Taking IT Security to School
School systems must contend with substantial cybersecurity risks with limited resources to protect their computing infrastructures. Not only does learning suffer, but school districts face heavy costs to protect student and faculty devices and to remediate the effects of attacks. Unified Endpoint Management can help address those challenges cost-effectively.
- Cybercriminals view school systems as easy targets because IT security costs tend to fall well down the list of priorities for tight education budgets.
- Cybersecurity incidents reported at U.S. K-12 schools nationwide rose from 400 in 2018 to more than 1,300 through 2021.
- Unified Endpoint Management can help school districts IT increase cybersecurity and manage infrastructure more efficiently so they can focus on supporting students, faculty and staff.
While U.S. K-12 school systems may not be financially lucrative targets for most cybercriminals, they are easy prey for malicious actors intent on harm and disruption. School computer
networks are often characterized by a vulnerable combination of older and diverse device types, sensitive personal, financial, academic and other data, and limited resources for IT
and cybersecurity support. In some cases, IT tasks are assigned to a teacher as an additional part-time duty.
Even schools that use commercial IT service providers are at risk. For example, a January 2022 ransomware attack on hosting provider FinalSite disabled websites and email services for about 5,000 schools across the U.S. According to the US Cybersecurity and Infrastructure Security Agency (CISA), cyberthreats have increased since the start of the pandemic as remote learning devices significantly enlarged attack surfaces.
A January 2023 CISA report about improving K-12 cybersecurity stated the scale of the challenge in stark terms:
“Increasingly, school or school district systems have been breached, with data deleted, misused, or even held for ransom. This trend has continued throughout 2022, and leaders across the
K–12 community are coming to recognize that no school, district, or organization is immune from cyber intrusions. Low-income districts are in many cases most at-risk and vulnerable to
cyberattacks and need focused support given lack of financial resources.”
The CISA report also states that cyberattacks impose, “an untenable burden on our educational institutions and the populations that they serve and protect – children, parents, and educators. A continuing drumbeat of cyber intrusions is threatening the nation’s ability to educate our children while also placing personal information and school data at risk.”
Even small improvements in school IT infrastructure can build cyber-resilience. One viable option for schools and their IT service providers is Unified Endpoint Management (UEM). UEM allows IT teams to manage and secure endpoints such as desktops, laptops, tablets and mobile devices from a single console, for example the baramundi Management Suite (bMS). For example, a school working with an IT partner can manage the school’s devices and students’ computers and tablets efficiently, including applying appropriate updates, patches, hotfixes, rights management and provision of necessary certificates.
UEM can help in several ways.
- It can help IT teams keep track of all endpoints on the network, including devices that may not have been issued by the institution or do not meet school network security requirements. This is especially important where students and staff bring their own devices onto campus. With UEM, IT teams can ensure that only devices that comply with security policies can get on the network.
- UEM can help IT teams promptly apply patches and updates to all endpoints on the network, including those located off campus. Unpatched devices can be a gateway for cybercriminals so keeping all endpoints up to date can reduce the risk of cyberattacks.
- UEM can help IT teams enforce security policies on all endpoints, including requiring strong passwords, encrypting data and restricting web access to sites with instruction-related content. By enforcing these policies, IT teams can reduce the risk of data breaches and protect sensitive data.
UEM can also relieve the time and cost burdens of maintaining and securing school IT infrastructure. An integrated UEM system provides a consistent and intuitive admin console and gives sysadmins the ability to manage devices remotely. That can reduce expenses because IT staff do not have to travel to install patches, updates and other software on school PCs, tablets, smartphones, whiteboards, etc.
Functions in the baramundi Management Suite such as OS-Install and OS-Cloning allow computers to be set up, reset or restored quickly. This is particularly useful when shared classroom computers need to be restored to a safe initial state or updated after use. Instead of tedious and time-consuming manual configuration for each system, administrators create and store a preconfigured image in the bMS that can be distributed to any number of computers using bMS automation. The system is also personalized and added to the domain. All configurations are archived and available for new installations as needed.
UEM also automates many routine IT tasks such as device inventory, vulnerability scanning, update and patch deployment, certificate renewals, etc. That gives IT teams more
time to focus on other important tasks – like improving cybersecurity, installing new educational software, or optimizing network performance.
Overall, UEM is a powerful technology that helps schools and other educational institutions improve security, network performance and costs while reducing IT workloads.