Many districts lack adequate cybersecurity for cloud-based environments — possibly because they don’t know what protections are already in place.
Thirty percent of K–12 school districts lack cloud application security, according to a ManagedMethods survey of 214 district-level administrators released last month. Of those surveyed, most respondents use Google Workspace and Microsoft 365 in their district; only 6 percent do not operate any cloud-based environment.
Google and Microsoft’s cloud environments are used widely in K–12 districts, with Google Workspace for Education boasting 170 million users across K–12 and higher education institutions. Cloud environments are growing in K–12 schools, with teachers and students finding freedom in the flexibility of cloud-based tools and applications.
One possible explanation for the lack of cloud security is a misunderstanding about the built-in security offered by cloud providers. “One of the things that gets glossed over in education is that — when you go to the cloud and you’re in that shared responsibility model — you are still responsible for your data. You may not physically have the server onsite, but it’s still your data, and you’re ultimately responsible,” said Andy Lombardo, technology director at Maryville City Schools in Tennessee, in a recent ManagedMethods webinar.
To that end, 60 percent of respondents in the ManagedMethods survey said they had a great deal or quite a lot of confidence that the data stored in their cloud environments was private and secure. “They do provide some security, but it is extremely basic,” says Anthony Glowacki, senior inside solution architect covering cybersecurity at CDW•G. “Since users are the strongest and weakest link, we have to provide a lot of security around users.”
by Rebecca Torchia, EdTech Magazine