Jamf After Dark: Security in Edu
A fireside chat discussing rising cyber threats targeting Edu data and operations. Also, the challenges of balancing limited budgets against compliance needs and secure identity-driven systems.
Why threat actors target schools
Kicking off the podcast, John Wetter, Director of Technology and Information Services, Hopkins Public Schools, discusses the importance of implementing school board policy as a fundamental building block for security. Before segueing toward the security implications for educational institutions, Sean Rabbit poses the following question. Wetter’s answer may astound you.
What motivates cyberattacks against K-12?
Financial: Valuable personal data on students, is among the main targets. Threat actors exploit PII for identity theft and other cybercrimes. And because student records are free from credit history data, financially driven groups view this data as a long-term asset that pays dividends for years before students mature into adulthood.
Social or Political: On the other end of the cyberthreat spectrum, are attackers whose aim it is to disrupt and cause chaos. Targeting schools, not unlike other public infrastructures, leads to significant social impact. For example, school closures cause a cascade affect which impacts the day-to-day lives of the community.
Information-rich and resource-poor
Suraj Mohandas, VP Product Strategy in Education, Jamf and Wetter highlight in greater depth the difficulty that schools face in trying to achieve balance between ensuring cybersecurity and managing shoestring budgets. The common denominator between the pressure to protect confidential data while meeting regulatory requirements is often limited budgets.
But it’s not just the budget that’s at the heart of the dilemma of storing valuable data but lacking the financial means to consistently protect it. Impacts to the ebb and flow of the economy influence costs in areas, in turn, affecting how far their funding dollars will go. For example, the rising costs of software licensing and student nutrition place schools between the proverbial rock and a hard place, forcing them to make tough choices between prioritizing essential services over tech investments, like cybersecurity.
Identity, security and education customers
Pivoting a bit from the pain points impacting cybersecurity in Edu, Emily Forese, Senior Education Leadership Executive, Jamf and Mohandas share how Jamf’s latest acquisition, Identity Automation, benefits the education sector and protects those stakeholders through advanced identity security and access management.
By understanding the criticality of identity and stressing the paradigm that it should be democratized – i.e., not tied to any specific platform – the creation of an effective teaching and learning environment for students is not encumbered by device platforms.
Instead, the focus becomes ensuring comprehensive accountability and secure experiences, empowered through the seamless integration of device management, identity and access, and endpoint security. In short: designing purposeful learning environments begin with purposeful device deployment models and are anchored by identity workflows that underscore security protections throughout the device lifecycle.
Gain access to all the Jamf After Dark podcasts today!
