Fighting App Fever: 4 Steps for Ensuring Your District’s Applications are Secure and Under Control

By Tom Munson posted 12-09-2021 02:02 PM

  
Can all those applications jeopardize your district’s cyber security?

Cybersecurity is a buzzword for a reason. Cyberattacks are on the rise in the U.S., having increased 18% YOY. On a national basis, reported attacks are almost three per day. School leaders are gathering their defenses – and rightfully so. But a lot of the initial action revolves around securing hardware, like servers, routers, personal computing devices, and the network. Districts marshal their defenses of the hardware technology like its physical armor – and, like armor, there are gaps where smaller, learner attacks, like arrows, can get through. How about all of those known and unknown educational applications used by teachers, students and staff? They can be arrows.

It’s critical that schools not overlook applications when doing a comprehensive security assessment. Some of these apps are part of the standard curriculum. Others are introduced to students by teachers to enhance the learning experience. On average, school districts use between 400 and 2000 educational apps every week. According to Statista, in the first quarter of 2020 alone, the Apple App Store had 470 million downloads of educational apps. During the same time frame, users downloaded 466 million educational app downloads in Google Play. Those numbers are staggering, and they’re only growing. Today, you can find thousands more on the virtual shelves.

But not all apps are engineered equally. Even applications that move the needle for learning in the classroom may not have the best measures in place to protect your students. As teachers increasingly rely on applications, school districts can become more vulnerable to security breaches, including the loss of personally identifiable information, or opening a backdoor into your network and devices.

4 Steps for Securing Your Educational Applications

Just because there’s risk, though, doesn’t mean your schools need to toss out all of those fantastic applications! Here are the steps you should take to get “App Fever” under control:

1.     Get a third-party assessment.

Utilize a third-party party organization to conduct a security assessment that evaluates all of your technology, including educational applications, as well as business and security processes.

2.     Establish and maintain a security process.

After your assessment, you and your third-party security partner would discuss an on-ongoing protocol for identifying new applications being used, as well as monitoring of daily, weekly, and monthly reporting.

 

3.     Vet your applications.

One big change that should come with that protocol? School Districts should implement an App submittal and Evaluation Approval process to reduce the number of unvetted applications showing up on school networks and devices. To help make determinations of which apps should and shouldn’t be approved, you can utilize third-party badging and security reviews from organizations like the Student Data Privacy Consortium or IMS Global Imaging, as well as the privacy statements on applications.

 

4.     Keep a public record of all approved applications.

You can publish a list of all approved apps on the school’s website, organized by subject matter and the intended grade levels. This helps everyone, including parents, keep track of what’s officially approved and in use.

 

App Fever isn’t going away. As we shift more educational weight to cloud applications and device-based learning, were relying more and more on innovative applications to propel students into new digital futures. As we keep our sights on their bright futures, though, it’s critical that we also maintain our tight watch on their safety now. A security assessment, along with established and enforced protocols, will help you ensure your applications are safe for your students, your faculty, and your staff.

 

 

Tom Munson is a Senior Account Executive at DataServ. 440.773.6072 | tmunson@dataservtech.com

 

 

0 comments
21 views

Permalink