With the rise of online curriculums and virtual learning in both K-12 and higher ed institutions, there has been a notable increase in technology dependance. This dependency on digital tools has not only exposed children to challenges related to cyberbullying, plagiarism and online safety, but it has also made school districts incredibly vulnerable to increased cyberattacks.
Risk abounds year-round and according to hackers, student data is among the most valuable information in their sphere. They are aware that students are using personal and financial data for the first time, and find it easy to exploit their lack of awareness in safeguarding their digital identities.
Countering such attacks with the proper resources and tools can be especially difficult if there is little to no room in the IT budget for enhanced cybersecurity efforts. According to a recent report released by the Center for Internet Security, approximately one in five K-12 organizations dedicate less than 1% of their budget to cybersecurity.
While technology continues to create endless opportunities for learning, the seemingly alarming lack of cyber defenses compounds the allurement to sophisticated cybercriminals. As a result, the ever-growing data security challenge requires an effective approach to cybersecurity that first involves the development of responsible, appropriate and empowered use of technology through enhanced digital literacy.
Digital literacy starts with enhancing effective cyber skills through online awareness, (password safety, digital identity, phishing) and empowering students to protect their safety and privacy as much as possible. ISTE, the International Society for Technology in Education, defines digital literacy as including “the knowledge of and the ability to use digital technologies to locate, evaluate, synthesize, create, and communicate information. Being digitally literate includes having an understanding of the human and technological complexities of a digital media landscape. A student-friendly definition of digital literacy is using technology to explore, connect, create, and learn.”
In K-12 school districts, one of the most challenging technology conflicts is between productivity and security. Students and staff want quick, reliable access to online resources. They’d rather not be logged off the system every 20 minutes or have to call the IT department to reset passwords. During class especially, teachers don’t want to sacrifice instructional time to troubleshoot login issues.
However, school districts have suffered 1,180 publicly disclosed cybersecurity incidents since 2016 according to the K-12 Cybersecurity Resource Center. These have included denial of service attacks that interrupt learning, data leaks that result in identity theft, and ransomware attacks with extortion demands reaching seven figures. When my employer surveyed 100 K-12 technology leaders earlier in 2021, 92% said they had suffered a cyberattack.
To successfully balance productivity and security, K-12 districts need a strategy for access management: the practice of serving valid users while denying access to invalid users. These five pillars of access management work together to help your district achieve that balance.
Identity Management: instant access to digital resources
In many districts, IT departments manually provision accounts, meaning someone assigns digital resources, one user and one service at a time. The process is therefore time-consuming and prone to mistakes. Because deprovisioning is also manual, forgotten “ghost” accounts can become vulnerabilities. Instead, districts should use identity management for automatic account provisioning. Essentially, once a student or staff member is enrolled to a district, the identity management solution automatically provisions their account based on predetermined rules. This immediate, “zero-day access” is productive and secure. And if a student were to move or if a staff member were to quit, the identity management solution can automatically deprovision the account.
Digital Stewardship: cybersecurity awareness and fundamental skills
Students and staff who learn to be good stewards of their credentials can help protect their learning environment. That starts with passwords. An analysis of 15,212,645,925 publicly leaked passwords found that “123456” is the most popular one. K-12 users must learn how to create strong (i.e., complicated) passwords that aren’t reused on other sites. Ideally, they will use one such password to access all their resources (more on that in the next section). The second most important stewardship skill is how to recognize phishing attacks and vet links for telltale signs, like an unfamiliar domain. “Stay Safe from Phishing and Scams,” part of Google’s Digital Citizenship Course, is a great three-minute primer. Good stewardship, though important, can always use backup.
The new offering provides school districts with a comprehensive identity management platform, allowing them to automatically provision core identity systems like Active Directory with the same level of automation and fidelity that they have come to expect from Clever and at a significantly lower cost than alternatives on the market today.
“More than ever, district leaders are counting on education technology to work smoothly, all day, every day. Sixty-five percent of districts nationwide have adopted Clever to make learning applications work seamlessly, and increasingly they have asked if we could bring that same power and ease to managing their core identity systems like Active Directory, Microsoft 365, and Google,” said Tyler Bosmeny, chief executive officer of Clever. “Now we can help districts connect both IT and curriculum systems quickly, securely, and at a fraction of the cost of alternatives with Clever IDM Enterprise.”
Clever IDM Enterprise delivers the following benefits:
Automation of repetitive manual processes: This new solution eliminates the delays and errors in account creation that are inevitable with manual processes, giving students faster access to the resources they need and reducing demands on overtaxed IT departments.
Data security and privacy: Clever IDM Enterprise helps districts protect student data and mitigate the risk of a data breach by automatically enforcing security policies across each application, protecting sensitive data, and closing security gaps from old user credentials and access rights.
Set up takes days – not months: The implementation of technology systems can be time-consuming and costly. For school districts who are rostered with Clever, onboarding Clever IDM Enterprise is quick and easy.
Fraction of the cost of other identity management solutions in the market: Because the Clever digital learning platform (including single sign-on, rostering, messaging, and analytics) is always free for districts, they have the option to add Clever IDM Enterprise in order to cover all of their identity management needs for a much lower price than that of other solutions.
“Clever and Identity Automation provide critical services for us, and this partnership is a gamechanger. A joint offering from these two market leaders can only provide immense benefit for all schools,” said Dustin Hardin, chief technology officer, Humble Independent School District in Humble, Texas.
“We have found a like-minded mission-driven partner in Clever,” said Jim Harold, chief executive officer of Identity Automation. “We look forward to helping more districts make technology work for them, not against—enabling them to focus their time and attention on what matters most: students.
Clever IDM Enterprise will be available for implementation in June. To learn more about the product, please visit www.cleveridmenterprise.com.