This article was originally published in T.H.E. Journal on 02/11/26 by Charlie Sander.
Learning is increasingly cloud-based and off-campus
Schools are in their most digitally connected period to date. Cloud-based student spaces and web resources have expanded access to learning and improved flexibility for students.
This shift is not limited to well-resourced systems. UNESCO’s spotlight on digital learning highlights how advances in connectivity and educational resources are creating new possibilities to reach learners across the globe. Even in low-resource contexts, schools across Namibia and Kenya are recognized for downloading videos to enhance dynamic classroom experiences and implementing SMS-based learning programs in areas with limited internet access.
That same connectivity, however, has also made education a more visible target for cybercriminals. In the first quarter of 2025, ransom demands averaged $608,000 for schools globally, a Comparitech analysis found. Many of these attacks begin with everyday web activities, such as compromised websites, phishing links, or malicious downloads, directly tying gaps in web and cloud security to rising financial and operational risks for schools.
Even emerging threats that seem novel or AI-driven, such as deepfake cyberbullying or sophisticated phishing attacks, are still mediated through everyday web activity. This prompts schools to prioritize web access controls as a central line of defense for student safety.
The Classroom Is No Longer Network-Bound
“National digital strategies reflect a shift toward distributed, cloud-enabled teaching and learning, beyond limiting learning to on-site, on-network classrooms. Across OECD member countries, students reported spending an average of 20.5 hours per week learning with digital resources, including 9.9 hours at school, 7.5 hours before or after school on weekdays, and 3.1 hours on weekends. This highlights how learning now extends well beyond the classroom.
Since learning now happens across cloud platforms, shared devices, and off-campus locations, web security has moved from a perimeter-focused safeguard to continuous, zero-trust monitoring and multi-layered protection. It must travel with users, regardless of location or network.
However, while most central authorities (81%) provide schools with guidance on privacy and data protection requirements, fewer than half (43%) have central monitoring or enforcement mechanisms to ensure those measures are actually implemented at the school level…
