Now, IT teams are updating their cybersecurity strategies to protect students and staff who are accessing cloud technology and data, both inside and outside the district network.
Their security landscape has changed as unsecure networks and personal devices are accessing district cloud environments and sensitive school data from home. At the same time, online activity is increasing significantly—with little visibility or control over it for IT admins.
Historically, K-12 cybersecurity teams focused primarily on on-premises security, such as firewalls, content filters, and MTAs. They must finally evolve their cybersecurity strategies to keep up with the shifting landscape.
Address Emerging Cybersecurity Threats
As of September 1, The K-12 Cybersecurity Resource Center reported 202 publicly disclosed K-12 cyber incidents in 2020, and 56 incidents in just the last month as schools return for the 2020-21 academic year. School districts are experiencing an increase in incidents such as the growing trends of Zoom- and Meet-bombing, downloads of malicious third-party apps, social media defacement, online safety incidents, and more.
Hackers see an opportunity to target schools making the migration to the cloud and increasing their use of cloud applications. After keeping school devices at home, students and staff are unknowingly bringing malware back into the district environment—and hackers are using the cloud to do so. In fact, Microsoft’s Global Threat Activity tracker has already reported over 4.9 million malware encounters across the education industry in the last 30 days, with more school districts slated to begin classes in September.
Traditional phishing and malware threats that live in school networks and on endpoint devices aren’t going away. However, districts do have more cloud applications installed than ever before to support remote and hybrid learning, which live outside of the district’s typical security perimeter. It’s these applications that are unfamiliar to district IT teams and administrators, and districts are facing more threats as a result.
Secure New Applications That Support Hybrid Learning
Cloud applications such as Google Meet, Chat, Classroom, Zoom, and Microsoft Teams are among the popular apps districts brought into their tech stack. Since the start of the new school year, unauthorized access incidents are already being reported. These incidents include both external access and internal access by a student not registered for the class, for example.
Hybrid learning is making IT teams more aware of the newer risks that come with cloud computing. The days of only monitoring for phishing, malware, spam, and viruses on school networks are long gone. IT staff must also monitor where logins come from, unusual student and staff behavior that may indicate a compromised account, what third-party applications are being authorized access to an account, what permissions these apps are granted, and much more.
Having the tools in place to monitor and protect these cloud applications is critical to keeping school districts protected during these times of hybrid learning. Cybersecurity risks such as phishing and malware will still exist. If not properly managed, cloud applications open more security gaps that puts student safety and data at risk. IT teams must work to close these gaps.
Monitor for Online Safety in the Cloud
Most—if not all—online activity is taking place within a district’s cloud environment via SaaS applications and it’s not just cybersecurity that needs monitoring. District administrators are recognizing the need to monitor student behavior for cyber safety signals, including cyberbullying, self-harm, abuse at home, and more. However, hybrid learning makes detecting and mitigating safety issues difficult for IT teams.
For example, students are using collaboration apps—such as Google Docs and Google Chat—to talk to each other and share content when apart. This activity goes mostly undetected if districts haven’t evolved their cybersecurity strategy to incorporate a cyber safety component. There may not be a risk to the district’s cyber infrastructure, but there could be a risk to student and staff safety.
Further, there could be sensitive personal data—social security numbers, credit card numbers, home addresses, etc.—that should not be floating around in applications without the knowledge of district administrators. Only by monitoring the activity, and what students and staff are doing within them, will IT teams be able to detect and intervene when an issue arises.
The new cybersecurity, student safety, and data privacy risks school districts are facing this year didn’t just show up—they’ve been there all along. Districts were transitioning to the cloud long before COVID-19 forced them to make the migration faster than anticipated. It’s up to everyone to keep cybersecurity, student safety, and data privacy top-of-mind through this shift. K-12 districts are more vulnerable now than ever before and IT teams must adapt to keep up.