The goal of K-12 content filtering is to prevent students from viewing inappropriate content. The goal of K-12 cloud security is to prevent cybercriminals from gaining access to school information, such as students’ social security numbers, staff W2s, and intercepting vendor payments for their own financial gain. When you use both of these protection systems correctly, they combine to provide the level of protection the government, you, your students and their parents expect.
The federal government has taken several actions over the years to protect children from those who would do them harm on the internet.
Family Educational Rights and Privacy Act (FERPA)
President Ford signed FERPA into law in 1974. The Act protects the privacy of students and their parents when it comes to providing access to a student’s school records. In school districts that use Google G Suite or Microsoft Office 365, all those records are accessible in the cloud.
Children’s Online Privacy Protection Act (COPPA)
In 1998, the Federal Trade Commission passed COPPA to define requirements that websites and online services must meet if they provide services to children under the age of 13. Any company that makes an app, website, or online tool for kids under 13 must follow the COPPA rules for collecting and storing information from kids in this age group.
Children’s Internet Protection Act (CIPA)
Congress passed CIPA in 2000 to restrict children’s access to inappropriate content. CIPA requires schools to use K-12 content filtering programs that block content or images that are obscene, contain child pornography, or are hurtful to minors.
Even with all the attention on protecting schools and their students, school districts are still falling victim to phishing, ransomware, account takeovers, and other types of cybersecurity incidents. If you have any doubt about that, visit the map from the K-12 Cybersecurity Resource Center. Since January 2016, the Center has tracked 729 incidents. For more information, review the Center’s K-12 cybersecurity year in review report for 2018.
Examples from the Center include the phishing attack on the Atlanta Public Schools in 2017. Cybercriminals redirected over $56,000 in direct deposit payroll monies. In October 2019, the San Bernardino School System lost access to its computer systems due to a ransomware attack. The result of cyberattacks can range from inconvenience to monetary loss, to the potential for identity theft, loss of class time, and more.
Content filtering and using K-12 cloud security solutions are two approaches that work together to provide the protection you want and the compliance you must have.
Content filtering is something every school system must perform. The hardware or software works through a child’s browser to look for specific words or content that matches the definition of undesirable content. The content filter will block this type of content immediately before it is displayed on the browser.
Content filters offer different types of features. Filters often send content through web proxies, gateways, or browser extensions to allow for screening and filtering. Some content filtering solutions can scan images, but many rely on filtering based on text. Some filters offer machine learning or artificial intelligence to “learn” from its work, and reduce the instances of false positives or negatives.
What are the Pros?
What are the Cons?
Cloud security uses APIs to analyze and control what is happening in cloud applications like Google’s G Suite, Google Drive, Office 365 Mail, OneDrive, and SharePoint. As a result, K-12 IT staff will have the visibility to see what is happening within a cloud application.
You’ll be able to control the activities and behavior of user accounts within these cloud apps, based on the policies you define. The security application can detect, alert, and block activities that violate regulations and the school policies you create. Cloud security will protect you from malware, phishing, account takeovers, data breaches, and other security threats.
Cloud security is different from the native security offered by application vendors, such as Google cloud security. While Google does an excellent job with its offering of G Suite for education security features, those features don’t provide the overall level of protection school districts require and the admin console can make it difficult to find the information system admins need to remediate issues quickly.
What are the Pros?
What are the Cons?
As you can see, K-12 content filtering and cloud security are two different ways of providing protection online. One isn’t better than the other, and one can’t replace the other. The key is to use the right mix of both technologies to do all you can to protect your school district, employees, students, and their parents/guardians.