Technology

Educators must learn a lesson in identity governance

COVID-19 has created high demand for online learning capabilities and digital-first solutions in the classroom and a robust identity governance strategy is crucial to balancing security and functionality in the classroom and beyond.
Terry Burgess, VP Asia Pacific SailPoint
Sep 29, 2020
Secure identites
With flexibility comes insecurity

2020 has been a year of rapid transformation for the education sector. COVID-19 has created high demand for online learning capabilities and digital-first solutions in the classroom.

The wider industry is also changing as education transforms into a global digital marketplace. Universities lacking the financial support from international students are now facing an increasingly competitive market with courses available from all over the world. 

In Australia, the focus has shifted away from ‘education continuity’ and towards a combination of remote and on-site lessons for students. To facilitate online learning effectively, students and staff need access to new portals, servers and online learning platforms housing student progress and data. Solutions like Google Classroom and WebEx are now key to running an online classroom and monitoring student development. 

While student data and curriculum must be available quickly, the supporting infrastructure must also prioritise data protection and help mitigate cyber-attacks. Therefore, a robust identity governance strategy is crucial to balancing security and functionality in the classroom and beyond.   

A transforming classroom
The shift to online learning has created a number of challenges for the education sector. With teachers, students and staff now digital, IT departments are facing increasing pressure to ensure existing systems are running securely and efficiently. This includes facilitating access to new online learning platforms and portals. Moreover, IT teams are often working with outdated legacy technology not built to support the online classroom. 

The pressure to move and keep classrooms online has stretched resources across IT departments. A recent report from the Office of the Victorian Information Commission found schools were overlooking privacy considerations when selecting classroom apps and were unaware of the privacy impact assessments needed for new software. 

As a result, institutions are at high risk for cyber-attack, with cybercriminals looking to capitalise on reduced network visibility (now some students are working from personal devices at home). Addressing these security challenges requires an intelligent approach to identity. Identity governance requires educators to ask the following; what are students accessing in the digital classroom? What are they doing with that access? And, how is that access being managed by the IT department?

A lesson in data governance and identity
More often than not, cyber breaches are the result of human error, and students working from personal networks have amplified this risk ten-fold. To protect against loss of student or sensitive information, the education sector must focus resources on cyber security and controls. In practice, this means having a clear strategy in place to manage student access and protect classroom data. 

Strategies like ‘zero trust’ are a great first step. Zero trust means having zero trust for anyone using the digital classroom until they are verified. When used as a cyber security strategy, it means continuously authenticating students across the education portal (for example, using two-factor authentication).

While budgetary constraints and lack of industry buy-in remain key challenges to adoption, identity strategies must evolve with the classroom environment to be effective. Both identity and data governance are critical capabilities in supporting the growth of education institutions – now, more than ever.

 
Top ↑
Terms & Conditions | Privacy Policy