With appropriate IAM controls in place, schools can limit who has access to what information. Unfortunately, with high turnover rates in many K–12 districts, it can be hard for understaffed IT teams to manage access for new and departing employees. And with so many substitute teachers coming and going, it can be difficult to determine who should have access to what, and for how long.
Automated systems and processes can help IT teams manage IAM. Tools like those from Tanium, for instance, help schools with next-generation endpoint security. This ensures the right users have access to the right information. A cafeteria worker, therefore, isn’t accessing student information systems and is instead concentrating on students’ account balances for lunches.
However, even with these protections in place, it’s still imperative to train staff on the importance of cybersecurity and how it works. This can help prevent ransomware attacks. Additionally, teaching students about the risks of a cyberattack can keep them from trying to hack into the school’s network. This can happen for myriad reasons, including a desire to change grades or wreak havoc on the day of a big test.
Staying on top of cybersecurity isn’t an easy task, but it helps protect student and staff data from malicious actors.
Technologies and Training Help Manage Access to Schools
As with cybersecurity, there are many tools and solutions districts can put in place to improve physical security — and many challenges preventing them from adopting these technologies.
Some of the best protections for schools are access control systems, which control who can access a building and how they gain entry. Many new K–12 buildings are built with access control in mind; they have double vestibule doors that keep unwanted visitors out. Even older buildings and back doors can be outfitted with keycards and scanners that only authorized staff can use to access the building. Slowing someone down can save lives in a worst-case scenario.
However, all of these protections can be useless without proper training and vigilance.
Administrators must communicate to their secretarial staff who should be let into the building. Teachers must take their badges if they go outside with students rather than propping doors open. And teachers should never hand over their badges to coworkers or students.
These basic security protocols can be difficult to follow when you consider that schools open at 5 or 6 a.m. and can remain open past 11 p.m. with various clubs, activities, sports and events that take place within school walls. Beyond that, there are many people coming and going in a school at any given time. There are delivery drivers, parents, teams, coaches, community members and more who may need access. It takes a disciplined approach to keep complacency at bay.
It may be hard for parents to accept that they can’t just walk into a school building for band practice or to drop off a forgotten lunch. But it’s important to remember that these restrictions are put in place for school safety, and everyone wants students to learn in a secure environment.
This article is part of the “ConnectIT: Bridging the Gap Between Education and Technology” series.