K-12 Students and Online Learning-Schools, Parents Failing Security
By: Jim Stickley and Tina Davis
March 29, 2023
Since the coronavirus pandemic struck, educating children in the U.S. became a challenge to figure out. Online, remote education is still considered the safest way for our children to learn, but it also presents serious online security concerns. Unfortunately, the quick shift to remote education resulted in an outright failure to protect students learning online. Now on the brink of a new school year, how it’s going to work is still being debated. It could include in-person, hybrid (a combination of remote and in-person), and remote education. The time for schools and parents to protect the online security of our students is now.
Failing Security Grades
An organization that tracks K-12 cybersecurity incidents, the K-12 Cybersecurity Resource Center, says “The public assumption that K through 12 information security has kept pace with the rest of society is wrong…School districts throughout the United States suffer from notoriously poor information security.” The organization has been tracking cybersecurity incidents with K-12 students since 2016, and to date confirms over 1,100 of these incidents have occurred.
Both schools and parents can improve online security for students with these tips provided by the U.S. Cybersecurity and Infrastructure Agency (CISA) and McAfee security.
- Share information carefully. Before sharing personal information, consider where it will end up and who may be viewing it. CISA says that’s especially true for video conferencing apps like Zoom and collaboration platforms. Shared screens should have only the information needed visible. Use blurred backgrounds when possible.
- Device cameras are a gateway for intruders and security incidents, according to McAfee. Disable chat when possible, and pay close attention to unintended screen sharing, instant messages, and video chats like those from “Zoombombing” incidents.
- Don’t hesitate to mute all involved with larger meetings. According to CISA, “ensure you have the capability to mute all attendees and limit the ability of attendees to share screens…consider giving participants an option to participate by audio only if they have privacy concerns…”
- Sharing too much information is very risky, says both CISA and McAfee. Don’t put birth dates, location, and phone numbers on learning apps whenever possible. Use a school-provided email address and login info rather than using personal accounts.
- Have a vetting process, says CISA. Consider a waiting room to verify participants arriving for a remote learning class before it starts.
- Require multi-factor authentication (MFA) for learning apps when possible, says CISA. It’s an easy and effective way to keep hackers out of the online learning process.