On Friday, the Consortium for School Networking hosted a webinar to discuss the problem, featuring Diana Gill, director of technology at East Porter County School Corporation, Indiana; Greg Hogan, network data security coordinator at Bibb County School District, Georgia; and representatives from the K-12 cybersecurity company ManagedMethods, who promoted the use of their IT security platform.
According to the company, the ManagedMethods platform monitors in real time what students and staff are doing inside Google, Microsoft and Zoom. The company says the program, used by about 1.5 million people in 1,500 schools, can identify potential data leaks, scan district communications for inappropriate content and monitor emails for telltale signs of malware attacks and phishing.
Gill and Hogan said the tool has helped identify vulnerabilities in their districts that could have resulted in identity theft through email communications, email scams and vectors for ransomware attacks. For understaffed IT departments, Hogan said, the platform feels like having a staff of 10 to 15 people searching for security holes to plug.
“This was a product we didn’t know we needed until we saw it and put it in place,” he said. “It’s given us insight at a layer and a level that we didn’t know we could see, and it has saved us many, many times in numerous situations.”
According to a recent report from the public K-12 Cybersecurity Resource Center, U.S. public schools reported over 400 cyber incidents in 2020, representing an 18 percent increase over 2019. Almost half of those involved emerging threats such as video conferencing breaches and disruptive invasions of virtual classrooms by unauthorized users.
However, Gill said phishing attempts remain among the most prevalent cyber threats in schools today. She said the platform allows officials to quarantine specific emails to combat email scams directed against district users.
“I would say phishing has totally jumped through the roof,” she noted when discussing the ways the platform has been used.
Many cyber attacks originate from Workspace and Microsoft 365, according to Jake Kasowski of ManagedMethods. He said cyber attacks against schools are not slowing down in 2021, following a record-breaking year for K-12 cyber crimes in 2020.
“Districts have been using these Google Workspace and Microsoft 365 platforms for a long time now, but the risks that live inside of them are starting to become more of a focal point for IT teams. There were a lot of districts that before the pandemic thought that Google and Microsoft were helping to secure the data stored in their cloud drives, which isn’t the case,” he said.
The platform is one of many tools gaining traction in the ed-tech security market, also including ContentKeeper Cloud, developed by Australia-based cloud security company ContentKeeper to manage web monitoring and filtering services on school devices. While similar in some functions and goals, ManagedMethods mainly focuses on cloud monitoring between district accounts.
“We are 100 percent cloud-based and only monitor and inspect the district’s Google or Microsoft or Zoom domain. We are not monitoring devices or networks,” Chief Revenue Officer David Waugh said. “However, if an individual uses a personal device to access district credentials or domains, we see they are coming from that device.”
Platforms such as these have raised concerns among some parents and digital privacy activists, who often consider school technology-monitoring tools to be needlessly invasive, outweighing their benefits. Gill noted that her department uses the platform mainly to identify cyber threats directed against teachers and students, as well as signs of identity theft or indicators of student self-harm and cyber bullying.
The purpose, she said, isn’t to reprimand users for minor policy infractions.
“It doesn’t feel like an ‘I gotcha,’” she said. “This doesn’t exist to catch people doing things wrong. It exists to protect all of us.”