Other schools also rely on their technicians to protect against the threat. Beaver Country Day School, a private 6-12 school in Chestnut Hills, Mass., chose instead to go with laptops of the student’s choosing in order to access the Google suite of products including Google Docs, Google Sheets, etc.

The school’s technology department provides troubleshooting throughout the day while there hardware and software have protection to keep the network free from malware, says Melissa Alkire, technology integration specialist.

Beaver Country Day follows the same BYOD philosophy of many colleges and universities. Professors, administrators, guest lecturers and students all have their device preferences and dictating one type of device. So most colleges and universities opt for the BYOD option rather than requiring that everyone have iPads, or other devices that all run on one operating system.

The school provides guidelines on device choices, including anti-virus and similar software, says Nancy Caruso, assistant head of the school.

Such a policy does present challenges, which colleges and universities tend to handle a couple of different ways. At Lebanon Valley College, Annville, Pa., for example, the network is constantly updated to protect against threats. Students must register their devices to access the network. Devices aren’t authorized unless they have certain security protocols. If the network later detects the device has picked up malware and poses a threat, the device will be quarantined until the problem is corrected, says David Shapiro, the college’s director of information technology.

Many other colleges and universities use similar strategies while others will require devices to have specific software that enables network access while also limiting the devices’ ability to upload malware to the network, according to Shapiro.

“A potentially better solution for organizations might be to adopt a CYOD, or Choose Your Own Device, policy, which instead allows the IT department to provide a range of supported devices to employees [or students] which are then managed by IT,” Goretsky says. “This strikes a mid-way between the cookie-cutter approach of “one size fits all” and the pandemonium caused by having to support sundry configurations of consumer-grade systems, which all too often are often missing the manageability and security features of their business-grade brethren.”

Whether it’s CYOD, BYOD or the K-12 or post-secondary educational institution selecting one device for everyone, the Lenovo-Superfish debacle once again shows that institution’s technical staff have to be ever wary of the growing number of actual and potential security threats.

Phillip Britt is an editorial freelancer with eSchool News.