In the midst of the COVID-19 global pandemic and mandated “social distancing” measures, the demand for digital services and software has skyrocketed. Schools across the country have begun planning for what just weeks ago was an unthinkable scenario: a fall semester without students on campus.

As educators prepare for what could be a dramatically different start to the upcoming school year, students and teachers alike need much more than “Zoom University” (which is going through its own coronavirus growing pains) in providing high-quality online learning experiences.

From K-12 to community colleges and public and private universities, the education industry needs to adopt a new playbook for the digital world. For example, the automotive industry is undergoing a tremendous shift towards digitally-enabled car-sharing, ride-hailing and autonomous vehicles.

In order to transform their road to success, organizations in this industry have had to transform how they leverage data and software to meet new business models.

Continue Reading

Protecting Employees, Students and School District Resources From Cyber Attackers

Lucy Security works with many K-12 districts across the country to help build cybersecurity awareness and protect against phishing attacks (most ransomware attacks start with a simple phishing email.)

Colin Bastable
Colin Bastable

Below are some comments from Colin Bastable, Lucy CEO, about the types of trends and issues he sees and what K-12 IT departments can do to protect their employees, pupils and district resources from clever cyber attackers.

According to Colin Bastable, CEO of security awareness training firm Lucy Security:

Education: an easy target for cyber attackers 

K-12 school districts range from fewer than 100 employees to several thousand. Some have tiny budgets, and some have more significant resources, but they all struggle with vulnerability to cybersecurity attacks. Just this week, CNN reported that a Texas school district lost $2.3 million to an email phishing scam. Unfortunately, this news is just the latest in an ever-increasing trend of cyberattacks targeting K-12 schools.

According to the K-12 Cybersecurity Resource Center, more than 752 cyber incidents at K-12 schools have been reported since January 2016, resulting in loss of productivity as well as much-needed funds.

Common K-12 cyber scams

One common scam is the Gift Card Scam, where an email purporting to be from the school principal or a head of department asks an administrator or assistant if they can buy some $100 gift cards. Often, this might be during a break, such as Thanksgiving, when the school staff are unlikely to meet.

Once the admin has the cards, they email a reply (to the fake email address) saying “I have them” and the thief asks them to scratch off the security number and send pictures of the cards, “because I need to get the gift to the students today.”

Another common attack is to send a change of bank deposit details to the school payroll staff.

These are quite simple attacks, yet extraordinarily successful. More sophisticated attacks involve BEC (Business Email Compromise) attacks, like the gift card scam, but involving hundreds, thousands and millions of dollars in losses, where the imposter asks for urgent payments to be authorized.

Ransomware attacks are also prevalent in K-12 and local governments, causing multi-million-dollar losses and billions of losses worldwide. 

Continue Reading

A Look Back At Education IT’s Decade That Was

Response from Samir Tout, professor of information assurance, School of Information Security and Applied Computing, Eastern Michigan University.

Samir Tout

In the last decade, we have witnessed a shift in the IT landscape with the rise of cloud computing, mobile devices and the Internet of Things (IoT). As a result, a new era has begun—one that brings along promising infrastructural enhancements, albeit with new challenges to the modern enterprises, including educational institutions. This necessitates that IT leaders at schools and universities perform a thorough analysis of how this will impact their systems, networks, and most importantly their data.

Educational institutions produce a massive amount of data about their students and staff. Such data constitutes a luring treasure trove for hackers who may launch advanced attacks against various layers of the school/university systems. IT leaders at these institutions must pay attention to key measures that are still common even to a great degree to the modern IT landscape.

If established, these measures would mitigate or possibly eliminate the risks of potential intrusions. They include: system hardening, secure perimeter architecture, anti-malware and endpoint defenses, strong encryption, establishing and adopting security policies, and applying information security principles such as least privilege, separation of duties, and role-based access control.

Furthermore, one of the most forgotten yet important measures is security awareness training and professional development for the staff that maintain the institution’s infrastructure. This has become even more vital with the advent of the modern IT landscape mentioned above, as staff members must stay up-to-date or otherwise risk being ill-equipped to properly maintain the infrastructure and its hosted data.

IT leaders must set strategic goals that embrace the above measures as part of the fabric of the institution. This means, among other things, that they include them in their strategic plan, allocate proper budgets for them, and support them with resources and, when necessary, expedited approvals.