3 in 10 Districts Lack Cloud Security Coverage
- By Dian Schaffhauser
- 11/18/21
A vendor-sponsored
survey found that a large share of IT people who have some influence
over technology in their school districts don’t believe they have
security for protecting key assets maintained in the cloud. A survey
run and reported on by the EdWeek
Research Center and sponsored by K-12 cloud security
company Managed
Methods revealed that 30% of respondents lack a
security platform to protect cloud applications. Another 20% didn't
know if such a platform had been implemented in their districts.
The survey was
issued online during the summer and received responses from 214
district-level administrators who identified themselves as having at
least a medium level of influence on technology decisions.
Respondents included technology managers, superintendents and
curriculum and instructional directors.
Among the
respondents, a comparable share said their schools were primarily
running either Google Workspace (43%) or Google Workspace and
Microsoft 365 (41%); fewer numbers said they had only Microsoft 365
(9%) or something else (1%). Just six percent said they used no
cloud-based environment whatsoever.
Three in five
respondents said they had a high level of confidence in the privacy
and security of the data stored in their cloud applications.
Furthermore:
-
37% weren't
directly concerned about data breaches and leaks;
-
45% weren't
worried about compliance with state and federal laws that protect
student data; and
-
36% weren't
bothered about the possible sharing and viewing of explicit content
on their devices.
Of the respondents
who said they operated in a cloud environment, 28% didn't know if
they had a monitoring solution in place to protect shared data in the
school-provided cloud applications. A slightly higher number, 31%,
said they didn't know whether or not their cybersecurity platforms
consistently monitored potential violations of various federal or
state regulations on data privacy. The same number said their
districts failed to monitor the level of risk of files shared with
users outside the district's domain.
The median annual
budget district people dedicated to cybersecurity was $20,000, with
about a fifth of that set aside for protecting cloud applications in
2022.
While school systems
"have clearly committed to the cloud," the report noted,
"their appetite for cloud applications may have outpaced their
ability to protect the sensitive and important student and employee
information currently stored there."
"This new
research tells us that some district administrators are unaware of
the cybersecurity, safety and privacy risks that come with using
them," said Charlie Sander, CEO of ManagedMethods, in a
statement. "Technology leaders need to know their cloud
environments may be vulnerable, and that it's their responsibility to
secure them."
The report is openly
available on
the Managed Methods website.
About the Author
Dian Schaffhauser is a former senior contributing editor for 1105 Media's education publications THE Journal, Campus Technology and Spaces4Learning.