Chromebooks are a popular solution for students – they’re a cost-effective way for students to access cloud resources, complete homework and learn. In some ways, Chrome OS devices are more secure than traditional devices like desktops and laptops. For example, Chrome OS does not allow access to its kernel, the core part of an operating system, and apps are sandboxed, so one bad app doesn’t impact the entire system.
Still, like any modern device, Chromebooks are still susceptible to phishing and malicious software. Anti-phishing and antivirus solutions remain important as they protect students from easy-to-make mistakes, like clicking on malicious links and downloading malicious apps.
For some students, mobile devices and tablets are their only options for attending class. But it’s important they’re aware of the unique threats on these devices.
Students, parents, and teachers need to be aware that phishing attacks are hard to detect on mobile. That’s largely because mobile displays are small and have a simplified user experience, which makes it harder to decipher what is real or fake when compared to a laptop or desktop. At the same time, mobile email, messaging, and apps provide additional channels for phishing attacks.
Districts must be hyper-aware of phishing, ransomware, and malware campaigns that could put both school administration and students at risk and train students, teachers, and administrators to stay vigilant against them. Without the proper training and security in place, school district infrastructure is at risk of compromise. Login credentials of teachers and administrators could be captured by mobile phishing, potentially exposing sensitive data such as employee information and student records.
Educating teachers and students on overlooked threats
Whether on Chromebooks, smartphones, or tablets, proper education is necessary to protect us all from mobile threats. Helping teachers and students understand the social engineering tactics used to obtain personal information like login credentials, resources, and passwords is critical. This includes awareness of the many ways malicious phishing links can be delivered.
A common misconception is that phishing is just email-based scams, but users must recognize that threats can be omnipresent through seemingly innocuous social media apps like WhatsApp and Instagram. Yes, even your video gaming app can give bad actors access to your device’s microphone, email, photos, documents, and phone logs.
To combat this, districts should offer basic training to teachers and students with best practices, including:
● Never give out personal information to someone you don’t know.
● Don’t open or click unsolicited links.
● Research sources to see if they are legitimate, and engage through their website, not an inbound link.
● Invest in modern endpoint security solutions.
User education is key, but it cannot be the only line of defense against mobile attacks. Modern endpoint security is an important consideration to protect every device. This needs to include protection against phishing and web content, network-based, and app-based threats. On Chrome OS, modern antivirus solutions can detect threats in new versions of apps to protect users from new viruses.
Remote learning is a reality for today’s students, but also introduces risk to school districts if devices are not adequately secured and users are not properly educated. While we’re unsure what the future holds, the lessons of mobile device security learned by kids, parents and districts alike will prepare us for a more secure mobile future, even when students are back at their desks.
- 6 tips to give students a skills refresh - May 11, 2021
- 4 under-the-radar data points to track as schools reopen - May 11, 2021
- 3 key considerations for the future of assessments - May 10, 2021