In the interest of safeguarding students and protecting data, cybersecurity is naturally high on the agenda of education establishments – even more so in the wake of GDPR. Peter Millar, technical consultant at Promethean, discusses key considerations surrounding cybersecurity in educational spaces and why it should be an integrated part of wider ICT strategies.
A holistic view of network security
When it comes to cybersecurity, there is no one-size fits all model for the positive implementation of strategies – after all, every school is unique and has a different edtech ecosystem. Whilst this can pose a challenge for standardisation and make best practice a bit more difficult to stipulate, there are a range of ways that edtech partners can practically support schools.
As technology becomes increasingly accessible and there is more choice on the market, school edtech estates are diversifying and operating systems such as Android are elevating in popularity. As a result of this change, there is an opportunity for edtech partners to really add value for schools by supporting cybersecurity measures.
IFPDs (Interactive Flat Panel Displays) have become a staple part of edtech provisions in schools, especially where interactive whiteboards are being replaced. Interactive whiteboards were an extension of classroom computers running on dedicated operating systems, but leading IFPDs typically run independently on Android systems as a way to provide educators and students with enhanced features and access to resources.
While Android has a strong reputation for being safe and secure, it is advised that school ICT infrastructures should always be vetted to ensure safety and security of the network and those using it. One of the most popular ways to do this is through a single locked VLAN (Virtual Local Area Network) with security permissions. Security permissions will vary in line with different ICT policies and determine what access is to be given to educators and students. Recently, MDMs (Mobile Device Management Systems) have also become a popular way to manage edtech devices including IFPDs, allowing ICT managers to be more efficient by managing systems from a central location – particularly useful on large education estates.
You might also be interested in:
- Cybersecurity: the never-ending war?
- Tech an essential part of education, finds report
- Education: Connected learning
The edtech landscape is moving at pace and it is important that education AV and IT suppliers possess the skills to install new systems confidently and efficiently, adding wider value for schools by offering expertise on areas like cybersecurity. From an AV/IT supplier’s perspective, it can be useful to partner with manufacturers that are focussed on education and understand the evolving needs of schools – perhaps offering dedicated installer training to partners like the Promethean Certified Installer Training.
Getting BYOD right
In education environments, BYOD (Bring Your Own Device) provides a convenient alternative for teachers to use personal devices instead of classroom desktop computers.
However, permitting BYOD onto a school network can pose significant security risk when not managed effectively. Where the implementation of BYOD is being considered, the use of a new guest network is always advisable – one which is locked down and restricted from certain resources as appropriate. Guest networks can be useful to limit access to the internet and cloud-based applications only, with no access to onsite resources such as network drives.
The Promethean State of Technology in Education Report 2019/20 highlights that 38 percent of schools have adopted mobile phones as part of their ICT strategy, and 76 percent are using tablet devices. The education sector is recognising the potential of BYOD to provide additional learning opportunities, so it needs to be a major consideration in relation to the security of ICT infrastructures.
Determining access to content and resources
Education technologies are an excellent enabler for facilitating access to millions of classroom resources that save valuable teacher time, but with downloading content comes inevitable security risks. Even though restrictions are put in place by ICT managers by using MDMs, it is extremely difficult to pre-empt all cybersecurity breaches – therefore the best way to manage cybersecurity is with a common-sense approach.
Educators should take responsibility for their devices just like they would at home, and this should be ingrained in students too. If a user has a bad feeling or does not trust a website or resource, then they should refrain from accessing it, or alternatively log it with an ICT manager.
Again, school policies vary dramatically. Some choose to lock down resources and grant access on a request basis, while others leave everything unlocked and restrict access where appropriate.
One of the best ways to reduce risk is accessing content through trusted educational sources. For example, users that have a Promethean ActivPanel can use the Promethean App Store to download free teaching tools and resources. All of the apps accessible via the Promethean App store are safe and secure giving teachers and ICT managers peace of mind.
Why passwords matter
Individuals have so many online accounts for both professional and personal purposes which can make it difficult to create different passwords every time. Humans are creatures of habit but in the interest of cybersecurity passwords must be different – especially between home and work.
Users should also make sure autofill is switched off, despite it being helpful in speeding processes up when teaching time is limited. Screen sharing or connecting personal devices to IFPDs can be a useful way to bypass logging in via the front of class display, as when disconnected, the device becomes completely untethered. This can be especially beneficial for teachers who do their planning at home on lesson delivery platforms like ActivInspire and want to instantly share flipcharts in the classroom. Where users prefer to log in, the latest Promethean ActivPanel allows users to enter password details discretely on its smaller keyboards and pin pads which allow for privacy and easier navigation – educators should never be complacent with passwords.
Remember edtech is an enabler
Education technology has so much potential to make the lives of teachers easier. Educators should not be afraid of cybersecurity and its implications, but to instil confidence, ICT managers and edtech partners need to be supportive and encouraging in their approach. Every school will have a different policy or strategy, and these should be established based on need. As AV/IT suppliers, we need to share expertise wherever possible and build positive relationships that will not only bolster cybersecurity but help schools embrace the extensive value that education technology brings.