Friday, May 10, 2024

New Cybersecurity Protocols Coming in 2024–25

The Department of Technology & Innovation provides and maintains a wide variety of apps and software supporting teaching and learning in Barrington 220. We strive to offer a robust selection and work to maintain a climate of discovery and innovation among our staff. However, we recognize that partnering with hundreds of third-party providers with whom we share information presents potential risks, and the safety and privacy of staff and student information is a top priority.

Education institutions are currently the top target for cybercriminals. Studies show that schools and universities faced the highest number of cyberattacks compared to other industries in 2021 and 2022 (Forbes, 2023). Between 2018 and 2023, Ransomware attacks cost educational institutions an estimated $53 billion globally, and an estimated 6.7 million student and staff records were breached during that same time. Educational institutions are attractive targets for attackers due to the large concentration of personal information combined with increased vulnerabilities (NPR, 2024).

As a result of increased risk in public education, insurance companies that insure school districts against financial loss due to cyberattacks have increased regulations for districts seeking their services. The Department of Technology & Innovation constantly review our cybersecurity protocols. Beginning in Fall 2023, we worked with cybersecurity organizations and other innovative school districts to identify areas for improvement in our app and software deployment processes. 

Currently, Barrington 220 provides a mix of open and secure access to apps and software for staff and students. Open access allows students or staff to download and access applications from open sources such as websites or the Apple App Store. While this provides more flexibility and customized user experience, it also greatly increases the risk of a cyberattack. Secure access requires staff or students to access apps and software through secure environments such as the Jamf Self Service software download system. This approach is more restrictive, but provides a more manageable and secure digital environment. 

Current Levels of Software Access


Open Access

Secure Access

iPadOS Apps

  • High school students

  • All staff

  • Elementary students

  • Middle school students

macOS Applications

  • All staff

  • High school students


Changes in 2024 Levels of Software Access


Open Access

Secure Access

iPadOS Apps

  • High school students

  • All staff

  • Elementary students

  • Middle school students

macOS Applications

No Open Access
  • High school students

  • All staff


Changes in 2025 Levels of Software Access


Open Access

Secure Access

iPadOS Apps

No Open Access
  • Elementary students

  • Middle school students

  • High school students

  • All staff

macOS Applications

No Open Access
  • High school students

  • All staff

During the 2024–25 school year, we will shift from a mixed-access environment to a secure-access environment. This means that all apps and software used on district-owned devices must be vetted and approved before they are available for installation. This will be done in two phases, starting with macOS apps (including apps that run on MacBook Air laptops and Mac desktops) next year and iPads the following year. 

2024-2025—Effective at the beginning of the 2024–25 school year, all student and staff Mac laptops (and other macOS devices) will be Secure Access only. Users will only access and install macOS apps that have been vetted as secure using the district’s Self Service system. 

2025-2026—By the start of the 2025–26 school year, all district-issued iPad devices will have Secure Access only. Users will only access and install iPadOS apps that have been vetted as secure using the district’s Self Service system. 

The technology team will work with all users to ensure they continue to have access to the apps and software they need. This shift will not impact web-based platforms. Please contact your building LTA if you have any questions or concerns. 


References

Cardoza, K. (2024). Hackers are targeting a surprising group of people: young public school students. NPR. www.npr.org/2024/03/12/1237497833/students-schools-cybersecurity-hackers-credit

Hess, F. (2023). The Top Target For Ransomware? It’s Now K-12 Schools. Forbes. www.forbes.com/sites/frederickhess/2023/09/20/the-top-target-for-ransomware-its-now-k-12-schools/



No comments:

Post a Comment

Popular Recent Posts