Special Report
Privacy & Security

5 Steps to Curb Cyberattacks in 1-to-1 Computing Schools

By Mark Lieberman — March 17, 2020 4 min read
BRIC ARCHIVE
  • Save to favorites
  • Print

Digital devices are everywhere in schools these days. They are used to complete assignments, conduct research, play educational games, and generally enhance teaching and learning. In an increasing number of schools, every student has access to at least one digital device during the school day. Oftentimes, they can take those devices home after school. That proliferation of school-issued devices can open schools up to all kinds of cybersecurity problems.

Education Week asked K-12 technology leaders in districts with 1-to-1 computing environments to offer tips on minimizing those cybersecurity risks. Here’s what they suggested:

1. Invest in the right products.

It’s impossible to protect school districts from the wide range of security threats without outside help—but not all available products are created equal.

Anti-virus and endpoint security are two basic products that help improve cybersecurity. Chris Sette, the IT manager for the Meriden public schools in Connecticut, recommends splurging for a product that utilizes machine learning that “actually analyzes what’s happening on the machine and makes a determination that there is something out of the ordinary.” Sette’s team checks outputs from those tools every day.

Tools that offer transparency for parents as well are especially worthwhile, according to Bryan Weinert, who runs the 1-to-1 program at Leyden High School District 212 in Illinois.

The district uses Securely to offer parents a portal they can access to see their children’s activity outside the school day. The tool also offers the option to allow parents to see students’ activity during the school day, but the district opted out of that feature. “If a parent is concerned about what they’re using Chromebook at home for, now we’ve provided parents a way to look as well,” Weinert said.

2. Make hackers work for it.

Maintaining strong lines of communication between teachers and parents is important—but there are ways to accomplish that goal without putting cybersecurity at risk. Last summer, the Meriden district’s tech team scoured district and school websites, as well as other sites hosted by the district, to remove all email addresses for staff members and replace them with contact forms.

Weinert’s district has installed content filters that allow his team to monitor all activity on the devices students receive through the 1-to-1 program. Parents and students have been informed that they should have no expectation of privacy on those devices, he said.

“We’re not actively monitoring—that would be multiple people’s full-time jobs,” Weinert said. “If there’s ever anything that does come up, our deans, disciplinarians, principals have the ability to go in and look at what’s going on.”

3. Communicate constantly with teachers and set them up for success.

Sette’s team emails teachers any time there’s a chance they’re receiving a spam message cleverly disguised to look legitimate.

Melissa Tebbenkamp, the director of instructional technology for Raytown Quality schools in Missouri, says a high priority in her district is ensuring that teachers’ and students’ devices don’t have administrative privileges unlocked. “There’s not a single user in my district, not a single technician, not myself, not my superintendent, not my students that are local machine administrators. Their accounts don’t have permission to install programs.” [The district has one special account that has the power to make those changes.]

Why not? Many cyberattacks require some sort of download or the ability to edit the device’s internal registry. “If the user account that it’s executing under doesn’t have the permissions to do that, then that virus or that malware or that trojan can’t go anywhere,” she said.

4. Start teaching cyber hygiene in kindergarten.

Meriden students start getting lessons on online safety, and warnings about indiscriminately sharing information in kindergarten. Those lessons continue throughout elementary and middle school, so that by the time they reach 6th grade and are taking devices home, “we have created a culture of internet safety,” Barbara Haeffner, the director of teaching and innovation for the Meriden public schools in Connecticut, said.

5. Never assume that what you’re doing is enough.

Districts that stop at simply installing a firewall aren’t likely to see all their problems solved. “Having a broken lock on a door is really not gonna help you that much,” said Sette.

District leaders emphasized consulting state laws around data privacy. In Connecticut, for example, each school district is required to get a data-privacy agreement from a vendor partner, whether it’s paying for the vendor’s product or getting it for free. The district has procedures in place for teachers asking students to sign up for accounts or interface with products that fall under the law, Haeffner said.

Events

This content is provided by our sponsor. It is not written by and does not necessarily reflect the views of Education Week's editorial staff.
Sponsor
Reading & Literacy Webinar
(Re)Focus on Dyslexia: Moving Beyond Diagnosis & Toward Transformation
Move beyond dyslexia diagnoses & focus on effective literacy instruction for ALL students. Join us to learn research-based strategies that benefit learners in PreK-8.
Content provided by EPS Learning
This content is provided by our sponsor. It is not written by and does not necessarily reflect the views of Education Week's editorial staff.
Sponsor
Teaching Webinar
Cohesive Instruction, Connected Schools: Scale Excellence District-Wide with the Right Technology
Ensure all students receive high-quality instruction with a cohesive educational framework. Learn how to empower teachers and leverage technology.
Content provided by Instructure
This content is provided by our sponsor. It is not written by and does not necessarily reflect the views of Education Week's editorial staff.
Sponsor
School Climate & Safety Webinar
How to Use Data to Combat Bullying and Enhance School Safety
Join our webinar to learn how data can help identify bullying, implement effective interventions, & foster student well-being.
Content provided by Panorama Education

EdWeek Top School Jobs

Teacher Jobs
Search over ten thousand teaching jobs nationwide — elementary, middle, high school and more.
View Jobs
Principal Jobs
Find hundreds of jobs for principals, assistant principals, and other school leadership roles.
View Jobs
Administrator Jobs
Over a thousand district-level jobs: superintendents, directors, more.
View Jobs
Support Staff Jobs
Search thousands of jobs, from paraprofessionals to counselors and more.
View Jobs

Read Next

Privacy & Security What Teachers Need to Know About Changes to Instagram Teen Accounts
The adjustments come as Meta faces multiple lawsuits from states and school districts.
4 min read
Close up photo of Black teen looking at Instagram photos on her cellphone.
Anastasia_Prish/Getty
Privacy & Security Download A Tip Sheet to Help Teachers Prevent and Respond to Doxxing
Teachers can be a target for malicious actors. Use this tip sheet to prevent and respond to doxxing.
1 min read
Image of digital safety against doxxing and privacy invasion.
Laura Baker/Education Week via Canva
This content is provided by our sponsor. It is not written by and does not necessarily reflect the views of Education Week's editorial staff.
Sponsor
Privacy & Security Quiz
Quiz Yourself: How Much Do You Know About Cybersecurity For Schools And Districts?
Answer 6 questions about actionable cybersecurity solutions.
Content provided by FlexPoint Education Cloud
Privacy & Security What Schools Need to Know About These Federal Data-Privacy Bills
Congress is considering at least three data-privacy bills that could have big implications for schools.
5 min read
Photo illustration of a key on a digital background of zeros and ones.
E+