Nov 20 2013

Schools Take Comprehensive Approach to Mobility

Wireless security platforms reduce administrative costs and boost scalability for districts.

For the Indian River School District in Selbyville, Del., mobile management was part of a comprehensive project to more effectively administer endpoints.

Patches Hill, technology systems manager, says the district wanted to go to a single pane of glass to manage its software inventory, remote desktops, mobile devices, service desk, security incidents and patches.

The district opted for Symantec Endpoint Management, which includes the Altiris Client Management Suite, Symantec ServiceDesk and Symantec Mobile Management Suite. Hill and his IT staff like the way all these systems integrate well with one another, as opposed to having separate systems for each one of those functions. “You can spend a lot of time just getting different vendor products to work; we have none of that,” Hill says. “Now we have one solution for all our assets, and on the mobile side, we have one that supports just about any device.”

Hill says the results have been dramatic. Indian River School District now supports roughly 6,000 endpoints, including 1,500 tablets in a district that spans 360 square miles. “We’re on track to handle more than 5,000 support tickets in our first year running the system, which is double what we were able to handle in the past,” Hill says.

What’s more, the infrastructure is in place to support future tablet deployments and bring-your-own-device initiatives or one-to-one computing. “The point is that the students and teachers are driving the educational decisions, not the IT department,” Hill explains.

Having tablets available also helps administrators, many of whom use tablets to conduct periodic reviews of teachers in the classroom. In the past, administrators took handwritten notes and typed them into the district’s cloud-based system. Now, they can type the notes while observing.

Phil Hochmuth, security products program manager for IDC, says Indian River’s approach patterns some of IDC’s research on mobile security. “We found that the vast majority of organizations try to find extensions to traditional security products,” he says. “Sometimes it’s a matter of going with the security tools you have in the wireless LANs, firewalls or VPN, while in other cases organizations don’t want to train their limited IT staffs on multiple technologies.”

Mobility in the Cloud

Chris Gasaway, director of technology and information services for Rockwall Independent School District in Rockwall, Texas, deployed Cisco Meraki’s wireless network to enable mobility for the district’s 14,500 users.

36.5% The percentage of IT managers who say they have experienced a breach or data loss in which a mobile device was a factor

SOURCE: “U.S. Mobile Security Survey, 2013” (IDC, April 2013)

The IT staff installed 820 Meraki wireless systems across 13 elementary schools, three middle schools and two high schools. The Meraki management console lets Gasaway separate the network into two service set identifiers (SSIDs), one for district-owned devices, the other for BYOD devices. The BYOD devices run through a tunnel that takes users directly to the Internet.

“Once the BYOD users are on the Internet, they can go through Citrix XenDesktop. The Citrix software gives them applications just as if they were sitting at their desktop PC,” Gasaway says. “Students and faculty can use all the latest software, either at home or on campus.”

Another advantage: “By running traffic through the BYOD tunnel, it doesn’t touch the network, so if the application gets infected, it can’t spread to the district’s main network,” Gasaway adds.

3 Tips for Mobile Security

Phil Hochmuth, security products program manager for IDC, offers IT managers these mobile security tips:

  1. Use what you’ve got. Think about the mobile extensions to existing products or the mobile option to traditional products, such as those from McAfee, Symantec and Trend Micro.
  2. Prioritize different types of users for BYOD. Assess the bring-your-own-device requirements for certain kinds of tasks. For example, in a business, it makes sense for knowledge workers and sales staff to have BYOD privileges. In a school or college, most teachers and professors would require BYOD.
  3. Focus on the data. Ultimately, it’s the data that IT managers are concerned about. Take a data-centric approach to mobile security by, for example, installing data loss prevention tools.