by Charlie Sander, for the Cloud Awards
Cloud computing in K-12 schools isn’t new.
Districts have used cloud apps, such as Google Workspace and Microsoft 365, in the classroom well before the COVID-19 pandemic arrived. But, when schools closed their doors due to stay-at-home orders, districts increased their use of cloud apps to keep students and teachers more connected from home.
Remote learning is starting to go away, but cloud applications aren’t. Google and Microsoft apps became the go-to option to keep students, teachers, and staff connected. It made the vulnerabilities created by the cloud more apparent to district administrators. For IT teams, the focus must turn to cloud security.
K-12 Education’s Growing Cloud Environment
Cloud applications are critical for districts to continue schooling. Students now have a school-provided device—or their own—that they take to and from school. For those districts that weren’t one-to-one before the pandemic, there are now thousands of new access points into their Google and Microsoft domains. And this access can come from anywhere, at any time.
Cloud-based learning management systems (LMS), such as Google Classroom, are increasing the amount of sensitive data stored in the cloud. Districts are storing grades, coursework, attendance, individualized education programs, and more. This is in addition to the personally identifiable information (PII) and credit card information districts keep on file.
Since this activity takes place in cloud apps, it circumvents traditional on-premises security measures. This includes firewalls, antiviruses, and endpoint protection. IT teams need to focus more on securing their data—not just their networks.
Improper Data Sharing Violates District Privacy Laws
When data is shared improperly, districts violate data privacy laws. These laws include federal laws like the Family Educational Rights and Privacy Act (FERPA), Children’s Online Privacy Protection Act (COPPA), and Children’s Internet Protection Act (CIPA).
There are also data privacy laws at the state level, such as the California Consumer Privacy Act (CCPA), Virginia’s new Consumer Data Protection Act (CDPA), and Illinois’ Student Online Personal Protection Act (SOPPA). Violating these laws puts districts at risk of paying large fines or not receiving extra funding to make necessary purchases.
ManagedMethods helps IT admins track and control file sharing activity. The platform will identify files containing sensitive information, how they are shared, and who they are shared with. It can then revoke access permissions manually or automatically. Monitoring activity in cloud apps not only maintains privacy. It also protects school districts.