Protecting School Networks in the Age of BYOD

Copyright (c) 2012 Lindsey Fontana

Computer and Internet use in K-12 schools has evolved from a "nice to have" into a "must have" as educators, parents and school boards recognize how engaging, individualized curriculum can enrich the student learning experience and demonstrably improve standardized test scores.

However, the risks of computer and Internet use has coincided with the rise of malevolent threats that have most school IT administrators longing for the good old days of spam, viruses, and phishing attacks.

Web Security Compliance and Schools

Schools have had to comply with web security since the late 1990s, when the Children's Internet Protection Act (CIPA) imposed web use requirements on any K-12 school or library that wished to receive monies from the E-Rate program for computer and networking funding.

Schools and libraries were required to certify that they had prevention and enforcement policies and technology in place before they received E-rate funding. These acceptable use policies (AUPs) covered monitoring and restricting of online activities in order to prevent:

• Disclosure, use, and dissemination of personal information

• Exposure to harmful, inappropriate materials

• Unauthorized access (hacking) into school network resources

The computer revolution in schools has picked up speed in the last few years. According to the Pew Research Institute, only 47 percent of K-12 public schools had Internet access in 2000; today almost 97 percent do. However, until recently, most students still had to share computers and Internet access time. This situation is changing fast.

One-to-One Computing and BYOD

One-to-one computer initiatives have increased the density of K-12 school-based networked computing devices such as laptops and iPads, especially in the nation's underserved communities but it is growing side-by-side with the Bring Your Own Device (BYOD) movement. The goal of one-to-one programs is "to empower students with anytime and anywhere learning" by furnishing them with a personal computing device on a direct, continuous basis throughout the school day, and beyond.

On the other end of the spectrum, many school administrators see BYOD as inevitable, but perhaps a two-edged sword.

On one hand, their jobs just got a lot harder because they are dealing with a lethal combination of many more devices to control and the fact that these devices are leaving the protection of the school network firewall, while needing to access school resources over the Web. In addition, the tremendous growth of the Internet has coincided with the growth of sophisticated threats that take advantage of its ubiquitous use.

Protecting School and School Networks

One consequence of the wide-spread adoption of 1:1 computing and BYOD acceptance by schools is the threat to school networks. The more non-school-owned devices are connected to school networks, the more opportunity there is for damaging malware, viruses and other exploits to gain a foothold. This is why a comprehensive student and staff AUP is necessary and also the technology is in place to enforce it. It's important that schools keep in mind that CIPA requirements, while stating that schools need technology in place, are written in broad terms and don't present explicit instructions for what technology is needed. It's up to schools to assure that the technology measures they deploy are able to keep up with the onslaught of emerging Internet threats they will face now and in the future.

Another threat with which schools must contend is student attempts to circumvent network security and access dangerous or potentially damaging sites. Although you cannot keep students and staff from accessing the Web via their 3 or 4G devices outside your network, if you have usage rules that mandate they use the school network when on campus, there are security measures you can take.

The first and perhaps most important step schools should take is to establish a comprehensive acceptable usage policy (AUP) governing all users at the school including students, teachers and staff. The AUP should cover all protocols for communicating or accessing data including Web, email, IM, P2P and also include all types of devices. In this way, schools can make clear whether BYOD will be an acceptable practice on school grounds. The policies a school establishes should be communicated clearly and agreements for usage signed by all stakeholders - students, parents, teachers, staff and administration.

Once the AUP is in place, schools will still need to defend against threats that occur even when policies are being observed. Internet-based threats are becoming more sophisticated daily, with no end to the onslaught in sight. It is now necessary for schools to mitigate certain threats in order to optimize the 1:1 and BYOD experience, while protecting school networks from emerging threats.

---------------------------------------------------- Secure Content Management solutions include innovative technologies for Web and Email protection with unmatched ease-of-deployment and low TCO. Solutions include award-winning iPrism Web Security and The ePrism Email Security Suite, including filtering, continuity, encryption, DLP and archiving.

EasyPublish this article:

Free Flash TemplatesRiad In FezFree joomla templatesAgence Web MarocMusic Videos OnlineFree Website templateswww.seodesign.usFree Wordpress Themeswww.freethemes4all.comFree Blog TemplatesLast NewsFree CMS TemplatesFree CSS TemplatesSoccer Videos OnlineFree Wordpress ThemesFree CSS Templates Dreamweaver