syscloud

Covid-19 Resource Center For K-12 IT Administrators

The coronavirus (COVID-19) pandemic has become a big challenge for K-12 schools as they scramble to find ways to move their classroom-based training infrastructure to deliver distant learning and minimize disruptions. With entire communities in lockdown, the shift to delivering online learning has become a herculean task for IT administrators.
SysCloud created this page to help IT administrators in K-12 schools get the resources they need to navigate these challenges.

Free online tools for K-12 IT administrators

Google Workspace has made available all the apps K-12 schools will need to start delivering online learning. They are offering free access to key apps in addition to publishing online resources and guides to help schools make the shift to online learning. Please note that some of the apps don’t have a 'forever free plan' for schools and will require an upgrade to paid plans in the future.

Cloud productivity and collaboration tools for distance learning

Google Teach From Home Resource Center for Google Workspace - A hub of information and tools to help schools migrate to distance learning.

Google Meet Guide for K-12 IT Administrators - Google help center page to help set up Google Meet for distance learning.

Google Voice for Schools - A guide to using Google Voice by TCEA.

WebEx - Cisco WebEx page for teachers, parents, and IT admins to deliver teaching online.

Adobe Creative Cloud - Temporary at-home access to Creative Cloud available until May 31 for schools and colleges.

Apps and tools designed for K-12

Bloomz - Parent communication app that helps teachers and school administrations engage with parents on student's growth and development. 

Boclips - Online video platform that enables educational publishers and service providers to find, license, and use video from content producers. 

Edmodo - An educational technology company offering a communication, collaboration, and coaching platform to K-12 schools. 

Training and technical resources for IT administrators

IT Operations Planning for a Pandemic - Click here 

Azure for Education - Click here

AWS for Education - Click here

Online Training for Educators from Cisco - Click here

Mobile Device Management for Google Workspace - Click here

Preparing Chromebooks for at Home E-Learning - Click here

4 Security and safety tripwires to watch for in distance learning

As schools are rapidly moving to learn from home and work from home models, the biggest threat to the ongoing functioning of schools is keeping cloud data safe and making data available on-demand no matter where staff or students are located. According to EducationWeek, fewer than 10% of districts report that every student has access to non-shared devices at home while 54% of districts report that more than three-quarters of their students have access to shared devices at home.

The same publication reported that 47% of school districts rate phishing as a high-risk threat for schools and 23% are bracing themselves for ransomware attacks. Threats to cloud data security, student data privacy, and safety are amplified by the fact that IT administrators have to now deal with provisioning devices and IT infrastructure for teachers, staff, and students and making sure shared devices don’t act as a gateway for data security threats.

img

“I would easily say that less than 50% of our students and families have access to either a consistent learning device and/or Internet access, I think that’s our greatest challenge right now.”

- Superintendent, Detroit Public Schools Community District. (Source: NPR)
1. Phishing and ransomware attacks

The last few years has seen a steady spike in the number of phishing sites detected by Google and this trend is picking up steam as scammers have started launching phishing scams to target people interested in learning about COVID-19.

null

Teachers, non-teaching staff and students are now spending more time online as schools are supporting distance learning amid the lockdown and this could potentially open the floodgates for phishing scams and ransomware attacks.

null
protipPro tip

In addition to implementing G Suite and Office 365 email security best practices, backing up G Suite and Office 365 data will allow IT administrators, the ability to restore accounts rapidly in the event of a successful phishing scam or ransomware attack.

2. Data loss events

Distance learning exposes most schools to sophisticated attacks that can overwrite Drive files or delete them. For example, malicious software can be uploaded to Google Drive and the link to the software can be embedded in Google Docs or chat messages to infect a domain. According to Google, the risk of account takeover (for possible malicious data deletion or exfiltration) even with two-factor authentication and basic security features enabled in G Suite is about 33%.

The number of malicious sites using the 'Covid 19' and 'gov' in their URL, and adding links to authentic sites like WHO to make it look genuine, have been on the rise for the past few weeks. Accidental deletions are just waiting to happen. With emails, chats, files becoming the primary means of communication among teachers, non-teaching staff, and students, incidents of accidentally deleting or overwriting class assignments, scoring sheets, assessment blueprints, and other critical data needed for the day-to-day functioning of schools are bound to increase.

protipPro tip

Having a data backup, implementing DLP policies, and all turning on the recommended G Suite and Office 365 security settings is a must for K-12 It administrators.

3. Controlling unfettered shadow IT

IT administrators are worried about the sudden spurt in shadow IT as teachers and school management shift to a distance learning program. Videoconferencing and collaboration apps are making an aggressive bid to gain a toehold in the K-12 market by offering free or deeply discounted products. But schools are already paying a price as they are opening themselves to serious risks.

Some of these 3rd-party apps have questionable features that can compromise student/staff privacy or violate compliance requirements with respect to personally identifiable information (PII). In addition to collaboration apps, malicious 3rd-party mobile apps that claim to track Coronavirus can lock down mobile devices provided to teachers and students.

protipPro tip

IT administrators should consider using security apps like SysCloud to disable potentially dangerous 3rd-party apps and create whitelisting policies for 3rd-party app installation.

img

“I would easily say that less than 50% of our students and families have access to either a consistent learning device and/or Internet access, I think that’s our greatest challenge right now.”

- Superintendent, Detroit Public Schools Community District. (Source: NPR)
4. Compliance and privacy issues

One of the trends IT administrators should watch for is the growing use of Drive and emails as a means for teachers to share Individualized Education Program (IEP) information with parents of students who are now taking the classes online. As schools rely on online collaboration and sharing of information via email, Drive, and chat becomes the norm, compliance issues can creep up as the teacher or staff may accidentally disclose private information.

While FERPA  allows disclosure of student PII to tackle health issues pertaining to COVID-19, this is not a blanket approval to disclose PII or stop monitoring who gets access to PII. That’s not all. Third-party collaboration products may share data about teachers and students who sign up using social media credentials (Example: Facebook) with advertisers or marketers.

protipPro tip

IT administrators should implement G Suite and Office 365 policies for FERPA, CIPA, COPPA, HIPAA and PII.

How SysCloud secures Google Workspace for schools

Having a robust backup and security solution for Google Workspace is one of the best ways for K-12 IT administrators to safeguard their schools from data loss and security threats that’s beginning to spike due to the COVID-19 pandemic. The following tables show how SysCloud can help schools secure Google Workspace.

1. Data Loss and Ransomware Recovery
Backup featuresGoogle Workspace with VaultSysCloud

Gmail

Emails backup

Trash/Junk backup

Point in time restore

Granular search for restore

Restore with attachments

(Only for 55 days)

(Unlimited)

Restore to source folder

(Only for 55 days)

(Unlimited)

Cross user restore

Drive

Shared Folder backup / Shared with me backup

(Only for 55 days)

(Unlimited)

Shared Drive backup/Teams backup

(Only for 55 days)

(Unlimited)

My Drive backup

(Unlimited)

Point in time restore

(Unlimited)

Restore with folder structure

(Only for 55 days)

(Unlimited)

Restore with sharing permissions

(Only for 55 days)

(Unlimited)

Granular search for restore

(Unlimited)

Custom folder restore

(Unlimited)

Revision history with option to restore a past version

(Unlimited)

Contacts

Groups Backup

(Only for 55 days)

(Unlimited)

Restore to user accounts

(Only for 30 days)

(Unlimited)

Calendar

Backup of Shared Calendar events

(Only for 55 days)

(Unlimited)

Restore to user accounts

(Unlimited)

Restore events with the shared invitee

(Only for 30 days)

(Unlimited)

Sites

Backup Sites

(Only for 55 days)

(Unlimited)

Multiple sites restore

(Unlimited)

Backup admin featuresGoogle Workspace with VaultSysCloud

Backup

Automatic incremental backup

Backup retention post account deletion

Real-time backup dashboards

Selective users/apps backup

Granular retention settings

Drill-down view of backup data

User activities

Audit logs

Restore & Export

End-user self-service restore

(Only for 30 days)

Cross-user restore

Restore data with exact time stamp

Advanced search option for restore

Export email in .pst or .xml format

Preview of backed up data

2. Safety, Compliance, and Security Enforcement
FeaturesGoogle Workspace with VaultSysCloud

Prebuilt Policies

Sharing controls and permissions

Flags sensitive content

(Only SSN and Credit card data)

Block malicious third-party apps

Blocks unauthorized app installation

Blacklist unauthorized apps

(Only from chrome webstore)

(all apps)

Block malicious sites

Blocks harmful content online

Blocks access to unauthorized/unmonitored websites

Compliance policies

FERPA

(Setup required)

(Prebuilt)

HIPAA

IEP

(Setup required)

(Prebuilt)

PII

PCI

CIPA

(Setup required)

(Prebuilt)

Policy features

Creating & editing pre-existing or new policies

(Create new)

Granular control on defining policy applicability

(Only domains, Sub

(Include org units and users)

Custom triggers for policy violations

Policy exception request and overrule workflow

Violation remediation rules definition

Mechanism of threat detection

Checks words or phrases match

Identify the context of the word

Filter references and quotes from the text

Keyword search in the subject and body

Check for frequency of the word

Use Machine learning algorithm

Flag the incident with risk threshold

Actions taken when identified a threat

Revert sharing permission

Transfer file ownership

Remove access to the file and quarantine it

Auto-encrypt Drive files

Request exceptions

Cloud Backup for Google Workspace and Microsoft 365

Request Demo for K-12 Security Solution