Layered Software and User Education Boost Cloud Security in K–12
K-12 school districts are discovering more and more perks to migrating tools and infrastructure to the cloud. A huge number of school leaders say that their districts are using some sort of cloud-based software to drive efficiency. Cloud tools are freeing up IT staff, teachers and administrators at these schools, allowing them to turn their attention to higher-level issues.
However, with efficiencies come security concerns. A CDW survey found that 46 percent of K–12 IT leaders cited security concerns as a barrier to using the cloud. Another 38 percent named student data privacy concerns as a hindrance.
Here are some ways that IT leaders can ensure that the cloud is locked down so users can take advantage of the benefits.
SIGN UP: Get more news from the EdTech newsletter in your inbox every two weeks!
Layer Security to Keep Data Safe
Securing a cloud environment requires a layered, holistic approach to ensure success, an Intel white paper reports. When picking a security solution, Intel suggests that schools look for a tool or tools that protect data from attack, detect breaches and correct any damage that follows from an attack.
In addition to these tools, successful security will also address some aspects of client security, to keep user devices from causing issues. For example, in 2015, thousands of records were breached when an education billing service employee left a laptop in a locked car. Intel reports that while the laptop was password protected, the data was not encrypted.
Intel suggests that schools look beyond traditional authentication when putting data into the cloud. In addition to encrypting sensitive data, the white paper recommends that schools employ gateway appliances that manage identities at the network’s edge to ensure only authorized users can get on the private or public cloud. Additional identity protection and anti-virus solutions can also protect user devices.
Intel recommends layering security tools to create a security net that links:
-
Users (teachers, students, parents and administrators)
-
Applications (student information systems, adaptive learning resources, cloud applications)
-
Infrastructure (servers, storage)
Follow Data Protection Best Practices
While security technologies can go a long way to protect the cloud, user behaviors can still put schools at risk of a data breach.
K–12 stakeholders told EdTech that failing to keep users informed of the possible risks of using cloud applications was a potential reason for them to doubt the success of the cloud.
As more cloud tools arise to boost educational outcomes and efficiency, so does the risk of teachers signing up for something they don’t fully understand.
“It’s these cloud-based applications that teachers are signing up for on their own without understanding what the data sharing agreements are with these cloud providers,” says Lenny Schad, the chief technology information officer at Houston Independent School District in the EdTech article.
To prevent this, Schad recommends that schools implement a mandatory data privacy awareness program for teachers, students and staff.
Intel agrees that “human behavior often contributes to data breaches” and suggests a two-pronged approach of security software and best practices.
“Basic policies, such as requiring virus protection and anti-malware on all mobile systems and ensuring only teachers, students and parents or legal guardians can see certain data, can play a key role in protecting your cloud environment as well as any other infrastructure,” the Intel white paper reads.