K-12 Hybrid Learning And Why District IT Teams Must Take A Cloud-First Approach

By Charlie Sander
August 03, 2020

When K-12 schools closed their buildings at the start of the COVID-19 pandemic, IT departments’ cybersecurity plans were flipped inside out. Districts went from monitoring student, teacher, and staff account activity on school networks to flying blind as that activity dispersed across private networks and cloud applications. IT teams are tasked with the challenge of protecting against threats while school data is accessed from anywhere at any time.

Cybersecurity isn’t the only challenge due to school buildings being closed—students may have less supervision to keep them safe from cyber safety incidents. These incidents include cyberbullying, self-harm, threats of violence, racial and LGBTQ discrimination, domestic abuse, and more that occur within popular cloud applications used by schools today.

This fall, when the 2020-21 academic year begins, districts must be ready to monitor their cloud environments more closely, as most student and staff activity will take place in these applications. And when that activity picks back up, district IT admins will face different and more advanced cybersecurity threats than what they experienced previously.

K-12 Districts Will Face Different Cybersecurity Threats Than Before

School districts saw a large number of data breach and ransomware incidents in 2019. According to The K-12 Cybersecurity Resource Center, there were 271 incidents involving data breaches and ransomware in schools. The trend was expected to increase in 2020. However, once schools closed their doors following the COVID-19 outbreak, reported data breaches and ransomware incidents dropped. They were replaced by incidents affecting video conferencing when students and staff rushed to platforms like Zoom and Google Meet to keep classrooms operating from home.

This doesn’t mean malware isn’t appearing and spreading behind the scenes. Microsoft’s Global Threat Activity Tracker has reported more than 4.8 million malware incidents in the last 30 days across the education industry. With districts on summer break, malware incidents are taking place in the cloud on student and staff accounts—perhaps even from unmanaged personal devices—but haven’t been detected and disclosed. This is likely due to the fact that most districts are only able to detect malware attacks on their network, leaving them blind to threats in their cloud applications.

Furthermore, there are more 3rd party cloud applications that will be connected to district cloud environments as a result of the free or reduced pricing that vendors offered at the start of the pandemic. Millions of students and teachers will rely on these newly adopted apps for video conferencing, online chat, digital lessons, bulletin boards, and more. IT admins must take time leading up to this fall—and throughout the year—to audit their district’s environment and see all the apps that have been granted risky permissions via open authorization (OAuth). These apps can give unauthorized access that cyber criminals take advantage of to breach a school’s data system.

IT staff in schools have traditionally focused on securing their networks and endpoints, and blocking student access to unapproved websites. However, the school environment has changed and the IT department’s cybersecurity strategy will have to as well.

Students not aware of emerging cyber threats may be less careful during the upcoming school year and click on a disguised phishing link. Teachers who haven’t been properly trained on the latest cybersecurity trends may not be aware a link they clicked on at home is actually malicious. Both situations give cyber criminals access to a district’s cloud environment—all without anyone being in a school building.

More students will have mobile devices and internet connectivity from their schools after a summer of preparing for the “new normal” classroom. Expect student activity in the cloud to increase, as well as the number of cybersecurity incidents discovered in the cloud across hundreds of thousands of devices.

Cyber Safety for Students Using Cloud Applications Outside of School Buildings

Districts must go into the upcoming school year with the expectation that more cybersecurity incidents will be detected, especially as students and staff return after six months of not being in a physical classroom. While newer cloud security tools must be implemented by IT staff to detect and prevent the external and internal cybersecurity threats, some of these same tools can also monitor cyber safety risks. With less in-person interaction and supervision by teachers, and more apps being used by students, more risky interactions may go undetected.

ManagedMethods recently polled K-12 IT leaders and found that in the fall, 60% of IT admins expect to return to school in a hybrid learning environment. When schools return in the fall, students and teachers may not be in the same room physically all the time, but that doesn’t mean that inappropriate interactions won’t be happening. Teachers just won’t be able to see them. It’s equally as important that districts have the tools in place to monitor cloud applications for the student safety incidents when classes resume. From anywhere, on any device.

Cyber criminals are evolving to attack districts in the myriad of cloud applications being used today, so why shouldn’t IT departments evolve their defenses against them? K-12 schools may never return to the way they were before. This fall is an opportune time for IT admins in school districts to evolve not only their cybersecurity infrastructure, but also their cyber safety strategies to keep students and staff safe online. This way, students, teachers, and staff are better protected during the continuously increasing use of cloud apps expected when classes resume.

headshot of ManagedMethods CEO Charlie Sander.Charlie Sander is the CEO of ManagedMethods—a cybersecurity, student safety, and compliance platform for K-12 school districts.

Featured Image: BadBoy, Pexels.