Under present conditions, absolute mobile security on our school wifi networks won't happen soon. New security developments for mobile have yet to maintain pace with the emergence of unfamiliar challenges to their capacity to keep networks threat-free. Even known problems still cause breaches in mobile security.
Today, keeping all devices secure at every point within a given school's wireless network has proven to be very challenging. Large or small, urban or rural, public or private, this is true for every K-12 system.
These conditions persist despite mobile device management's (MDM's) automated services for ensuring smart security and reliable user experiences, while generating operational savings.
The problem is that too many school IT departments and so called industry experts are falling for the same unsubstantiated belief in the following myths about mobile security and this has contributed to these circumstances:
1) Brand Reliability Assures Security
One of the most exciting aspects of mobile use is the growing amount of applications available, many created by trusted product brands. Top producers of smartphones, tablets and laptops generally base some of their competitive advantage of their brand's reputations on these apps.
But, while most apps - Google Search, Instagram, Twitter, Pinterest, etc. - will provide the service they advertise, many offer less than state-of-the-art security. Malware and other security threats are at least as prevalent for mobile devices as they are for on-site technology.
Bogus, malign versions of reputable apps exist that can be mistakenly used by employees and infect schools' organizational systems and data. Vetting all organizational mobile apps is necessary to enhance protection of essential K-12 information and operations.
2) Smartphones are Secure
Neither smartphones nor tablets are inherently secure. Like other technologies, they require efficient authentication, data-encryption, firewall, and anti-virus/malware processes to dependably provide device, data and system protection.
User-education about maintaining security necessitates ongoing training; constant system reinforcement further assures the integrity and effectiveness of K-12 mobile security applications. Its a mistake to rely on the devices themselves; they guarantee no such protection.
3) Short Message Service (SMS) Convenience Offers Dependable Security
Although very convenient for K-12 personnel, SMS security is never a foregone conclusion. SMS neither audits nor tracks its content, increasing the difficulty of MDM to monitor what passes through its application.
In fact, mobile SMS frequently provides a rather basic route for computer viruses, worms, spyware, and similar malicious programs. These can spread quickly from individual users' mobile devices to larger, wired school networks and systems. Instant messaging can generate similar security threats.
Information can be readily exposed without proper security, which should be implemented for these purposes throughout the K-12 organization.
4) MDM Cures All
MDM is essential to effective administration of school mobility, but by itself seldom offers a comprehensive protective system, providing more than device-level solutions.
Data migration and data storage are two separate considerations, which require protection for the school's in-house (or cloud) capabilities as well as its many mobile users. MDM's operating range often is insufficient to secure the activities of all mobility options and in-house use simultaneously, and requires constant monitoring.
5) User's Security Habits are Reliable
More than the systems' failings, mobile users, in this case your students and faculty, cannot be trusted to consistently engage security practices sufficient to protect data transmission and storage.
In this bring-your-own-device (BYOD) world, no security system provides protection assuring users' personal usage is as secure as that of the school's wired-network.
At the same time, avoiding use of BYOD, and providing all K-12 users with school-issued mobile devices is similarly insufficient to assure appropriate security.
Understand that school employees will not hesitate to use their own smartphones or tablets if they need to access school-based data, and their school-issued devices are temporarily unavailable. Thus, the need for security-training.
Therefore, mobile security requires ongoing data visibility, if it is to fulfill its function as the primary source of defense for K-12 mobile use.
At SecurEdge Networks we have been providing secure mobility to hundreds of schools for almost 10 years. If you would like us to analyze your current network or have security questions, simply contact us here!