Schools beef up security for web applications

Colleges are using web apps for more than just eMail.
Colleges are using web apps for more than just eMail.

K-12 schools and colleges are adding extra layers of security to web applications that are being used for everything from eMail service to group assignments. The extra security is particularly desired as administrators use the applications to store sensitive information that could compromise student and faculty privacy.

Google Apps has risen to prominence in education’s move toward web-based tools that store massive amounts of data and allow for collaboration. Google announced in February that 7 million students—about half of all college students in the U.S.—now use the company’s applications, such as Google Sites, Google Docs, and Gmail.

With invaluable information stored online and vulnerable to any hacker who can figure out a single password, administrators are looking for ways to ensure that student and educator data are kept safe with more complex security methods.

The widespread use of web-based programs, a trend known as cloud computing, also has required students to remember a host of user names and passwords.

This prompts students to jot down user names and passwords on stray pieces on paper in a dorm room or office, which makes their online information vulnerable to classmates and passersby alike, said Jon Brody, a spokesman for TriCipher, a California-based company that makes myOneLogin, a program that uses a single sign-in for more than 2,000 internet applications.

myOneLogin can ensure that a student’s term paper can’t be accessed with one password. Instead, the program will not allow hackers to access an account from a computer that it doesn’t recognize. If a student forgets his or her password, myOneLogin will send a temporary password to the person’s cell phone. The password will expire after 30 seconds, Brody said.

“Universities already do a good job of taking care of information behind their firewall in their infrastructure,” Brody said, referring to traditional campus network security before web applications became commonplace. “But now with web applications, the problem has changed a little bit. Now they’re dependent on the [security of the] applications.”

St. Michael’s Roman Catholic School in the United Kingdom began using myOneLogin last year, and the school’s technology official said there hasn’t been a reported security breach since.

Damien Kelly, head of eLearning at St. Michael’s, said he was “very nervous” when staff and faculty decided to store sensitive student information on Google Apps, but the added layer of online security has kept student records safe from internal and external attacks.

“Security has become an issue for everybody now” that web applications are used by students and teachers, he said. “It’s something new … and we realized it would take a new approach.”

Web applications that are accessible at any time to students and their teachers, Kelly said, have gained popularity in education, in part because the technology creates a new level of transparency.

“You can tell if a particular student isn’t pulling [his or her] weight in a group project,” he said. “And all the excuses you can have [for missing homework assignments] are all gone.”

Microsoft also has attracted schools and colleges with its application offerings. The company announced in February that academics and researchers could apply for grants that would give them three-year access to Microsoft Azure, a program that offers enormous data storage and computing capabilities using the corporation’s data centers.

Microsoft offers Live@edu, a web-based program that enables student collaboration and allows teachers to distribute homework and PowerPoint presentations online.

Despite the trend toward secure login add-ons, Google Apps provides a secure environment for schools, said Jeff Keltner, business development manager for Google Apps for Education.

Keltner said school employees and students must contact their domain administrator before they make any password changes to their Google Apps accounts, helping to mitigate unauthorized password switches that can lead to stolen information.

“We take security extremely seriously and work hard to make sure that all of our systems are maximally secure,” Keltner said. “In that vein, passwords are one of the critical aspects of security for all our systems, including Google Apps.”

Google Apps for Education, he said, offers extra web security for schools and organizations who want more than the standard features. The extras include smart cards, certificates, and biometrics that make hackers’ jobs far more difficult.

“This is critical for schools, who often have open networks on campus connected to the internet,” Keltner said.


Google Apps for Education

Microsoft Live@edu

Sign up for our newsletter

Newsletter: Innovations in K12 Education
By submitting your information, you agree to our Terms & Conditions and Privacy Policy.

Sign up for our newsletter

Newsletter: Innovations in K12 Education
By submitting your information, you agree to our Terms & Conditions and Privacy Policy.