District technology leaders share how they manage critical security and safety risks in Google Workspace and Microsoft 365
Last week, we had the great fortune to host Reginald Gossett, Executive Director of Technology at Troup ISD in Texas, and Justin Feltus, Systems Administrator at Bremerton School District in Washington, for a live webinar.
Reginald and Justin volunteered their time to share with other technology pros in K-12 how important cybersecurity, student safety, and compliance is—specifically in Google Workspace and Microsoft 365.
They also shared how they specifically use the ManagedMethods platform to help them monitor cybersecurity, safety, and compliance issues in their respective districts. Today, we’re going to share a recap of the conversation we had with Justin and Reginald. You can also watch the full webinar recording here.
5 Critical Cloud Security and Safety Risks ManagedMethods Helps District Technolgy Teams With
A recent report found that half of K-12 technology decision-makers and influencers either don’t have a cloud security platform or don’t know if one exists in their district. This is particularly concerning considering that about 9.4 out of 10 schools are using cloud applications for a variety of purposes, from classroom learning to HR and finance operations.
It also points to a glaring gap in security and safety monitoring in school-provided technology. While K-12 districts continue to top the list of most targeted industry segments and surveyed technology leaders indicate that cybersecurity is a top priority year after year, most are not putting focus on the area where most district data and operations are happening—in the cloud.
Here is a round-up of 5 of the critical cloud security and safety risks that Reginal and Justin use ManagedMethods to help them make their own cloud environments more secure and safe for their users.
1. Unsanctioned & Risky 3rd Party Apps
“Our device management system does pretty well with controlling apps at a device level, but they can still get through,” Reginald explained. “Before we started using ManagedMethods, we had to catch them one by one. We’d have to go around to remove the apps on a device level, and the kids were able to warn each other that we were coming around pull apps.”
Now, his team has an app policy set up in ManagedMethods that immediately revokes certain types of apps. He shared that he has the policy set up to automatically revoke app access to the domain based on app type, including VPNs and gaming apps.
“We had a very popular STEM-based edtech app that many teachers were using in our district that students recently discovered could be used to bypass our content filter,” shared Justin. “Using ManagedMethods, I quickly found which students had downloaded the app that didn’t it for the grade level they were in and were just using it to bypass the content filter, and then revoke the app. It could have been a very lengthy investigation process, but ManagedMethods made it a fairly quick fix. That ability to see and fix things from one pane of glass saves a ton of time and is worth its weight in gold.”
During the webinar, we shared a live demo of how 3rd party app controls work in ManagedMethods. Admins can do things like search applications that have been granted access to their domain by name, type, permissions scope, users who have installed it, and more. They can also remediate app use by warning the user and/or revoking apps either one-off, in bulk, or automatically by setting up a policy.
2. Data Loss/Leak Prevention Risks
Data security is absolutely a critical cloud security and safety risk. Whether data is accidentally exposed or maliciously stolen, the impacts on the district and to students and their families can be quite harmful. Using cloud-specific data loss prevention software helps mitigate a lot of that risk in districts Google and Microsoft 365.
“You have millions of files flying around in the cloud, there is no way you can keep track of everything that’s going on and focus on the really critical incidents on your own,” Justin said. “ManagedMethods gives us a great starting point to get clarity in the chaos. We can see where are risks are and then start training users on why they shouldn’t be doing what they’re doing. Then, you can start putting policies around things—issues that you didn’t even know existed before—and start automating some of that remediation.”
“Keep in mind that Troup is the second district that I’ve been at where I’ve brought in ManagedMethods,” shared Reginald. “We had staff and teachers that were doing things like sending their social security numbers and district credit card numbers via email without any encryption or anything. That was what sold it to my business manager here. When she saw how often credit card information was being emailed by staff members, she was all-in.”
Now, Reginald explained, alerting the user that they’ve violated a policy is automatic. And, he gets an alert as well which helps him open up conversations with his colleagues to explain why they can’t do things that way to educate them on better, more secure practices.
“Using a tool like ManagedMethods helps protect our district’s data in so many ways,” said Reginald. “But, on top of that, cyber insurance policies are beginning to require this type of control. ManagedMethods and the processes that it has helped us put in place helps us show our insurance carrier that we are taking the necessary steps to make our data safe.”
In ManagedMethods, risks are provided out-of-the-box and they can also be customized to meet your district’s specific and/or evolving needs. The platform scans for risks in emails, files, drives, shared drives, and chat apps. Admins can take action on risks, including quarantine, delete, restore, and ignore. They can also send risks to others on their team if they need someone else to investigate the risk further.
3. Student Safety & Behavior Risks
K-12 school districts are unique in that they have to navigate both cloud security and safety risks in their systems. Unfortunately, there is a mental health crisis going on across student populations. Federal grants are being provided to schools to help fund mental health, suicide prevention, and other types of student safety programs.
Student safety and mental health is a huge issue that is definitely not going to be solved through technology alone. That being said, ManagedMethods has developed student safety monitoring capabilities at the request of many of our customers. The platform is able to use both keyword/regex and AI-enabled risk scanning to help administrators identify a student who is potentially in crisis and follow up using their policies and processes.
Justin Feltus and the team at Bremerton use a few different monitoring platforms as part of their student safety program, and ManagedMethods is a key part of that.
“There are a lot of platforms out there that will send you an alert, but few will give you the ability to quickly and easily find out the details behind the alert. ManagedMethods can answer all the questions very quickly. Using ManagedMethods, I can very quickly get detailed information including the specific file that prompted the alert, who owns it, who it was shared with, who viewed it, and who actually contributed to it, if applicable,” Justin explained. “When there is an incident going on, there’s nothing worse than having to tell leaders that you need more time to find out what’s going on. It’s like saying, ‘I know the world is on fire, I’m going to go figure out where the fire is, where the water is, etc.’ No, you want to get them all the information they need as fast as possible.”
4. Suspicious Account Login Risks
Abnormal account logins are another critical cloud security and safety risk in districts’ cloud environments. Often referred to as an account takeover, when a criminal is able to gain access to a legitimate user account, their behavior is going to look legitimate to most security tools out there.
This includes activity such as sending phishing emails from the user account to others in the district and/or to other domains to spread the attack surface. They can also do things like download and/or share files containing sensitive data, upload explicit content and share it with others, upload files containing malware, and install malicious 3rd party apps.
ManagedMethods’ ability to automatically control suspicious account login activity was another unique selling point for Reginald Gossett.
“It used to be that we’d find out about a compromised account after the fact. Now, if a user logs in from outside the US, ManagedMethods automatically suspends the account,” shared Reginald. “This is extremely helpful because I’m not worried about an account being compromised overnight and then I’m finding out about it the next morning. ManagedMethods literally allows me to sleep better at night.”
Suspicious account activity is a cloud security risk that doesn’t usually get a lot of attention in K-12 cybersecurity conversations. But, just because you don’t know much about it doesn’t mean that account takeover risks aren’t there.
Reginald is a step above the norm in this area and super smart for automating his district’s suspicious account activity remediation. His policy is set up to automatically suspend a user account for login attempts from outside the US or if there are too many failed login attempts from anywhere.
This is a great way to have your own account policies set up, but also keep in mind that these policies are customizable. Many districts we work with have students and staff that regularly log in from other countries, Mexico being a popular one. There are also ways to customize for things like students studying abroad or temporarily living outside the country and things of that nature.
5. Email Phishing Risks
Did you know that stopping phishing in cloud-based emails, like Gmail and Outlook 365, works a little differently than on-prem email software? Basically all email is hosted in the cloud these days, and there are a lot of great tools out there to help reduce email phishing attacks. Further, Google and Microsoft’s native phishing filters are quite good.
ManagedMethods provides an additional layer of phishing protection for school districts. While phishing filters are quite capable of making sure it’s not an issue, if it is able to get through the various layers you likely already have, that’s where we really shine.
“ManagedMethods’ live email search has definitely helped us in the past. I’m able to get in there and find every inbox that an email is in and quarantine or delete it within minutes,” said Justin. “It gives us that extra bit of control that could be the difference between a few minutes of panic and having a very bad day.”
We want to give a special “Thank You” to Justin Feltus and Reginald Gossett for sharing their time and expertise. Their valuable insights into how other district technology teams can manage these 5 critical cloud security and safety risks will no doubt help many other districts secure their data and keep students safe online.