By Peter Martini, COO, iboss Network Security
Bring Your Own Device (BYOD) is one of the fastest moving technology trends in the education industry. BYOD can increase student and teacher collaboration, extend learning beyond the traditional classroom walls and cut costs for many school districts. But despite its benefits, BYOD also presents challenges. One of the biggest roadblocks to adoption in the education sector is security.
To capitalize on the potential benefits of BYOD, districts must first address several security concerns and pain points. Ensuring technology is in place to tackle security challenges is essential to ensuring control over mobile access, preventing network vulnerabilities and safeguarding students.
Security challenges and solutions
Challenge 1: Establishing consistent access on BYOD devices for students and teachers
Solution: Identity-based access management for educational networks. There are technologies today that allow school districts to establish Web content policies and then adjust access according to a user’s identity. This directly solves the challenge of controlling information access. Districts’ IT staff can define users by role (faculty, staff, student or guest), and / or by granular characteristics like grade levels or location. In this manner, districts can enhance the user experience for students and teachers adopting mobile devices in the classroom, while ensuring security through identity-based policies for web and network access.
Schools can also use technology to control access to specific online social media sites, including Facebook, YouTube and Twitter. While these types of websites can hinder student productivity, students do need to access them on occasion for research projects and other activities. A school’s IT administrator can allow access to certain Facebook group pages, or enable students to view embedded YouTube videos on approved website, for example, to create a more flexible learning environment.
Challenge 2: Ensuring bandwidth to mission critical services are not interrupted by BYOD users
Solution: A recent CoSN survey revealed 99% of school districts identify a need for additional bandwidth and connectivity to support the explosion of devices on the network. Given most users carry more than one Internet connected device (i.e. smart phone and tablet), bandwidth consumption can easily quadruple overnight with a BYOD rollout.
Combine this with the fact that more critical services are moving to the cloud such as online testing, attendance and payroll, managing bandwidth is a real concern. Implementing bandwidth management and QoS (Quality of Service) technologies allow IT administrators to dynamically throttle recreational traffic while increasing mission critical access during times of peak consumption.
Solution: Cyber threats are more sophisticated than ever before. Mobile devices are particularly high-risk as they can be compromised when brought outside a school’s network. Once that happens, devices can then infect systems and applications when they’re brought back in. Many cyber attackers recognize it is easier to compromise a user and go through the ‘front door’ (i.e. a user’s mobile device) to steal data, than it is to try to breach these services from a data center.
Allowing a mobile device onto the network that is infected with malware or botnets could lead to a critical loss of data and / or significant network corruption. School districts can mitigate these risks by deploying technologies such as behavioral DLP and IPS systems, which focus on securing against advanced persistent malware as well as known and unknown threats.
Challenge 4: Blocking access to restricted applications
Solution: Mobile devices introduce new complications including an ever growing list of Applications such as SnapChat, Facebook and other non-sanctioned application access not only impacts student productivity and slows network speeds, it can expose a district’s network up to outside threats. However, sometimes students or teachers download applications to improve processes. Such applications include file sharing services or video conferencing tools.
For this reason, rather than restricting activity and access to applications, schools should seek to enable productivity by ‘pushing’ approved applications to devices. For example, if a network detects a user accessing Box, but Dropbox is the approved app, a district can adopt technology that will send an email routing the user to the campus Dropbox account.
Location-based BYOD technologies on the market are being introduced that provide the ability to set web access policies not only by a users role (i.e. teacher versus student), but also the user’s physical location on the network. For example, the district’s IT department can restrict a student from accessing Facebook or YouTube while in the classroom, but can allow that access in the cafeteria.
Location-based BYOD web policies allow schools to adapt more flexible policies while retaining focus in the classroom. As more school districts across the country develop BYOD programs, security must be a key pillar in the planning and implementation process. The volume and variety of mobile devices brought onto the school network will only continue to increase. Security is critical to ensure the safe and effective benefits of BYOD.
Image attribution flickr user flickeringbrad and michiganmunicipality; 4 Challenges That Can Cripple Your School’s BYOD Program