Research by ManagedMethods, a Google workspace and Microsoft 365 cybersecurity, student safety, and compliance platform for education, has found gaps in the cyber security strategies of district administrators when protecting their cloud collaboration and storage applications.
The report reveals 30% of district administrators with at least a medium level of influence on technology decisions do not have a security platform to protect cloud applications. Half of respondents either did not have a platform in place or did not know if platform had been implemented in their district.
“School districts have long led the charge into cloud technology by embracing Google Workspace and Microsoft 365 cloud applications. This new research tells us that some district administrators are unaware of the cybersecurity, safety, and privacy risks that come with using them,” said Charlie Sander, chief executive officer at ManagedMethods in a statement. “Technology leaders need to know their cloud environments may be vulnerable, and that it’s their responsibility to secure them.”
The report indicates among district administrators, cloud security, safety, privacy are not a concern, despite schools being heavily reliant on cloud applications. Only 60% of respondents have a high level of confidence in the privacy and security of the data stored in their cloud applications.
- 37% are not concerned about data breaches and leaks.
- 45% are not concerned about compliance with state and federal laws that protect student data.
- 36% are not concerned about the sharing and viewing of explicit content on their devices.
Of the district administrators surveyed that say they operate in a cloud environment, 28% do not know if they have a monitoring solution in place that protects the data in the school-provided cloud applications.
- 31% do not know if their cybersecurity platforms consistently monitor the level of risk of files shared with users outside the district’s domain or monitor for potential violations of government regulations.
- 28% do not know if their cybersecurity platforms monitor the level of risk of files shared within or uploaded into their domains, or report who has access.
District Leaders Store Sensitive Information in the Cloud With Limited Security Budgets
The research findings show the median budget district administrators have available for cybersecurity is $20,000 annually. Of this amount, 20% will go toward protecting cloud applications in 2022. The research also shows that some of the most sensitive information districts have is stored in the cloud — or soon will be.
- 86% use cloud-based learning management systems (LMS) or plan to move these systems to the cloud.
- 69% have their human resources systems in the cloud or have plans to move to the cloud.
- 95% report students and/or staff collaborate using Zoom and/or Google Meet.
Further research can be found in ManagedMethods’ special report, What You Don’t Know Can Hurt You: New Survey Identifies Gaps in K-12 Cloud Security, administered by the EdWeek Research Center.