According to UNESCO, 194 nation-wide school closures impacted nearly 1.6 billion K-12 students. Practically overnight, students, staff and faculty have had to transition to remote learning environments. For the most part, elementary, middle and high schools, as well as colleges, are shuttering physical classes for the foreseeable future and are moving class instruction online until they can reopen safely. Students and teachers have to access class from home, accessing the educational institutions’ network from several different locations.
Even without the current COVID-19 health crisis, monitoring networks for remote users can be challenging. This stark increase in remote learning means that there will be a sharp rise in the amount of traffic traveling through remote-access networks.
For IT administrators for school districts, remote learning is rather fickle environment that can present a number of unique challenges because of the lack of visibility and control over the environment. The ability to identify and resolve connectivity issues quickly is lost. Physical security policies cannot be practically applied. Also, many administrators also have to work from home themselves and have to monitor the availability and performance of the networks remotely.
Here are some challenges you will have to navigate when tasked with network monitoring for remote schooling.
1. Insecure Home Tech Configurations
You will not be able to regulate how users connect to the school district’s network from home, and it is highly likely that the initial configurations that are being used at the home may not be secure enough. The IT administrator’s lack of full control over the network also extends to the security of all of the Wi-Fi networks. It is likely that the home networks have protocols that are much weaker that those that would be employed on-site, which can facilitate hackers’ access to network traffic. For instance, hackers may take advantage of the fact that many Wi-Fi networks default setting allows remote administration.
In difficult-to-reach locales, like rural areas, where access to the internet tends to depend on wireless infrastructure or microwave, bottlenecks are very likely to occur. This is due in part to the reduced amount of bandwidth and increased latency of those options.
Issues can also arise from the limitations of insufficient broadband networks, which can prevent students from accessing their online classrooms and participating fully. A new study by Common Sense Media estimates that out of the 51 million students in the United States, as many as 15 million students have a broadband service that is incapable of handling the demands of online classes—in which video instruction can feature heavily—or they have no service at all. It also reported that up to 400,000 teachers also lack adequate connections.
3. Remote Users and Their Security Knowledge
In their eagerness to adopt new tools and help students get current, administrators and instructors who have not prioritized remoting learning in the past may end up using tools that are not safe and that put the data privacy of all users at risk by increasing the attack surface of the school environment. While some states, like Connecticut, require that their schools use only the education software tools that have been vetted by clearing-houses, this is not the case in every state.
Students and instructors may not be fully aware of the exact security implications that come with remote learning. To access the remote-access networks, hackers are constantly leveraging methods like phishing to generate more attacks. This is especially problematic if users are using their personal home devices that have limited security controls such as minimal endpoint protection or network firewalls. And in cases in which districts are providing mobile Wi-Fi hotspots and laptops to students who lack connectivity in the effort to reduce economic inequality and improve technology access? The security risks can still be high, particularly if the network is being monitored by a small staff.
4. Lack of Visibility into Remote Learning Cybersecurity Risks
IT administrators are able to use firewalls to monitor activity when users access resources that are in the school district network. This loss of visibility is bad enough when users create and access data in cloud apps like Microsoft 365 or G Suite, but with remote learning, the risk is even worse. Not being able to identify the users who are accessing data can result in data leaks, whether it is a hacker who has accessed sensitive data via phishing scams or an authorized user who unintentionally and publically shares a student’s sensitive data.
5. Unauthorized OAuth Connections
Users are going to try to take advantage of the proliferation of free remote learning resources for schools, like learning apps. However, there are significant OAuth-related security risks associated with the usage of these resources, and it can be difficult to identify an OAuth attack. While users will find it easy to access various SaaS resources using their school login credentials or those for their Google accounts, hackers are able to exploit the OAuth connections to obtain an access token that be used to login to the school district network. The use of the token circumvents any two-factor authentication and password that are in place.
6. Difficulty Creating Effective Network Maps
Being able to visualize every aspect of a remote-access network, including the connections and devices within it, is necessary to effectively monitoring and troubleshooting a network. But consider a single school district that may have thousands of students who have to be able to access online learning from their homes. This can make the tasks of obtaining a real-time snapshot of the network difficult.
7. Lack of Physical Access to User Devices for Troubleshooting
The increase in the number of remote users means that the network will increase in both size and complexity, which can make it difficult to determine remotely the underlying causes of device issues. Again, the lack of complete network visibility can be a factor. For example, it can difficult to determine if the issues are related to systems, applications or a physical object in the network.
Educational institutions are trying to catch up with the evolving online learning landscape and provide a seamless remote access experience. Using the right tools and practices, you can help students, parents, instructors and administration continue the learning process from the comfort of their own homes.