Are School-issued Mobile Devices Safe to Use on Off-campus Networks?
A few weeks ago my eldest son was given a Chromebook by his school which he brought to the house to do his homework. Before the Chromebook, he did his homework on the PC I had set him up with in his room. The nice thing about that is I have a firewall with a content (aka URL or web) filtering policy in place so I have control over the websites he can access since he’s getting to the internet through our home network. But not everyone has a firewall and/or content filtering to protect their kids from inappropriate and potentially harmful web content.
Schools providing K-12 students with mobile devices so that they can access content over the internet has grown over time as administrators, teachers and parents see the benefits of an untethered learning environment. A Project Tomorrow report indicates that almost half of the K-12 teachers surveyed said that their students have regular access to mobile devices in their classroom. Some of those devices are school-issued. However as students enter high school more prefer to use their own personal mobile device in the classroom whether it’s a laptop, Chromebook, tablet or smartphone.
In an earlier blog I wrote about five things K-12 schools should look for in a network security solution. One of those is web filtering. K-12 schools need a URL filtering policy in place that includes technology to protect students from inappropriate or harmful internet content if they want to be eligible for discounts through the government’s E-rate program, also known as the Schools and Libraries program. While most schools have a filtering policy in place to protect students when they’re in the classroom, what happens when they take that device home? Does the mobile device have some way to enforce the policy beyond the school’s network perimeter?
This leads me back to the story about my son’s Chromebook. Without some mechanism in place that blocks access to inappropriate websites when the device is outside the firewall he could take the Chromebook anywhere there is a Wi-Fi connection and have unrestricted internet access. From a parent’s point of view, depending on the student’s age that’s probably not a good thing. From the school’s perspective, administrators don’t want to be viewed as the provider of a tool that enables children to look up inappropriate videos, images or text without some form of control in place.
One solution school IT administrators use to solve the problem is to force all traffic from the device back through the school’s firewall once the device connects to the internet. The nice part about this approach is that the school can use the same policy whether the device is inside or outside the firewall perimeter. There is some downside though. Routing all traffic from every school-issued device regardless of its location back through the school network consumes valuable bandwidth which can be costly.
A unique solution SonicWall offers is our Content Filtering Client. Residing locally on the Windows, Chrome OS or Mac OS X mobile device, the client extends web filtering policy enforcement to devices used outside the firewall perimeter. Administrators can apply the same policy or a different one depending on whether the student is using the device is being used inside or outside the network. The device will also switch over to the inside policy once it reconnects to the school’s network. The combination of the Content Filtering Service and Content Filtering Client provides “inside/outside” web filtering coverage.
If you’re an IT director or administrator with responsibility for implementing network security and content filtering across the school district and would like to learn more about Dell SonicWALL Content Filtering Services and why they are an essential component of your network security strategy, read our technical white paper titled “K-12 network security: A technical deep-dive playbook.”