Covid-19 Resource Center For K-12 IT Administrators
Free online tools for K-12 IT administrators
Google Workspace has made available all the apps K-12 schools will need to start delivering online learning. They are offering free access to key apps in addition to publishing online resources and guides to help schools make the shift to online learning. Please note that some of the apps don’t have a 'forever free plan' for schools and will require an upgrade to paid plans in the future.
Cloud productivity and collaboration tools for distance learning
Google Teach From Home Resource Center for Google Workspace - A hub of information and tools to help schools migrate to distance learning.
Google Meet Guide for K-12 IT Administrators - Google help center page to help set up Google Meet for distance learning.
Google Voice for Schools - A guide to using Google Voice by TCEA.
WebEx - Cisco WebEx page for teachers, parents, and IT admins to deliver teaching online.
Adobe Creative Cloud - Temporary at-home access to Creative Cloud available until May 31 for schools and colleges.
Apps and tools designed for K-12
Bloomz - Parent communication app that helps teachers and school administrations engage with parents on student's growth and development.
Boclips - Online video platform that enables educational publishers and service providers to find, license, and use video from content producers.
Edmodo - An educational technology company offering a communication, collaboration, and coaching platform to K-12 schools.
Training and technical resources for IT administrators
IT Operations Planning for a Pandemic - Click here
Azure for Education - Click here
AWS for Education - Click here
Online Training for Educators from Cisco - Click here
Mobile Device Management for Google Workspace - Click here
Preparing Chromebooks for at Home E-Learning - Click here
4 Security and safety tripwires to watch for in distance learning
As schools are rapidly moving to learn from home and work from home models, the biggest threat to the ongoing functioning of schools is keeping cloud data safe and making data available on-demand no matter where staff or students are located. According to EducationWeek, fewer than 10% of districts report that every student has access to non-shared devices at home while 54% of districts report that more than three-quarters of their students have access to shared devices at home.
“I would easily say that less than 50% of our students and families have access to either a consistent learning device and/or Internet access, I think that’s our greatest challenge right now.”
- Superintendent, Detroit Public Schools Community District. (Source: NPR)
1. Phishing and ransomware attacks
The last few years has seen a steady spike in the number of phishing sites detected by Google and this trend is picking up steam as scammers have started launching phishing scams to target people interested in learning about COVID-19.
Teachers, non-teaching staff and students are now spending more time online as schools are supporting distance learning amid the lockdown and this could potentially open the floodgates for phishing scams and ransomware attacks.
In addition to implementing G Suite and Office 365 email security best practices, backing up G Suite and Office 365 data will allow IT administrators, the ability to restore accounts rapidly in the event of a successful phishing scam or ransomware attack.
2. Data loss events
Distance learning exposes most schools to sophisticated attacks that can overwrite Drive files or delete them. For example, malicious software can be uploaded to Google Drive and the link to the software can be embedded in Google Docs or chat messages to infect a domain. According to Google, the risk of account takeover (for possible malicious data deletion or exfiltration) even with two-factor authentication and basic security features enabled in G Suite is about 33%.
The number of malicious sites using the 'Covid 19' and 'gov' in their URL, and adding links to authentic sites like WHO to make it look genuine, have been on the rise for the past few weeks. Accidental deletions are just waiting to happen. With emails, chats, files becoming the primary means of communication among teachers, non-teaching staff, and students, incidents of accidentally deleting or overwriting class assignments, scoring sheets, assessment blueprints, and other critical data needed for the day-to-day functioning of schools are bound to increase.
Having a data backup, implementing DLP policies, and all turning on the recommended G Suite and Office 365 security settings is a must for K-12 It administrators.
3. Controlling unfettered shadow IT
IT administrators are worried about the sudden spurt in shadow IT as teachers and school management shift to a distance learning program. Videoconferencing and collaboration apps are making an aggressive bid to gain a toehold in the K-12 market by offering free or deeply discounted products. But schools are already paying a price as they are opening themselves to serious risks.
Some of these 3rd-party apps have questionable features that can compromise student/staff privacy or violate compliance requirements with respect to personally identifiable information (PII). In addition to collaboration apps, malicious 3rd-party mobile apps that claim to track Coronavirus can lock down mobile devices provided to teachers and students.
IT administrators should consider using security apps like SysCloud to disable potentially dangerous 3rd-party apps and create whitelisting policies for 3rd-party app installation.
“I would easily say that less than 50% of our students and families have access to either a consistent learning device and/or Internet access, I think that’s our greatest challenge right now.”
- Superintendent, Detroit Public Schools Community District. (Source: NPR)
4. Compliance and privacy issues
While FERPA allows disclosure of student PII to tackle health issues pertaining to COVID-19, this is not a blanket approval to disclose PII or stop monitoring who gets access to PII. That’s not all. Third-party collaboration products may share data about teachers and students who sign up using social media credentials (Example: Facebook) with advertisers or marketers.
IT administrators should implement G Suite and Office 365 policies for FERPA, CIPA, COPPA, HIPAA and PII.