Securing BYOD

BYOD can present a number of security challenges, which can act as a barrier to adoption, says Peter Martini

Bring Your Own Device (BYOD) is one of the fastest moving technology trends in the education industry. It can increase student and teacher collaboration, extend learning beyond the traditional classroom walls and cut costs for many schools. However, BYOD also presents challenges such as security, which can act as a barrier to adoption. To capitalise on the benefits without limiting the user experience, schools must understand the existing risks and adopt methods to mitigate them. So what are the security challenges and solutions? 

Challenge 1: Establishing consistent access on all devices for students and teachers.

Solution: Identity-based access management for educational networks.

Schools should implement access management technologies in order to establish web content policies and adjust access according to a user’s identity. This directly solves the challenge of controlling information access. IT staff can define users by role (faculty, staff, student or guest), and/or by granular characteristics like grade levels or location. Using this approach, the user experience is enhanced and security is achieved through identity-based policies. 

Schools can also use technology to control access to specific online social media sites. For example, IT administrators can limit access to certain Facebook pages, or enable students to view embedded YouTube videos on approved websites. This then creates a more flexible learning environment.

Challenge 2: Ensuring bandwidth to mission critical services are not interrupted by BYOD users.

Solution: Given most users carry more than one internet-connected device (e.g. smartphone, laptop, tablet), bandwidth consumption can easily quadruple overnight with a BYOD rollout. Combine this with the fact that more critical services are moving to the cloud (online testing, attendance and payroll), managing bandwidth is a real concern. Implementing bandwidth management and QoS (Quality of Service) technologies allow IT administrators to dynamically control recreational traffic while increasing mission critical access during times of peak consumption.  

Challenge 3: Protecting against devices infected with malware.

Solution: Mobile devices are particularly high-risk as they can be compromised when moved outside of the school network. Once that happens, devices can then infect systems and applications when they’re brought back in. Schools can mitigate these risks using behavioural analysis systems, which focus on securing against advanced persistent malware as well as known and unknown threats. 

Challenge 4: Blocking access to restricted applications. 

Solution: Mobile devices introduce new complications including an ever-growing list of applications such as SnapChat, Facebook and other non-sanctioned applications – exposing a school’s network to outside threats. However, sometimes students or teachers download applications to improve processes. For this reason, rather than restricting activity and access to applications, schools should seek to enable productivity by ‘pushing’ approved applications to devices. For example, if a network detects a user accessing Box, but Dropbox is the approved application, a school can adopt technology that will send an email routing the user to the campus’ Dropbox account. 

Location-based BYOD technologies on the market are being introduced that provide the ability to set web access policies not only by a user’s role (e.g. teacher versus student), but also the user’s physical location on the network. For example, the school’s IT department can restrict student access to Facebook while in the classroom, but can allow access in the school canteen. Location-based BYOD web policies allow schools to adapt more flexible policies while retaining focus in the classroom.

As more schools across the country develop BYOD programmes, security must be a key pillar in the planning and implementation process. The volume and variety of mobile devices brought onto the school network will only continue to increase. Security is critical to ensure the safe and effective rollout of BYOD schemes.

Peter Martini is COO of iboss Network Security