Educational institutions have traditionally lagged behind businesses and organizations in other industries in technology adoption. However, the lockdowns of 2020 forced these institutions to invest heavily in IT infrastructure to provide remote education and reengineer how they can consistently – and securely – deliver instruction.
The first challenge schools and universities had to overcome to carry out an “operate anywhere” model is to find a way to leverage devices they don’t control. Students may use school-provided laptops. However, they can take them to a coffee shop or library and log on to an unprotected network where a hacker could access the devices and, ultimately, the school’s network. Alternatively, students may use their own computers and devices, which may not be running an updated operating system or software or include apps with vulnerabilities.
School and university IT teams have cause for concern. Schools are lucrative targets for hackers because the data stored on their systems are a veritable treasure trove of personally identifiable information (PII). Schools’ data is also necessary to track progress and confer degrees–information that hackers and ransomware groups know they can’t operate without. Cyberattacks against educational institutions have increased by 75% since 2020. Furthermore, successful attacks can be financially devastating. The average ransomware demand is more than $170K, and organizations also face legal, reputation management, IT repairs and restoration, higher insurance premiums, fines, and other costs.
Elements of EdTech Security
To protect their data, students, and organizations, schools of all levels must have air-tight security protocols across their network and all these individual devices to make sure they do not fall victim to the next cybersecurity attack. The most potent security strategies are multilayered, with elements including:
- Antimalware solutions that detect and stop malicious code
- Real-time monitoring of applications and processes for anomalous behavior
- Multifactor authentication (MFA) that requires more than one factor, for example, login and password, biometric authentication, and one-time use codes, to authenticate a user’s identity
- Zero trust protection, providing visibility into the people and devices connecting to the network and that they are compliant with security policies
- Immutable backups with appropriate recovery point objectives and recovery time objectives (RPOs/RTOs)
Two additional essential elements of cybersecurity for schools and universities are educating users and enforcing security best practices. People are often the weak link in security, falling victim to phishing or other attacks. Implementing email security, requiring additional factors for login, and enforcing VPN use can all help keep devices and the school network safer.
The Benefits of Secure EdTech
When schools have a comprehensive cybersecurity strategy in place, they can confidently take advantage of new technologies for in-person and remote education. STEM learning environments can include augmented reality, virtual reality, mixed reality, and 3D simulations. Schools and universities can also deliver interactive learning experiences without buying expensive equipment or machinery. For example, medical students can simulate multiple surgeries with virtual reality to prepare them to provide care.
Keeping students and teachers connected can also help to build a collaborative environment in all subject areas. Teachers become more accessible and can mentor and guide students as they learn, whether inside or outside the traditional classroom.
EdTech can also help more students reach their potential, animating curriculum for visual learners, customizing content to meet individual student’s needs, and even gamifying learning to keep students engaged.
It’s all possible once the educational institution builds a secure, reliable network.