Learn How School IT Administrators Protect Students and Staff with K-12 Cloud Security
There are three distinct categories of K-12 cloud security that are fundamentally important to schools. It’s important to note; however, that not every category is needed by every school. Your school’s need should be determined by state and federal regulations, local interests and priorities, and budget constraints.
The three most common categories of K-12 cloud security solutions are:
- Cloud Application Security (sometimes referred to as Cloud Access Security Broker, or CASB)
- Internet Filtering and/or Content Filtering
- Campus Safety Management
Some K-12 cloud security solutions do more than others, but no product meets every need, use case, or budget. These products do overlap with some functions but, for the most part, they are complementary to each other. Some work together to provide extra assurance and visibility of the risk incidents uncovered.
K-12 Cloud Security Categories Overview
We’ll provide greater detail into each of these categories in later blog posts (stay tuned)! But here is a quick overview of what each of these categories are and what they do.
Cloud Application Security
Cloud application security is a fundamental control layer of K-12 cloud security. It’s primarily concerned with analyzing and controlling what is happening with your school’s web applications like Google G Suite, Google Drive, Office 365 Mail, OneDrive, SharePoint, Slack, Box, Dropbox and ShareFile. The native security capabilities inherent in these applications are limited or require expensive license upgrades, which dictates the need for enhanced security. Cloud Application Security provides three key functions:
Internet Filtering / Content Filtering
Content filtering typically works at the web browser level by looking for specific character strings or general content that, if matched against a policy, indicate undesirable content that is to be blocked in real time. Text on a page is typically screened for explicit content and sometimes also for violence- or hate-oriented content. Sophisticated solutions might process images as well as text-based strings. Some products use machine learning or artificial intelligence to continuously learn from the context of content to reduce false positives and false negatives. Here are some examples of K-12 cloud security issues a content filtering product addresses:
- Compliance with CIPA and COPPA
- Students purposely or accidentally viewing explicit content
- Students surfing time-wasting websites when they should be doing classwork
Campus Safety Management
The environment that students live in today is so open that it can be difficult for any school district to keep students safe. Nevertheless, schools now take on a far greater responsibility than just educating students. They also attempt to assure the well-being of students, faculty, and staff members by gaining awareness of threats and potentially harmful actions within the greater school community. For example, many schools use campus safety management technology to support their suicide prevention program. Here are some examples of K-12 cloud security issues a campus safety management product addresses:
- Students sharing sexually explicit content with each other
- A student making threats against the school or another person
- A student expressing suicidal thoughts
Combining K-12 Cloud Security Solutions to Resolve School Issues
As mentioned earlier, these cloud security solutions for schools can complement each other to provide layers of protection and visibility. When solutions from two or more categories are used together, they serve to provide “backup” so that if one product misses an incident, the other might pick it up. Or, when both products detect an incident, it pretty much confirms it’s not a false-positive alert.
In other cases, one product might detect an incident worthy of an alert and another product provides much more detail to help IT administrators go deeper into what has occurred and resolve the issue more quickly.
For example, there is a ManagedMethods customer that uses all three categories of K-12 cloud security solutions. One of its schools had an incident where its campus safety management solution detected a keyword in a student’s Google email account. The IT administrator got a notification email with the student’s name, the file name and the keyword that triggered the alert.
ManagedMethods quickly revealed who sent the email message, who the internal and external recipients were, what the message subject line said, and what domain the file attachment is in. It also provided a full historical analysis—who edited the file in the last three days, who downloaded it, who printed it, who moved it, etc. This kind of detail goes far beyond what a campus safety management solution or a content filtering solution can do, but it’s all complementary. It all helps the school do what it wants to do, which is identify a risky situation and all the people involved in order to resolve the issue quickly.
Cloud security in K-12 schools is a serious issue. As an IT administrator, you need to know the difference between each of the three main types of K-12 cloud security solutions, what they do, and what they don’t do so you can make an informed decision about your cloud security environment. Learn more by downloading our Cloud Security Solutions for the K-12 Education Environment eBook.