When it comes to cybersecurity, IT teams in education are well aware of the malware that poses a threat -- but what about the threat students pose to their own devices?
As students are coming back onto campus after their summer breaks, it’s a good time to reassess how you approach cybersecurity. In our 2017 IT leadership survey with CoSN, we found that 61 percent of IT leaders noted that cybersecurity concerns have increased over the last year. This statistic comes as no surprise; Verizon’s 2017 report on data breaches states that the public sector is the third most likely to have a data breach. In fact, there have been 29,000 instances data breaches documented so far this year.
While 67 percent of data breaches fall into the cyber-espionage (posing as a harmless email to get access to data) or internal error categories, schools also face another threat – and it’s not from a third party. In fact, the number one threat to your digital devices? It’s actually students.
Breaking Devices Out of “Jail”
While a ransomware or phishing attack is most likely an outside entity, students pose a different set of threats to your data security: jailbreaking.
In one example, students in the Los Angeles Unified School District (LAUSD) discovered the limitations only existed while the devices were connected to the district’s hosted network. In another instance, students found that security restraints were only set on profiles created by the district IT teams. By discovering these vulnerabilities and working around them (connecting to other networks, creating new profiles on their own), the students easily worked around the IT teams’ restrictions.
The Consequences (and How to Prevent Them)
Although surfing the Internet and watching videos is relatively harmless, the real threat comes from all the unintended consequences:
- The entire integrity of the device is compromised, making it much easier for viruses and other malware to attack and download to your network
- Jailbreaking voids the warranty on your devices
- Software updates work differently with phones that are no longer setup to the manufacturer’s specifications. In other words: You most likely won’t be able to download the latest updates
- Improper jailbreaking can lead to the device being completely unusable, or “bricking”
Apple and other OS providers work hard on updates that include patches and other security measures, making devices much more difficult to jailbreak. Make sure that each school-issued asset has the latest OS version downloaded and that all other apps are up to date, too.
An agentless asset discovery tool, like Insight, tracks all IP-addressable devices on your network. That means that any device that enters your hosted network will be discoverable, which includes both school-issued devices and those owned by students and staff. You’ll not only be able to know a device’s users and location, you can also see if its software is up to date and see what applications they have downloaded. Best of all, you don’t have to manually download an agent on each device. To read more about the benefits of agentless discovery tools, read our whitepaper.
While we can’t stop the ingenuity of younger generations, you can still be prepared for the worst. To learn more about how we can help you prepare, contact us today!