Cloud based collaboration is being adopted rapidly by organizations in all verticals, and education is no exception. Access to collaborative tools can’t be as simple as an on/off switch. School administrators need visibility to prevent the loss of sensitive data and to ensure that students aren’t engaging in inappropriate communication. On-premise policies must be equally enforced as students leverage cloud-based tools.
Allowing Only the Correct External Communications
Schools are quick to welcome collaborative platforms like Google Drive, Microsoft’s Office 365, and Dropbox. Cloudlock, an important piece of the Cisco Security portfolio, enables educators to enforce policies across these platforms to ensure that only the appropriate personnel are logging in. Cloudlock can detect logins from questionable locations and report on multiple failed logins to applications.
Umbrella, a cloud-based extra layer of security, can recognize requests made from an organization to dangerous domains. Policies can block security categories like malware, cryptomining, and command and control. Behavior policies can be leverage to prevent requests to inappropriate sites like gambling, alcohol, and adult themes.
Addressing Behaviors and Communications
Once students and personnel log in, policies can be enabled and enforced around communication. These pre-defined policies include categories like aggressive behavior, discrimination and cyberbullying. If students are engaging in these behaviors on collaboration platforms, administrators can be warned about incidents that violate these policies.
Additionally, pre-defined policies include language associated with self-harm, which would be present in shows like Netflix’s TV series 13 Reasons Why. School systems reacted to this show in varying ways including banning it, recommending that parents watch it with their children, and providing lists of resources designed to identify depression. The self-harm template provides an additional degree of visibility for educators and counselors into students’ interactions.
Protecting Access to Data for Compliance
School systems have compliance requirements also. One example is data included under the Family Educational Rights and Privacy Act (FERPA) (20 U.S.C. § 1232g; 34 CFR Part 99). This data is related to the transfer of students and access to it is restricted to the school systems involved, accrediting organizations and judicial parties overseeing these cases. Cloudlock contains templates that look for the sensitive “directory” information.
Finally, educational organizations look to ensure that only sanctioned cloud-based applications are installed and used on devices. Umbrella provides a cloud services report to identify applications that are requesting access to cloud services. This report can provide visibility into unsanctioned applications, allowing admins to restrict access to only applications sanctioned by the organization.