Best Practices for Securing Your Online Classrooms
School looks vastly different today. For many students, it requires using a school-issued device to continue learning from home. It also involves logging in to digital platforms to attend live classes, view and submit assignments and connect with peers.
This new learning environment is certainly necessary during the pandemic. But as school leaders start to think about long-term plans for online learning, it's even more imperative to prepare for the inevitable: increasing cyberattacks.
Bad actors continue to interrupt video calls and invade today's online classrooms, meaning schools and districts can't let their guard down. There are districts that recently experienced ransomware attacks, pushing some to delay the start of school. But there are also internal threats for which IT teams need to remain vigilant.
Without the proper security protocols in place, it's easy to overlook a student or school employee posting confidential information online, sharing invite links to classroom meetings on public web pages or using school-issued Google accounts to download unapproved browser extensions and applications.
Why Schools Should Focus on Teaching Security and Protecting the Cloud
So, what can IT teams do to mitigate these types of risks and ensure secure online learning?
First, it's important to have the basics down. This includes adopting strong passwords, multifactor authentication, permission controls, content filtering and other endpoint protections.
It's also crucial for IT and school leaders to collaborate and create a culture of security in their school or district. Cybersecurity training and lessons on digital citizenship are key to that. Weaving these topics into the curriculum is an effective way to help students "make smart, safe and ethical decisions online," said a majority of K-12 teachers in a 2019 survey conducted by the nonprofit group Common Sense Education. There are plenty of free resources educators can use to engage students in conversations about internet safety, from Common Sense Education's digital citizenship curriculum to Google's "Be Internet Awesome" game.
But it's not just students who need regular cybersecurity education; teachers and other school staff need it too. Many cyberattacks are the result of human behavior, says Linnette Attai, project director for the Consortium of School Networking's privacy initiative and trusted learning environment program.
"It's often not the technology that fails. It's individuals behaving in ways that put an organization at risk by not using a complex password, or showing reluctance to using multifactor authentication," Attai says. "These are the kinds of simple behaviors that we emphasize but often aren't followed across school systems, where sometimes convenience wins over cybersecurity hygiene."
Solutions that help IT monitor, audit and control cloud security risks are also key. With today's schools increasingly reliant on Software as a Service apps such as Google Workspace (formerly G Suite) and Microsoft 365 Education, it's even more important for IT teams to have the right protections against threats such as data breaches.
For example, ManagedMethods has an API-based cloud security platform that gives system administrators visibility and control over their district's cloud apps and the data stored in them. With this platform, admins can see when data is being improperly shared and automate data loss prevention, allowing them to better protect sensitive information and maintain privacy compliance. The platform also helps admins thwart malware attacks, prevent unauthorized account takeovers and detect self-harm signals.
By building a culture of security and understanding cloud computing risks, today's schools and districts can be better prepared to deliver safe learning experiences online.