Biggest BYOD Challenges for School Wireless Networks
BYOD seems to be the best solution for school districts on a budget that want to promote mobile learning. But, with every student, faculty and staff member, and teacher accessing a wireless network, of course there are some major issues that need to be considered. You can’t just allow them to bring in their mobile devices in and let them have access. You will have too many devices for the infrastructure. There are really two major things to consider when implementing a BYOD solution for your school; security and performance. Here’s the breakdown of these two big challenges.
Challenge #1: Security
Questions for Schools to consider
How do they allow BYOD devices to connect securely and keep students from accessing things on the internal servers?
Students many times are more curious than they are malicious. They want to push the boundaries just to see if they can. If you're network allows them access to the Admin servers, you can bet they're going to get on it.
How will they manage to bring all of those devices online without touching each device or handing out a pre-shared key? Your students are not going to allow IT to put their hands on their beloved mobile devices to program settings. Plus, would have the IT manpower to program hundreds or even thousands of mobile devices anyways?
Suggested Reading: "3 Ways to Use NAC to Support Your School's Wireless Network Strategy"
How will they know who is doing what on their network? The network needs to be intelligent enough to know who is doing what. Here’s how to address the security issues:
1) Wireless User Segmentation: The wireless network has to be able to segment users (via firewall) based upon who they are AND what type of device they’re using. We call this Role Based Access Control and it is very important for these types of networks. Here's how that works:
Example #1: A teacher using a school owned PC is allowed to connect to the internal servers as well as to the internet. A Teacher’s role might even return a different web content filtering policy than a student. She may get more liberal access to YouTube for example.
Example #2: Students accessing the network with their personal device get a Student BYOD role- this allows them to access the internet with web filtering policies appropriate for them but keeps them off of the internal servers.
2) Device Registration: There needs to be an automated device registration process. Users should be able to enter in their active directory credentials and register THEMSELVES.
3) Directory Accounts: Teachers and Students need directory accounts so that you know who is doing what.
Challenge #2: Performance
Most wireless networks that are out there were planned based upon coverage for a building. But in today’s school environment there are 1-2 devices per student. In higher education its 3-5 wireless devices per student. Very few wireless networks have the ability to handle the new requirements. Here’s how to handle the Performance Issues:
1) Capacity Planning - the wireless network has to be re-designed for 1-2 devices per student instead of the old coverage only model of wireless design.
2) Wireless Performance Management - Can the wireless system tell when someone is streaming media vs. surfing the web? Does the wireless system auto-adjust to change power settings and channel settings? It has to be able automatically manage performance.
3) Load Balancing - Large classrooms and auditoriums are a big problem because of so many users packed into a small area. A wireless network today has to be able to share users among all of the access points. Load balancing means that when one access point is overloaded, the system can move users to another AP.
Security and performance go hand in hand. The way you build your security affects your performance. Of course there are other concerns that need to be addressed as well, these are just the two biggest ones.
A holistic approach is needed so a lot of planning is required on the front end to have a successful and secure BYOD solution for you school.
SecurEdge Networks is a specialty IT Solutions Provider focused on Wireless and Data Security. We’ve helped hundreds of schools plan, deploy, and support completely secure wireless systems that encompass these features.
If you have any questions about BYOD planning for your school or would like a free consultation you can contact us here. We are always happy to help.
Philip is the founder and CEO of SecurEdge Networks. He’s the consummate strategist and frequently writes for the strategy blog. You can follow him at @philipwegner