District IT teams need to be aware of potential Google Classroom security issues as we enter into the new school year

Google was already the main player in K-12 school districts. Now, the pandemic has many districts planning for continued remote learning or hybrid learning as classes are starting. As a result, Google Classroom use has more than doubled compared to a year ago. With all this additional activity and content creation, IT teams need to be aware of the top Google Classroom security issues.

Google Classroom is a great tool for teachers and students who need something to bridge the learning gap in our new, physically isolated world. It’s lightweight, easy to use, and comes at a great price (free!) But the increased use of this tool means that district IT teams need to understand Google Classroom monitoring capabilities and limitations—and know how they affect the rest of their G Suite for Education security configurations.

Google shared responsibility model 400

Source: Google Cloud

Is Google Classroom Secure?

Like all G Suite for Education apps, Google built Classroom on one of the world’s most secure cloud architecture infrastructures. It’s unlikely that an attack directly on Google’s Cloud Infrastructure itself is going to be successful, or that your district’s data will be exposed from such an attack.

However, just like any SaaS platform, Google operates using a shared responsibility model. This means that the person on your district’s IT team in charge of Google administration needs to configure security settings in your specific domain properly, and monitor G Suite apps and accounts for potential misuse, breaches, and other security issues. The best thing you can do right now is check and configure your Google Classroom security settings before school starts to mitigate some of these issues before they arise.

4 Top Google Classroom Security Issues

Google Classroom security issues are typically the result of security misconfigurations, weak passwords, and human error. For example, if a user creates a weak password for their Google account login, it exposes that account—and all the apps and data it has access to—to potential security issues. It’s a bigger problem for accounts that have high levels of data access because hackers put a premium on attacking those accounts.

The four Google Classroom security issues discussed below are the most critical issues for your IT team to be aware of and address as best you can (particularly given the frustrating lack of Google Classroom admin controls).

[WEBINAR ON-DEMAND] Monitoring Google Classroom & Beyond. LEARN & SECURE >>

1. Phishing and Malware

Phishing and ransomware attacks are a huge issue for school districts today. IT teams struggle with large and very inexperienced user environments. Often paired with a woefully underfunded cybersecurity program, school districts are uniquely vulnerable and hackers are taking notice.

For example, looking at the 2019 K-12 cybersecurity year in review, several of the top incidents were a result of phishing attacks. In Texas, a phishing email resulted in all of a district’s W-2 tax forms being distributed. In California, a student gained access to his school’s grading system using a phishing email. In another California phishing incident, the personal information on over 500,000 people in the district was stolen.

There was also one ransomware attack in the top 10 incidents, and it cost a school district in Massachusetts $10,000. As you’re likely aware, these are just a few examples of the wave of phishing and malware attacks school districts are experiencing.

How do phishing and malware relate to Google Classroom security issues? To be sure, there are no reported incidents of a phishing attack taking place directly in Google Classroom. Email is still by far the #1 threat vector. That being said, there are a couple of ways that this year’s increased Google Classroom activity can increase your risk. First, there is a good chance that there will be a lot more use of Gmail as a result of students using Google Classroom. Simply increasing the sheer number of emails being received and opened increases your district’s risk.

There is also the question of how hackers might use access to Google Classroom if they’re able to successfully take over an account. Again, there are no known reported incidents of this happening, but rest assured if there is a benefit to doing this they will take it. With so many students, staff, and teachers using Google Classroom this year, why wouldn’t a hacker attempt to share malware in Google Classroom? There is really no way for security teams to detect such an attack, so if someone can gain access to an account and start sending links through Classrooms they’re associated with, as well as Gmail, it could be a lucrative new vector.

2. Account Takeovers

Account takeovers are one of the most damaging of the Google cloud security issues. Once a hacker has control of an account in your system, they can do untold damage. In another example from Texas, a hacker gained access to a business system and stole $2 million that was supposed to be used to pay the district’s construction vendor.

Once an internal account has been compromised, the hacker is able to act as though they’re an internal, trusted user. They can send emails, upload and share files, engage in Chats, host and participate in Meets, and post to any Google Classrooms based on that user account’s access permissions.

It’s important to make sure your G Suite application settings are configured correctly. This gives you a starting point for protecting your accounts. Unfortunately, it’s difficult to spot Google account takeovers, and native Google security tools do little to help. This is because, once the account has been compromised, it looks like a regular login from a recognized user. In today’s environment, you need to have the right type of cloud application security in place to monitor for anomalous behavior and automatically lock down the account.

3. Data Loss

Human error plays a big role in school districts suffering a data breach, and accidents are the cause of most data loss. All it takes is for a staff member to set the sharing setting on a document to “visible to the public.” It could happen that someone with malicious intent will find that document, and it’s just not a good idea to have sensitive information accessible by anyone.

When it comes to Google Classroom security issues, the most likely improper data handling scenario will be accidental. With so many students and teachers using Google Classroom—and many not being particularly tech-savvy—there is a good chance that personal information that should not be shared can be accidentally shared in a Classroom and/or saved in a class folder on Google Drive.

Since Google Classroom does not have the same level of data loss prevention monitoring and controls that other Google apps do, these types of incidents can be difficult to detect. However, having a solid data loss prevention policy in place and properly configuring the settings in Admin Console should have you covered. This is because, though the files are shared in Classroom they’re still stored in Drive.

[WEBINAR ON-DEMAND] Monitoring Google Classroom & Beyond. LEARN & SECURE >>

4. Student Safety and Communications Misuse

Not all Google Classroom security issues are related to cybersecurity. Protecting students and complying with regulations is another important concern.

For example, districts are struggling with how to track hybrid learning attendance and student engagement. Taking attendance is easy when students are physically present in the classroom. Remote learning poses an entirely new problem for districts that have to report on attendance for funding and other compliance purposes.

Districts are also grappling with the challenge of how much access they should allow students in a way that will balance collaboration with cyber safety. For example, the problem of students using Google Docs, Slides, and other apps as chat rooms was already an issue—one that is expected to get worse. Students are using these unofficial “chat rooms” to share explicit content and bully each other. If districts can’t track and control this type of behavior, they could find themselves dealing with problematic hybrid learning CIPA compliance questions.

Since the use of Google Classroom is increasing, and students are continuing to be isolated from one another as the COVID-19 pandemic drags on, you can expect these types of issues to grow more prevalent this school year.

G Suite for Education provides excellent tools for districts that are taking on the heroic task of continuing to educate and nurture students through the COVID-19 pandemic. Managing Google Classroom security issues is yet another thing that IT teams will most likely need to figure out on the fly.

webinar on-demand google classroom monitoring