Overcoming BYOD risks


Schools that embrace BYOD must also mitigate the risks of this approach. Industry experts Peter Martini and Allan Bower offer five quick tips.

Mobile devices continue to create issues for school management. Bring your own device (BYOD) is one of the fastest moving technology trends in the education industry.

Bringing valuable learning resources into the classroom enables increased pupil-teacher collaboration, extends learning beyond the traditional classroom walls, and cuts costs for many schools.

However, the growth of mobile devices also introduces new threats to the school network, presenting increased security challenges, which can act as a barrier to adoption.

In order to capitalise on the benefits of BYOD without limiting the student experience, schools must understand the existing risks and adopt methods to mitigate them.

First, we must look at what the main education security challenges are and how IT professionals can successfully implement tools to mitigate the risks. Let’s consider five key areas:

Trouble: Establishing consistent access on all devices for pupils and teachers

Schools can implement access management technologies in order to establish web-content policies and adjust access according to a pupil’s identity. This solves the challenge of controlling information access. IT staff can define pupils by role (faculty, staff, pupil or guest), and/or by granular characteristics, like grade levels or location. Using this approach, the pupil’s experience is enhanced and security is achieved through identity-based policies.

Trouble: Ensuring bandwidth to critical services are not interrupted by BYOD users

Given most pupils carry more than one internet-connected device (SmartPhone, laptop, tablet), bandwidth consumption can easily quadruple overnight with a BYOD roll-out. Combine this with the fact that more critical services are moving to the cloud (online testing, attendance and payroll), and managing bandwidth becomes a real concern.

Implementing bandwidth management and quality of service technologies allows IT administrators to control recreational traffic while increasing critical access during times of peak consumption.

Trouble: Protecting against devices infected with malware

Mobile devices are particularly high-risk as they can be compromised when moved outside of the school network. Once that happens, devices can then infect systems and applications when they’re brought back in. Schools can mitigate these risks using behavioural analysis security that looks for anomalies in the way data is sent and received in the network. 

It focuses on securing against advanced persistent malware as well as known and unknown threats. Plus, it could be argued that many pupils are not aware of malware or security software to protect against it doing any damage. And even if they were, it is unlikely they would be concerned about it.

Trouble: Blocking access to restricted applications

Mobile devices introduce new complications including an ever-growing list of applications such as SnapChat, Facebook and others, exposing a school’s network to outside threats. However, sometimes pupils or teachers download applications to improve processes. 

For this reason, rather than restricting activity and access to applications, schools should seek to enable productivity by “pushing” approved applications to devices. 

For example, if a network detects a pupil accessing Box, but Dropbox is the approved application, a school can adopt technology that will send an email routing the pupil to the school’s Dropbox account.

Trouble: Controlling access to social media networks

Schools can also use technology to control access to specific online social media sites, including Facebook, YouTube and Twitter. 

While these types of websites can hinder productivity, pupils do need to access them on occasion for research projects and other activities. 

A school’s IT administrator can allow access to certain Facebook group pages, or enable pupils to view embedded YouTube videos on approved websites.

Location-based BYOD technologies on the market are being introduced that provide the ability to set web access policies not only by a user’s role (i.e. teacher or pupil), but also the pupil’s physical location on the network. 

For example, the school’s IT department can restrict pupil access to Facebook while in the classroom, but can allow access in the school canteen.


As more schools across the country develop BYOD programmes, security must be a key pillar in the planning and implementation process. The volume and variety of mobile devices brought onto the school network will only continue to increase. Security is critical to ensure the safe and effective rollout of BYOD schemes.

  • Peter Martini is chief operating office and Allan Bower regional director EMEIA at iboss Network Security.



Please view our Terms and Conditions before leaving a comment.

Change the CAPTCHA codeSpeak the CAPTCHA code
Sign up SecEd Bulletin