Category: Education

New Year, New Cybersecurity Goals

This article originally appeared on the VMWare blog.
While the cybersecurity landscape may look daunting as the new year progresses, organizations should focus on building the proper strategies for protecting our valuable data and mitigating the endpoint security risks that 2020 promises to bring. This means taking a critical look at the past 12 months, and identifying the changes a security team can make now, that will be most impactful in the 12 months to follow.
Let’s explore some important enterprise security goals for an organization to consider, as 2020 advances.
Measuring Success within the New Year
One of the big buzz words of 2019 was “Zero Trust” – with the thought that the end user should have as little access to the device they are working on as necessary. We as an industry need to start measuring and scoring the trustworthiness of the products that we install in our environments. Exactly how do these products perform in the real world and not just in a lab? How do we know from day one that we can trust a product to perform in production? It is easy enough to allow security technology to win through traditional commerce, but truly successful products will win because customers decide to invest in renewals, and the poorly performing products will die. I expect that in 2020, we will start looking at the trustworthiness of applications and de-emphasize the focus on being impressed by marketing costs.
Calling a Time-out on Security Spending
When discussing the importance of a time-out on security spending, the following questions are important to consider: “Am I utilizing my security dollars efficiently,” and “How do I ensure that my organization is resilient based on the acquisition of new security?”
Companies have stuck to the same old playbook for years now, and it has one directive: buy more products. This isn’t going to result in the protection that enterprises require to combat hackers. As the new year approaches, businesses need to ensure that what they are already spending money on and deploying in the enterprise is actually working and protecting the environment. Today, organizations can expect to be compromised, but their ability to bounce back from such an attack will matter most to the company, its customers and partners.
This resiliency will also affect how the role of the CIO and CISO will develop within the next few years. CIOs are going to have to prove exactly how existing products are living up to their full potential. If they can’t show how current products will prevent and repair damage due to a cyberattack, then future investments will become even more scrutinized. As a result, we’re going to witness the introduction of protection level agreements guaranteeing that the strategies implemented will protect against certain severity levels of a cyber attack. With this in mind, it will become essential that CIOs and CISOs put a hold on any security spending, and take the time to reevaluate their security landscape to ensure the products they currently use are actually worth the investment.
Overcoming Vulnerabilities within the Education Industry
The most significant challenge for the education industry will rely on the identification and attraction of security professionals into the K-12 field. Budget constraints and advancement opportunities within the education sector for security specialists are generally not a great combination for attracting talented security professionals. Budget constraints may lead to the industry purchasing products that are tailored specifically to education use cases, but fail to follow secure development processes. This causes additional problems for the IT professional in the education system.
With this in mind, the education industry will also need to invest in personal development as 2020 continues. The industry as a whole is grossly under investing in its employees, and its IT department is no exception. Training courses must become a priority, not only to ensure all employees are keeping cybersecurity top of mind, but to help promote IT careers in the education sector. Without this focus, key IT players will soon discover better opportunities within another industry.
Striking a Balance Between Patient Care and Cybersecurity
In 2020, it’s going to be important for the healthcare industry to focus on building significant trust among healthcare professionals and IT security/privacy best practices. The balance of a patient’s life, accessing data quickly but accurately, and privacy concerns can be very conflicting, which puts cybersecurity on the backburner. In the new year, healthcare IT will need to provide greater and more robust security and privacy practices within their environments and better identify who requires certain privileges and access to patient data and systems.
It will also be important for the healthcare industry to better understand their environment and validate that their existing purchases are performing as expected – allowing better budget spend moving forward. Once this foundation is established, there is an opportunity for the industry to build on it, using tools that have already proved their worth and ensure a more seamless experience for the patient.
For more on the state of endpoint security, download the Endpoint Security Trends Report. 

Education Sector Calls for Resilience, Support in the Face of Cyberattacks

This article was originally published in eSchoolMedia.
Nearly 50 school districts and colleges have been pummeled by ransomware and other forms of cyberattacks in recent months. These have ranged in nature from disruptive, as in the case of the Flagstaff two-day closure, to catastrophic, such as in Louisiana where the governor recently declared a state of emergency following “severe, intentional security breaches” on school computer systems. Hefty ransomware demands are paralyzing districts, while also impacting students’ ability to learn and causing panic among faculty, families and children.
At Absolute, we recently released a report on the state of cybersecurity in the education sector—which leveraged data from 3.2 million active devices active in 1200 K-12 organizations across North America—and shows that complex IT environments and digitally savvy students are leaving schools massively exposed. More than 90% of education IT leaders are managing up to five versions of common applications, and 42% have students that are actively circumventing security via rogue VPN or web proxy apps.
Although we’ve closed out October and National Cybersecurity Awareness Month, it’s important to continue to shed light on this ongoing issue and seek answers for schools and their students, who remain some of the most vulnerable victims. While large enterprises receive training and guidance needed to help thwart a data breach, these practices remain almost non-existent within our schools – even though students today are much more tech-savvy than any previous student body. It’s this savviness that is actually proving to be a threat in itself, with students using their own digital know-how to work around any existing school security controls… and in parallel, opening up back doors for hackers to sneak in as well.
Although schools remain the second highest targets of these attacks, little has been done to alleviate these issues. IT leaders in schools simply don’t have the bandwidth to be as prepared as they should be for an inevitable cybersecurity incident, and the immediate response is to spend more money that doesn’t exist within an already limited budget. They are so underprepared and under-resourced that a new law has passed in the US senate, demanding that the federal government ramp up its support for organizations hit by ransomware. No organization could be in greater need than the local elementary school.
Staying calm and maximizing existing defenses are two critical ways to combat a threatening cyberattack. But in order to provide answers and assurances to rightfully concerned parents and faculty, visibility is a non-negotiable. It’s visibility that makes it possible to assert and maintain control. You can ensure the school’s internet safety policies are adhered to and set up alerts to flag any suspicious activity or non-compliant devices. You can take steps to protect highly sensitive student information if a device ends up lost, or in the wrong hands. With full visibility and control, the most effective decisions can be made to limit the extensive damage a cyber attack can cause and will create a more resilient defense system to protect against future attacks.
There were 160 publicly-disclosed security incidents recorded this past summer. The impacts of a data breach can shake normality for any organization, and when it comes to the education sector, schools are being forced to close their doors and wait for the crisis to pass. It is one thing for a hurricane or the next blizzard to cause school closures… it’s another for a cyber attack to disrupt the ability to educate on schedule. The education sector is calling out for assistance, and it’s time to start listening.

5 Steps to Securing Your School’s Devices Over the Holiday Break

Much to the delight of students, faculty and administrators everywhere, holiday break is almost here! But they aren’t the only ones eagerly anticipating end of semester school closings: criminals are also waiting for campus shutdowns so they can take advantage of the valuable technology now commonplace in schools, from K-12 to colleges and universities.
Before taking off for the semester break, follow these easy steps to ensure your school’s devices and students are safe:

Remind users of safe behavior. Students, faculty and staff that take devices with them should be reminded (more than once) not to leave their individual or school-owned laptops or tablets in cars or other places where they can be easily spotted by crooks looking for an easy score. If someone does fall victim to theft or loses a device during the break, be sure to make available clear direction for course of action you expect. Who do they notify and how?
Update device software. Cyber criminals are equally as troublesome this time of year, with holiday phishing emails putting school networks at grave risk for cyberattack. Use the holiday downtime to push updates to device software and patch known vulnerabilities. If this sounds like an overwhelming task, consider relying on automation for help.
Track your devices. If a device does go rogue, you have a very vulnerable attack vector. Key to mitigating this risk is uncompromised visibility and control over the device, whether it’s on or off the network. Being able to quickly locate a missing or stolen device means you can remotely shut down unwanted network access and, if all goes well with law enforcement’s help, even retrieve stolen devices.
Store devices in locked cabinets and/or alarmed areas. It sounds obvious but you’d be surprised how many laptops, tablets, virtual reality headsets, digital cameras and other small-sized tech gadgets can be left lying around. This type of tech is in high demand and easy to swipe so make it harder for the thieves and keep everything under lock and key.
Don’t leave technology in plain sight. While a determined thief will break in regardless, you can prevent your school becoming victimized by someone who otherwise may not have considered pilfering your school’s tech. Remove from view or cover any larger equipment like desktop computers, printers, interactive whiteboards, and other tech that will be left behind.

Technology in our schools enable modern learning paths and brings a new level of innovation to the classroom. But it must be protected. You can safeguard your investment – not to mention your students, teachers and administration along with their  data – with the Absolute platform. In the event of loss or theft, you can remotely detect and remediate devices to prevent potential security issues and ensure compliance.
To learn how Klein Independent School District in Klein, Texas tracks, manages, repairs and recovers devices in their 1:1 computing program, download the case study.

Building your Case for School Technology Budgets

By 2025, technology spend in K-12 is forecasted to reach $342 billion. But with school districts around the nation continuing to face serious budget crises, technology in the classroom must be fought for despite its innovative learning properties.
There’s no arguing the cost of rolling out Edtech programs like one-to-one computing and similar initiatives requires significant investment in devices, applications, bandwidth and more. The expectation for every school board then is a demonstrable return. To ensure sustainable student technology programs, administrators must be able to show the positive effects of their technology investments. ROI matters.
The best indicator of ROI is almost always found within learning outcomes but getting to the data that proves technology is escalating scores in this area isn’t always easy.
Data-driven Insights
With a one-device-for-every-student program, an important metric to monitor is device use. But use should go far beyond simple distribution figures including how are devices being used. Are they being to their full potential on campus or are they left idle? What does student web activity look like? How many times does a device leave the classroom? Are devices being used at home and for how long?
In our recent study of 3.2 million anonymized K-12 endpoint devices, Cybersecurity and Education State of the Digital District in 2020, we found devices are actually too-often underutilized. 21 percent were used for <1 hour per day and 60 percent of devices weren’t used by students at home.
For more on device use in schools, read: Cybercriminals Take Aim at K-12
With this and similar such district-wide data, administrators can assess student groups or even individual users and make more informed decisions on improving academic performance.
This kind of analytical information comes only with full visibility of the devices in your endpoint inventory, however. With this kind of insight, you should also have extensive control over those devices, no matter whether they are on or off the district network. Where are they, what are they running, and are their security applications working as they should?
Endpoint Visibility, Control & Resilience
Full visibility and control over these devices will mitigate risk, improve operational efficiency, ensure internet safety policies are adhered to and, when done right, demonstrate compliance so that future discounts from such organizations as e-Rate and Student Support and Academic Enrichment (SSAE) are possible.
Full visibility and control over your device population also provides you with another very powerful capability – endpoint resilience. Making the most of the devices you have, both in and out of the classroom, will improve learning outcomes. Making the most of the tools you have on those devices will tell you whether or not they are working as they should or if they are exposing your district to cyber risk.
For more on how to prove classroom technology ROI and mitigate the risk that technology inevitably brings to students, educators and staff, watch our latest episode of Cybersecurity Insights, K-12 Education 1:1 Programs. And while you’re at it, be sure to subscribe to the Cybersecurity Insights playlist on YouTube.

Schools Under Cyber Siege Need a Path to Resilience

Originally published in THE Journal.
Just as the school year kicked off, families on opposite sides of the U.S. faced temporary school closures. Mother Nature was responsible for some. But not all. While several southeastern states dealt with the effects of Hurricane Dorian, across the country, one Arizona city encountered a very different type of scare. Cybercriminals waged a ransomware attack on the Flagstaff Unified School District, forcing a two-day shut down for 15 schools serving almost 10,000 students.
Flagstaff is far from alone. In July and August, 2019, the number of publicly disclosed security incidents in K-12 schools reached 160 — exceeding the total of all incidents experienced in 2018 by an incredible 30 percent. Nearly 50 school districts and colleges have been hit with ransomware so far in 2019 ranging in nature from disruptive, as in the case of the Flagstaff two-day closure, to catastrophic, which describes the scene in Louisiana when the governor recently declared a state of emergency following “severe, intentional security breaches” on school computer systems.
The Education Sector is Facing a Crisis
It’s one thing for impassible roads to hit pause on a school schedule. It’s an entirely different and unacceptable scenario when cyber extortion not only gets in the way of educating our youth but puts data pertaining to their health, academics and social development at risk of exposure and compromise — not to mention the public funds that are flushed away to ransom payments and cleanup efforts. Yet here we are, co-existing with cybercrime as the new normal and witnessing escalating ransomware attacks turn schools into the second-largest victims of all sectors.
The pace of growth of the “digital school district” continues to climb given the many benefits technology brings to students and educators. Funding for educational technology has increased by 62 percent in the last three years, and the new U.S. Digital Equity Act proposes to commit federal dollars to bring even more tech to the classroom. And while the many benefits of the digital classroom are clear, this rapid growth, combined with complexity and the continued restricted budgets for management, make our schools and our students increasingly vulnerable.
When Complexity and Risk Plague Today’s Digital Classroom, Resilience Matters
Technology is no doubt an asset, though we need to acknowledge not just the risks to student safety and privacy it poses, but also the complexity that IT folks have to wrangle. Education IT leaders once responsible for a few hundred devices, a few dozen apps and a single network have now found themselves managing tens of thousands of devices (as 82 percent of schools now provide students with them), hundreds of apps, and a distributed set of users accessing unknown networks — all with limited resources and budget in most cases. Meanwhile, by clicking on one bad link on a school-issued device, a student can become a conduit for a ransomware attack.
As endpoint and environmental complexities increase, and risk alongside them, it’s no surprise that 68 percent of education IT leaders in the U.S. list cybersecurity as their top priority. In tandem, several state governments, including Louisiana, Texas and North Dakota, have stepped up their efforts to safeguard schools against cyberattacks with various measures such as cyber policy mandates, cyber commission formation and state IT department oversight for schools.
For policymakers, educational institutions and their IT leaders, and even concerned parents, collaborative cybersecurity efforts should rally around the concept of resilience, or the ability to bounce back. Here are three steps to get on the path to cyber resiliency:

Battle the false sense of security. Millions of dollars of public funds are invested in applying security controls in schools — giving parents and educators a false sense of security. Many of these controls are fragile or by-passable — meaning that without consistent monitoring, you may be more exposed than you think. Make the most of the tools you already have and spend your budget on more impactful projects. Ask the question, “Are the controls we already have in place functioning at all times?”. Security controls cannot protect you when they are taken offline by wiley students, or bypassed. Foundational device controls include, at a minimum, anti-malware, encryption, authorized VPN, patch/client management, and web-filtering/firewalling on the client — and all need to be based on a platform that enable visibility and resilience for IT.
Strengthen your immune system. In the complex world of endpoint security, increased security spending does not equate to increased safety any more than taking more vitamins guarantees you will never get the flu. In fact, every additional security tool, while adding protection, also increases the complexity on the endpoint and therefore the probability of failure as agents. A recent Absolute study reveals that schools that have encryption in place experience agent failures on an average of nine devices per day — almost half of which never recover, leaving students and staff at risk of potential data breaches. In order to protect your students, your data and your investment, ensure you have fundamental controls activated to gain a persistent connection to each device — on or off the school network. It’s only then that you can repair or replace critical apps that have been disabled or removed.
Make cybersecurity the air students breathe. Creating a culture of online security and open communication about online threats is not just good practice, it’s an ethical responsibility. Turn it into a game; teach students what attackers do, test them on practical examples, and give each of them a sense of achievement when they win. Yammering on about ransomware crippling the school or how awful an attack would be for their district is unlikely to stop an 11-year-old trying to circumvent security policies. Let them know what villains may try to do, and challenge them to step up and help stop them. Provide a means for them to report suspicious online behavior without fear of punishment. Make them the hero of the cyber resilience story.

The pace of ransomware attacks on schools in 2019 suggests another victim will feel imminent pain and, as such, the urgency to heed these steps cannot be overstated. It’s a tricky balance but doable to enable the digital classroom to thrive, while also protecting student safety and privacy.

How Klein Independent School District Maximizes Their 1:1 Program

Technology in our schools enables modern learning paths and brings a new level of innovation to the classroom. While it is inarguable that technology has enriched the lives of students, it has also introduced significant risk. Today’s K-12 technology leaders are faced with a multitude of challenges brought on by high-tech learning environments including student, faculty and staff safety and privacy, growing IT complexity, device loss and/or theft and demonstrable resource ROI. To track, manage, repair and recover across more than 37,000 endpoint devices, the Klein Independent School District (ISD) in Klein, Texas turned to Absolute.
Maximizing a One-to-One Computing Program
Klein ISD is known for its innovative culture and dedication to leveraging technology to empower students and staff to harness the latest advancements in education. It made perfect sense then when they deployed a one-to-one computing program that provisions one device for each student.
For the last ten years, Klein ISD has leveraged Absolute for its ability to provide a single source of truth into their device fleet and manage them remotely. They also rely on Absolute for deep analytics on device use and the protection of student, faculty and staff data. To deploy Absolute, Klein ISD simply activated the technology already embedded in each device at the manufacturer.
“Initially, stop loss was the primary reason we chose Absolute, but what keeps us at the table today is their ability to provide us with more information about what’s being stored on the devices and what’s being utilized,” said Chris Cummings, Information Technology, Teaching & Learning, Klein ISD. “I continue to choose Absolute because of their innovation. They help us stay ahead of compliance and offer the latest advantages to our students and faculty.” 
Peace of Mind
Nationally, cybersecurity spend is on the rise. The 2019 CIO Agenda K-12 Education Industry Insight report from Gartner found that 47 percent of K-12 organizations plan to make cybersecurity their primary investment. However, recent research by Absolute found that, in the complex world of endpoint security, increased security spending does not equate to increased safety. In fact, every additional security tool only increases the probability of failure as agents and controls conflict with one another on the endpoint.
According to global Absolute research, Cybersecurity and Education: The State of the Digital District in 2020, 38 percent of patch agents require at least one repair monthly and 28 percent of encryption agents fail monthly. Without visibility and control of endpoint devices, students and districts are exposed.
For Klein ISD, this meant a reliance on Absolute for their tamper-proof device visibility and control for a persistent, self-healing connection between IT and all devices, whether they are on or off the network.
“It’s one thing to implement a security program; it’s another to measure the effectiveness of your security program,” Cummings added. “And with Absolute, we’re able to verify just how effective our program really is.”
Understanding what’s happening on the devices, responding to suspicious events, and empowering applications to persist and automating their restoration when incidents occurs is the key. To learn more about how Klein ISD benefits from Absolute, download the full case study: The Power of Persistence Maximizes Klein Independent School District One-to-One Computing Program.

It’s Time To Solve K-12’s Cybersecurity Crisis

This post was originally published in Forbes magazine by Louis Columbus.

There were a record 160 publicly-disclosed security incidents in K-12 during the summer months of 2019, exceeding the total number of incidents reported in all of 2018 by 30%.
47% of K-12 organizations are making cybersecurity their primary investment, yet 74% do not use encryption.
93% of K-12 organizations rely on native client/patch management tools that have a 56% failure rate, with 9% of client/patch management failures never recovered.

These and many other fascinating insights are from Absolute’s new research report, Cybersecurity and Education: The State of the Digital District in 2020​, focused on the state of security, staff and student safety, and endpoint device health in K-12 organizations. The study’s findings reflect the crisis the education sector is facing as they grapple with high levels of risk exposure – driven in large part by complex IT environments and a digitally savvy student population – that have made them a prime target for cybercriminals and ransomware attackers. The methodology is based on data from 3.2M devices containing Absolute’s endpoint visibility and control platform, active in 1,200 K-12 organizations in North America (U.S. and Canada). Please see full report for complete details on the methodology.
Here’s the backdrop:

K-12 cybersecurity incidents are skyrocketing, with over 700 reported since 2016 with 160 occurring during the summer of 2019 alone. Educational IT leaders face the challenge of securing increasingly complex IT environments while providing access to a digitally savvy student population capable of bypassing security controls. Schools are now the second-largest pool of ransomware victims, just behind local governments and followed by healthcare organizations. As of today, 49 school districts have been hit by ransomware attacks so far this year.

“Today’s educational IT leaders have been tasked with a remarkable feat: adopting and deploying modern learning platforms, while also ensuring student safety and privacy, and demonstrating ROI on security and technology investments,” said Christy Wyatt, CEO of Absolute.
Research from Absolute found:
K-12 IT leaders are now responsible for collectively managing more than 250 unique OS versions, and 93% are managing up to five versions of common applications. The following key insights from the study reflect how severe K-12’s cybersecurity crisis is today:

Digital technologies’ rapid proliferation across school districts has turned into a growth catalyst for K-12’s cybersecurity crisis. 94% of school districts have high-speed internet, and 82% provide students with school-funded devices through one-to-one and similar initiatives. Absolute found that funding for educational technology has increased by 62% in the last three years. The Digital Equity Act goes into effect this year, committing additional federal dollars to bring even more technology to the classroom. K-12 IT leaders face the daunting challenge of having to secure on average 11 device types, 258 unique operating systems versions and over 6,400 unique Chrome OS extensions and more, reflecting the broad scale of today’s K-12 cybersecurity crisis. Google Chromebooks dominate the K-12 device landscape. The following graphic illustrates how rapidly digital technologies are proliferating in K-12 organizations:

42% of K-12 organizations have staff and students regularly bypass security endpoint controls using web proxies and rogue VPN apps, inadvertently creating gateways for malicious outsiders to breach their schools’ networks. Absolute found that there are on average 10.6 devices with web proxy/rogue VPN apps per school and 319 unique web proxy/rogue VPN apps in use today, including “Hide My Ass” and “IP Vanish.”  Many of the rogue VPN apps originate in China, and all of them are designed to evade web filtering and other content controls. With an average of 10.6 devices per school harboring web proxies and rogue VPN apps, schools are also at risk of non-compliance with the Children’s Internet Protection Act (CIPA).

While 68% of education IT leaders say that cybersecurity is their top priority, 53% rely on client/patch management tools that are proving ineffective in securing their proliferating IT infrastructures. K-12 IT leaders are relying on client/patch management tools to secure the rapidly proliferating number of devices, operating systems, Chrome extensions, educational apps, and unique application versions. Client/patch management agents fail 56% of the time, however, and 9% never recover. There are on average, nine daily encryption agents’ failures, 44% of which never recover. The cybersecurity strategy of relying on native client/patch management isn’t working, leading to funds being wasted on K-12 security controls that don’t scale:

“Wyatt continued, this is not something that can be achieved by simply spending more money… especially when that money comes from public funds. The questions they each need to be asking are if they have the right foundational security measures in place, and whether the controls they have already invested in are working properly. Without key foundational elements of a strong and resilient security approach in place – things like visibility and control, it becomes nearly impossible to protect your students, your data, and your investments.”
Providing greater device visibility and endpoint security controls while enabling applications and devices to be more resilient is a solid first step to solving the K-12 cybersecurity crisis. Thwarting the many breach and ransomware attacks K-12 organizations receive every day needs to start by considering every device as part of the network perimeter. Securing K-12 IT networks to the device level delivers asset management and security visibility that native client/patch management tools lack. Having visibility to the device level also gives K-12 IT administrators and educators insights into how they can tailor learning programs for broader adoption. The greater the visibility, the greater the control. K-12 IT administrators can ensure internet safety policies are being adhered to while setting controls to be alerted of a suspicious activity or non-compliant devices, including rogue VPNs or stolen devices. Absolute’s Persistence platform provides a persistent connection to each endpoint in a K-12’s one-to-one program, repairing or replacing critical apps that have been disabled or removed.
You can download the full Absolute report here.

Cybercriminals Take Aim at K-12

The school year is underway and millions of devices are now in the hands of students. More than 80 percent of today’s K-12 organizations provide computers to students and an estimated 70 percent of schools will be one-to-one by 2020.  With school-issued devices commonplace, schools have become easy targets for cyberattacks.
Since 2016, nearly 700 cyber incidents have hit K-12 organizations. And threats like ransomware have forced schools to close their doors, and even compelled Louisiana’s Governor to declare a state of emergency after several schools were wrecked by the Ryuk ransomware in the summer of 2019.
The K-12 attack surface has lured cybercriminals, but the technology itself has also become somewhat of a nightmare. In Absolute’s new study, Cybersecurity and Education: The State of the Digital District in 2020, we looked at 3.2 million devices across 1,200 schools and discovered over 6,400 unique Chrome extensions in-use, 319 security bypass apps (e.g. rogue VPN), and more than 130,000 app versions. The IT complexity is staggering.

Based on the new research, we see three key challenges facing today’s K-12 technology leaders – challenges no other industry faces.

Savvy students — more than five times as many tools for users to tunnel around security controls and policies than other sectors. (rogue apps were found in 42 percent of organizations)

Increased complexity — within five years, K-12 IT leaders have gone from managing a couple of operating systems, a handful of apps, and a few hundred devices to managing hundreds of versions of operating systems, apps, extensions, and thousands of devices. (93 percent of common apps are outdated)

Increased endpoint risk — as complexity expands, so does risk, leaving both students and schools increasingly vulnerable to cyberattacks. Case in point: schools have become the second-largest pool of ransomware victims, slightly behind local governments and closely followed by healthcare organizations. (56 percent of patch agents fail)

It is no surprise then, that 68 percent of K-12 IT leaders say cybersecurity is their top priority, and nearly half (47 percent) say their primary investment will be security controls and tools. But K-12 IT leaders must carefully consider their plans for more security spend and take aim at cyber resilience above all else.
School districts are saddled with the expectation to demonstrate ROI (the effects of the one-to-one program) but on the other hand, they need to keep tabs on security and inventory gaps in a quickly growing endpoint population. Read: Quantifying K-12 Device Use with Absolute.
How do you solve the riddle? Resilience is the key.
Winning the Battle Against Cyber Threats
It is increasingly critical school districts work to reduce IT complexity and improve endpoint resiliency by gaining visibility to every device everywhere. Then, IT leaders can identify use patterns, justify tech spend for maximum ROI, and discover device use patterns and rogue apps, how often devices are used, and what risks students are creating. K-12 IT leaders can rely on Absolute to unmask complexity risks and automate endpoint security—restoring fragile security controls, apps, and agents—to safeguard digital learning for the next generation.
To learn more about the cyber risks facing today’s K-12 schools, download the full report Cybersecurity and Education: The State of the Digital District in 2020.
 

Back to School – Laptop Theft 101

Stop me if you’ve heard this one before: Did you know that according to Gartner, a laptop is stolen every 53 seconds? It’s not a joke. According to the University of Pittsburgh your laptop has a 1 in 10 chance of being stolen and a nearly 98% chance of never being recovered. Did you also know that nearly HALF of all laptop thefts occur in classrooms?
Most students aren’t likely to to think twice about the value of data on their laptop; they instead think the device itself holds the true value. This couldn’t be further from the truth. The true price of a lost or stolen education device goes far beyond the value of the machine itself. Think of the countless hours and crushing brain energy spent researching and drafting your final thesis, sculpting your musical magnum opus, or the 2,000+ layer Photoshop or Illustrator file you’ve contributed to every week and weekend for the last 4 months of your life. Truth is the data on your device represents irreplaceable concentration, time and effort – invaluable commodities in today’s fast paced digital landscape.
Losing a device is one thing, but losing the data on it – potentially hundreds of hours of work – can drastically interfere with your education goals not to mention cause additional stress during an already difficult time of your life. Don’t take that risk.
Of course there are software ‘solutions’ like popular anti-theft products but they’re bulky, expensive, and stop short of offering TRUE protection. Sure, many can tell you the location of your device but will they actually assist in the RECOVERY of your device once it’s missing or stolen?
What then can be done to protect your device AND it’s data? Beyond protective software, you can start by practicing our top ten recommendations for laptop security:

Never leave your laptop unattended .
Keep your laptop in a secure, hidden place .
Lock doors and windows when you’re not in your room .
Use a discreet laptop case .
Never leave your laptop in your vehicle .
Purchase a Laptop Theft Recovery Solution .
Personalize your laptop’s looks .
Write down your laptop’s serial number .
Use secure passwords and update them regularly .
If someone tries to take it, give it up – it can be replaced… you can’t !

What happens when even these tried and true methods fail, I hear you ask?
Luckily there is one solution that can and will go the extra distance; Absolute Home & Office, with features including device locate, remote content lock and delete, as well as a theft recovery team who works with local law enforcement to actually recover your stolen or missing device. Education pricing is $29.99 for a PREMIUM 1 year plan, or you can get the STANDARD product for just $1.99/month.
Stay safe out there.

Quantifying K-12 Device Use with Absolute

K-12 schools across the country rely on technology to further individualized learning but quantifying the efficacy of this effort and maintaining the fleet of devices that one-to-one computing requires comes with unique challenges. With funding opportunities on the decline, schools are increasingly challenged to prove that technology has had a meaningful impact on student outcomes.
Loudoun County Public Schools (LCPS) is the third largest school division in the Commonwealth of Virginia with more than 78,000 students in 89 facilities. In order to support their personalized learning initiative, the district invested heavily in a one-to-one program for students and staff, adding thousands of devices for use in-classroom, at home, or by teachers who travel.
The Challenge: Demonstrate Device Use and Keep Them Secure
In order to secure the budget for the purchase of tens of thousands of devices, Dr. Rich Contartesi, CIO for LCPS, was tasked with demonstrating device utilization rates, no matter if the device was on or off the school network, to drive consensus that teachers did need a laptop and that students were benefiting from using laptops in the classroom. The Board also needed assurances that security of sensitive data and device theft recovery were prioritized to safeguard the investment in these devices.
Read: Student Technology Analytics Key to K-12 Digital Learning
The Results: Increased Device Utility and Minimized Risk
Using Absolute, LCPS was able to provide quantitative information on device utilization rates right away. With security in mind, LCPS chose to purchase Dell laptops, which are protected from the factory with Absolute Persistence. Out of the box, these devices are able to withstand tampering and may be tracked no matter where they travel. With Absolute, the LCPS IT team now receives automated alerts on anomalies, so they can focus on reviewing potential security issues and taking action to ensure endpoint protection and data privacy.
“We were able to provide the board with quantitative information about device utilization that derives consensus so the budget could be approved. Also, peace of mind with security, privacy and theft recovery,” Contartesi said.
With Absolute, LCPS now has peace of mind of endpoint security, device theft recovery and data privacy. They have minimized their risk and increased the value and utility of their devices.
Learn more about how Absolute enables personalized learning at Loudoun County Public Schools by minimizing risk and increasing device utility.

Loading

Categories