In a world where physical security in schools has so much urgency, coming from so many different threats, most teachers, school administrators and parents aren’t losing a lot of sleep over their school’s WiFi security. But perhaps they should be.
Cybersecurity and School Districts
Just last year, following cyber attacks in three different states, the United States Department of Education sent K-12 teachers, administrators, parents, and students a warning about cyber attacks against school districts
There’s even an education and public policy consulting firm, EdTech Strategies, that publishes and maintains a K-12 Cyber Incident Map -- which tracks emerging cybersecurity threats targeted at United States K-12 public schools.
But this isn’t a problem that’s just cropped up. School IT security has been in headlines and part of iconic pop culture going back decades.
In the 1986 movie Ferris Bueller's Day Off, the lead character, played masterfully by Matthew Broderick, hacks into his high school's mainframe computer system to reduce his number of recorded absences -- so he can still graduate on-time.
While this John Hughes classic film still has a rabid fan base decades later, Broderick’s cyber hacking antics in both Ferris Bueller's Day Off and his role in the 1983 movie War Games inspired the United States Congress to amend existing computer fraud law into “Computer Fraud and Abuse Act” (CFAA).
Decades later, a high school senior from Commack, New York (Long Island) breaks into his high school network to boost his grades and tamper with his classmates’ schedules. The lead perpetrator Daniel Soares makes headlines in the New York Post as the “Modern-day ‘Ferris Bueller.”
In this post, we’ll look at three areas that IT administrators at K-12 school districts need to address to manage user permissions and better control what students can access.
WiFi Design
Every school district with high-performance, secure, and reliable school WiFi infrastructure starts by making sound WiFi design decisions.
When approaching conversations about WiFi security, district IT administrators need to make sure that their networks include industry-standard firewalls.
But the harsh reality -- school wireless networks face challenges that are unique compared to other IT environments. So it’s especially crucial that districts layer on additional security measures before firewalls such as:
- Network Access Control (NAC) -- A security solution that controls access to your network, sound NAC restricts access to network resources to those endpoint devices that comply with your security policy.
- Load balancing -- In a world where consumption of streaming video continues to grow at a record pace, and video conferencing is now mainstream, school WiFi environments need ways to distribute user traffic in high-density areas so that all users can enjoy high-performance, secure, and reliable wireless network access.
- Adaptive Radio Management (ARM) -- While end users are generally completely unaware just how dependent WiFi networks are on radio frequency (RF), school district IT administrators should make sure that their school WiFi supports Adaptive Radio Management (ARM). This functionality should be built into the wireless networking (WLAN) platform and adjust RF characteristics as needed to improve network performance.
WiFi Software
So now that you know about design considerations for improving school’s WiFi security, consider the software that’s used on a daily basis.
In a mobile-first, digital-centric world, there are three software capabilities especially important for school district IT administrators to hone in on:
- User management -- With many parallels to how districts address physical security, WiFi security also needs to take into account how different users are granted different levels of permissions -- beyond the basics of effective user management on the network.
- Network segmentation -- At the absolute minimum, district IT administrators need their software to effectively segment student access from the resources that teachers, staff, and administrators can access. At the same time, effective network segmentation will help to control which websites students can visit while connected to school district WiFi resources.
- Network visualization -- When you take into account that one or two district IT professionals are often supporting hundreds, if not thousands of devices, the WiFi software platform needs to help visualize network usage, devices, applications, and hardware health in real time.
WiFi Management
Besides design and software considerations, school districts that want to provide world-class school WiFi and keep their WiFi secure need to think through how they’ll manage this infrastructure.
Since most school district IT administrators don’t have enough staff to specialize in any one discipline deeply, generalists can benefit greatly from partnering with specialists in areas of mission-critical importance -- such as wireless networking.
When looking for this kind of WiFi as a Service partner, school districts should prioritize:
- 24/7 network monitoring capabilities -- While uptime during school hours may appear to be the top priority, round-the-clock vigilance is needed to address WiFi security. The right partner will alert district IT administrators in real time when a threat is detected.
- Tier 2 support team -- School districts often endure slower response times and higher support costs when untrained generalists try to tackle complex WiFi issues. This is a common rookie mistake among school districts that don’t properly vet their WiFi as a Service partner. Instead, look for companies that are expert enough to troubleshoot and fix common issues without bringing an engineer or district IT manager on-site.
- Pre-scheduled 48-month hardware refresh -- Over time, as cyber attackers become more sophisticated, hardware and software vendors dramatically improve their core security features. However unlike desktop hardware, for example, where teachers, administrators, and students can see when an asset becomes highly-obsolete, school WiFi hardware is out of sight and frequently an afterthought when it comes to major hardware refreshes. One of the best ways to keep WiFi secure, reliable, and performing at peak levels is to keep the hardware current. With managed WiFi as a Service, pre-scheduled hardware refreshes become one less area for over-taxed IT administrators to worry about.
The Bottom Line on School WiFi Security
K-12 school districts today face more cybersecurity threats than ever before. While it’s well-documented that many districts across the United States face tremendous budget challenges, school district IT administrators need effective ways to protect students from harmful websites while creating more complex networks, with reinforced security, to keep the hackers out.
With properly configured and installed school WiFi hardware, that’s refreshed on a pre-set schedule, school districts can dramatically reduce the risk of network or hardware failure while simultaneously providing a much better end-user experience for teachers, administrators, and students. With WiFi as a Service, school district IT administrators can use software to see the health of their networks, while identifying, troubleshooting, and fixing errors in real time.
This approach reduces network downtime, protects important data, and makes sure that teachers, administrators, and students can stay connected at all times -- especially on super-critical days like during standardized testing.
To learn more about how your school district can dramatically improve its cybersecurity, with safe browsing and more secure data, request a design from the experts at designing, installing, and managing WiFi security for K-12 school wireless networks.