For many schools in 2023, BYOD (bring your own device) is seen as a positive option, giving students autonomy in bringing their own devices to school to engage with online learning.
While there are advantages in giving students the option of bringing their own smartphone, laptop or tablet to school, BYOD adds another layer of complexity to cybersecurity within schools. Every device connecting to the school’s network poses significant cybersecurity risks, the kind of risks schools can’t afford to take.
Schools are already vulnerable to an attack, with education institutions facing the highest data encryption rate (73%) compared to other sectors (65%), however the longest recovery time, with 7% taking at least three months to recover – almost double the average time for other sectors.
So while BYOD can help schools offer a high standard of education in a hybrid world, they can also put sensitive information at risk – for students, teachers, and institutions more broadly.
Data management systems, web-based platforms, social platforms, cloud services, remote-user-access software, and mobile-learning tools have allowed schools and universities to cut costs, drive efficiencies, and remove much of the friction involved in communicating with students (and their parents).
Before we give you our hints on how to create a secure BYOD environment, let’s look into the five biggest risks associated with BYOD:
When students use their own devices, there’s a higher chance they will intentionally or unintentionally download and install malicious software to their device, putting sensitive information such as student records and personal data at risk. We recommend encouraging students to only download and install software from reputable sources and to keep their devices updated with the latest security patches.
Students are likely to store sensitive information such as passwords and personal data on their devices, increasing the risk of potential for data theft. This information is especially vulnerable if devices are lost or stolen. At Truis we recommend encouraging students to use strong passwords, encrypt their data, and educating them on the risks of connecting to public WiFi networks and sharing personal information online.
Sensitive information on student devices can be vulnerable to unauthorised access if devices are not properly secured. We recommend having a policy in place to prevent students from accessing sensitive information (such as test scores and results) on other students’ devices, and providing guidance for students on the importance of strong passwords and two-factor authentication.
Not only do BYOD pose a risk to the individual data of students, but they can also pose a risk to the school’s network. Every device connecting to the school’s network puts the network at risk of being infected with malware, and puts sensitive information, such as student records and personal data, at risk. Our recommendation to mitigate this is to implement school network security measures, such as network access controls, firewalls, and intrusion detection systems, to protect the network from unauthorised access.
How Truis can help
It’s clear that having access to the network from a wide range of devices is now expected at many schools, and the days of having complete control over the devices being connected are gone. Users want to access the school system from anywhere and from any kind of device – whether that’s a Windows, Apple, Android, Chromebook or any smart device.
As the school year starts, now is the time to make sure you have a clear and comprehensive BYOD policy in place, outlining the acceptable use of devices, the responsibilities of students and the school, and the consequences for violating the policy. Additionally, schools should regularly educate students and parents on the importance of cybersecurity and how to protect their devices and personal information.
5 actions for minimising cybersecurity risks for BYOD:
Now is a great time to make sure these essentials are in place, and to remind students, parents and teachers of their responsibilities in keeping data safe and mitigating the cybersecurity risks associated with BYOD.
By encouraging vigilance, having clear policies in place, and proactively taking steps to minimise risk, you can start the school year with confidence around the use of BYOD.
Looking for support?
At Truis, we’re well versed in helping schools manage their end-user device security and protecting essential data from modern cyber threats.
From managing incidences to day-to-day maintenance of your school’s network security, we’re here to help.