The Security Challenge of Cloud Computing in Education

Libby Bagley, Community Manager, License DashboardLibby Bagley, Community Manager,License Dashboard

Schools may have largely reopened following the latest lockdown, but remote learning – and therefore cloud technology – will continue to play an important role in the future of education.



The pandemic opened people’s eyes to the digital options available to support learning, and cloud technology has enabled educational institutions to deliver lessons, manage assignments, and share resources during this time. Alongside the obvious operational benefits, it’s making education (and importantly, quality education), potentially more accessible to different people, especially for those students who aren’t always able to be physically present, due to disability, mental health issues, or problems at home.



For the schools, colleges or universities in question, there may also be financial gains in the cloud. It’s no secret that budgets are becoming increasingly tight, but embracing the cloud means reduced data storage costs and less budget being allocated to replacing physical hardware. The use of cloud-based applications also helps out students (and their parents), as these are run on browsers, negating the need to pay for specific compatible devices.  



With institutions under constant pressure to become more inclusive, this will be key to removing barriers to education.



The benefits of shifting to the cloud are undeniable, but it’s not without its challenges, particularly from a security perspective. At License Dashboard we work with, and are approached by, a number of educational institutions, many of whom have made the transition to the cloud. It’s crucial that those overseeing the adoption of this technology have a clear strategy for how to use it safely and securely.



The security risks that come with the cloud



Vendors recognised the challenges facing schools and colleges over the past year and adapted their software to help them run more smoothly. Most suppliers temporarily changed their policies to permit home use. However, while this is useful from an operations and compliance perspective, it doesn’t take into consideration the implications on security.

Hundreds, if not thousands, of staff and students accessing files and software from multiple locations, networks and devices makes it extremely difficult for IT teams to securely maintain visibility.



Then we consider that the average home setup is far less restricted than it would be in a school, college or university. In addition, not being on the same centralised system for updating anti-virus software could cause a real issue, at a time when malware and security threats are becoming increasingly sophisticated.



What’s the link between cybersecurity and software asset management?



Software asset management (SAM) is the practice of overseeing every aspect of software asset management, from deployment to end of life. SAM tools give your IT team a complete view of your entire IT estate, showing you when and where students and staff are using cloud tools, and who by. This allows the department to ensure all products are up to date and patches have been installed, as well as making sure that any vulnerabilities which could affect you are removed immediately.



These tools also show you exactly how this software is being used. This kind of insight is invaluable with multiple people accessing software in different locations across different devices. You can only protect against what you’re aware of.



Thankfully, some vendors have made cloud software more accessible to the education sector by agreeing specialist pricing, or adapting their offerings to fit the current climate. 





In order to mitigate risk, it’s important that everyone is aware of what those risks are. What many would consider to be normal everyday behaviour could be putting your institution at risk, which is why it’s crucial to educate both staff and students on what to do and what not to do.



A couple of the most common security threats of remote learning include:



Adding software indiscriminately



This could be anything from illegal digital downloads, to an online purchase from an unknown vendor. Staying on top of software asset management allows you to monitor and stay on top of any unmanaged or unregulated IT resources, but making people aware of what these look like and why it’s important to purchase genuine copies, should be your first step.



Sharing removable media



Another common threat is through the sharing of inappropriate software from machine to machine, but this can compromise assets and leave you open to breaches.

 

At the start of lockdown, the focus was very much on ensuring pupils were able to learn effectively from home, and teachers were able to deliver suitable lessons, however as cloud computing becomes a more integral part of learning, the priority also needs to be security.