The education landscape has been elevated by the permeation of cloud-based learning and administrative tools, as well as a 1:1 student-to-device ratio in many of our nation’s schools. Students now have access to personalized, educational resources and virtual experiences that were impossible just ten years ago. Likewise, school administrators are able to more efficiently serve students through the use of cloud‑based applications and data storage.
What makes this evolution possible?
Many districts have utilized the E-Rate program as a means to build out the network infrastructure necessary to support these new learning initiatives and increased traffic. But, equally important is the fortification and defense of the network from cyber security threats. As excited as students and educators are to embrace new learning tools, their widespread adoption poses an inherent risk—both to individual users and districts at large. It’s no surprise that district IT leaders identified broadband/network capacity and cyber security as a tie for their top priorities in a recent Consortium for School Networking (CoSN) survey.
At the beginning of the 2018–2019 school year, the FBI issued a Public Service Announcement regarding cyber threats to K-12 students and systems, warning that “U.S. school systems rapid growth of education technologies (EdTech) and widespread collection of student data could have privacy and safety implications if compromised or exploited.”
The path to securing sensitive information
School districts are a hot bed of sensitive information including student geolocation, IP addresses, health records, academic reports, and a myriad of other personally identifiable information (PII) which make schools attractive targets for malicious attackers. What’s more, some of the most disruptive security breaches actually come from within—student hacking events are on the rise, with students gaining access to change grades, post inappropriate content on school channels and disrupt network access.
With an average cost of $233 per record in a data breach1, educators and district IT leaders need to have a well-communicated, actionable plan that leverages sophisticated technology to monitor, manage and mitigate today’s security risks.
Below are several security solutions that should be considered as part of this plan.
Technology alone should not substitute for best practices. In a CoSN survey, one‑third of school IT leaders said they had not encouraged staff to update passwords and a mere 11% said they required two-factor authentication for district accounts. Simple, free measures to increase security protection include changing passwords frequently and limiting the use of a password to one system.
It is incumbent for all leaders to take the necessary steps to protect personal data. Investing in the right technology, in conjunction with implementing security policies and processes will ensure your school district remains adequately protected against even the most sophisticated attacks.
1 Ponemon Institute, “2019 Cost of a Data Breach Study: Global Overview,” July 2018
By its most basic measure, the FCC E-Rate program has done a remarkable job of bringing broadband to K-12 schools. 98% of U.S. schools now have high-speed internet access of at least 100 kbps per student, a more than ten-fold increase in just a few years.1
However, the bar is constantly rising. What was once considered adequate high-speed access is now insufficient for digital learning. Schools must get aggressive to meet the FCC’s long-term goal of 1 Mbps per student, which will enable digital learning in every classroom. Today, only 28% of school districts currently provide that level of connectivity.
For the remaining 72% of schools on the wrong side of the digital divide, district leaders must optimize their IT solutions to make the most of limited resources. Understanding which E-Rate eligible solution is best for your district is key.
Building a network for today’s learning environment takes much more than simply turning up the dial on bandwidth and selecting among network options. In order to optimize your investment in data connectivity for your district, other key services– such as security, network management, voice and unified communications are also required.
As an approved E-Rate service provider since the inception of the program, Windstream Enterprise can meet you at the whiteboard to customize a robust, versatile IT solution that best meets your needs, while maximizing every dollar of E-Rate funding and your IT budget.
While every network is a potential target for cyber threats, K-12 school districts are especially under attack. We bore witness to one example recently while assisting a large Midwestern school district that utilizes Google Classroom (which requires Internet access for curriculum, instructional resources, homework, and testing). They were hit repeatedly with coordinated DDoS attacks that swamped their Internet service for nearly two days. Internal IT staff knew the attacks were happening, but couldn’t stop them until they engaged the help of Windstream Enterprise’s DDoS Mitigation service. The result? Immediate detection and mitigation of the attacks and the elimination of downtime and potential losses from simultaneous data theft or ransomware attacks.
This school district was one of the lucky ones who acted swiftly. However, the network of K-12 school districts currently rank as top targets for three types of threats:
Despite being top targets, most school districts have weak network defenses. A 2017 survey by the Consortium for School Networking found that just 15 percent of school technology leaders have a cybersecurity plan.
Making network security a priority for schools
A growing number of school districts have hardened their network defenses by adopting a managed network security solution. Managed security solutions typically deliver extensive, real-time protection against intrusion without requiring the school district to retain internal security expertise or divert general IT resources to challenging security matters.
Why do so many schools remain under-protected? Cost is often cited as the main reason. But as with most severe threats, a focus on preventing data theft, ransomware attacks, and DDoS attacks can prove far more cost-effective and prudent than dealing with them after they arrive.
Enter your business location zip code below for business solutions in your area.
Find business zip code