Properly Manage the Connection by Securing It
The Beekmantown fleet of more than 40 buses equips the district’s roughly 2,100 students with Wi-Fi access using Kajeet SmartBus. Kajeet partners with Cradlepoint, which provides routers and its NetCloud platform, a cloud-based tool that allows administrators to manage remotely.
Securing the fleet, as with all security measures, requires a two-pronged approach: deploying best practices internally, and identifying and using appropriate external security measures.
After attempting an open approach, which let students connect to bus Wi-Fi on their personal devices, the Beekmantown district decided to restrict access to school-issued devices, such as the Chromebooks that are a part of the district’s one-to-one program.
“We found fairly quickly that students were using the hotspots for their own devices — downloading apps, iOS updates, all sorts of things that were burning through our data,” says Lambert. “But this isn’t for entertainment; it’s for education.” Switching to a hypersecure password helped prevent students — and hackers — from misusing the network.
Another security measure, content filtering, provides a dual benefit: By restricting access to certain sites, schools ensure that students are using the Wi-Fi for its intended purpose, while also preventing users from accessing suspect sites that could introduce security threats to the network.
Other best practices include using firewalls in conjunction with content filtering, using authentication services, and determining whether the district is better served by having the Wi-Fi operational at all times or by setting time-of-day controls that turn off the Wi-Fi when buses are not transporting students. Coachella Valley Unified School District in California, for example, parks buses in the most rural or disadvantaged areas of the district to provide internet access to students at home; other districts have opted out of always-on access for even deeper security.
Companies providing mobile Wi-Fi also provide a number of security measures to users. Cradlepoint’s NetCloud system deploys VPN tunnels that encrypts data, as well as unified threat management and Federal Information Processing Standard 140-2 support. Vendors provide school districts with a security dashboard designed to be user friendly, allowing IT administrators to spot potential security risks and understand how students are interacting with the service.
“I can see that Google Classroom and Google Docs are the top two items that the wireless bus solution is providing for our students,” Lambert says. “So when my superintendent asks how we know we’re getting a return on our investment, I can say that they’re using it for the purpose we intended. We have 42 rolling classrooms that we’re putting to better use.”