University Security: Implications of BYOD Policies - Part 1


university-security-implications-of-byod-policies-1.jpgBring your own device, or BYOD, is a fast-growing trend on higher-education campuses across the country. In fact, at least 42 percent of U.S. colleges and universities have implemented a BYOD strategy. Meanwhile, bandwidth on campuses has nearly tripled since 2012, with more than 70 percent of schools offering at least 1 GB, in part because of the need to keep up with BYOD demand.

BYOD is beneficial to universities, teachers, and students alike. Policies that embrace outside devices have been shown to expand educational opportunities, improve student and teacher productivity, save money, and minimize certain technical headaches.

However, BYOD also creates challenges for IT. Although welcoming these devices can save schools from having to invest in wired infrastructure and desktop computers, it does place more of a burden on IT, which is tasked with supporting user devices and securing the data and systems being accessed.

Let’s take a closer look at some of the positives and negatives of BYOD, as well as the security implications of such policies.

Perks of BYOD

For today’s always-connected students, BYOD simply makes sense. The vast majority of higher-education students have a smartphone, tablet, and/or laptop, and many of those who live on campus also have internet-enabled TVs and gaming consoles. They already depend on these devices for many aspects of their lives, so being able to also leverage them for schoolwork, research, peer-to-peer collaboration, and other related activities helps to boost productivity and make life easier.

From the perspective of faculty and staff, BYOD can also be extremely helpful. Using their own devices means they don’t have to carry around additional school-issued phones or laptops. Much like the students, they also enjoy greater productivity and time savings by being able to use the same device at home and at work.

In addition, colleges and universities can reap several benefits from allowing BYOD. Schools stand to cut costs by eliminating the need for costly wired infrastructure and enough desktop computers to support peak demand.

As more students and faculty grow to expect network access on their personal devices, an open BYOD program has become non-negotiable for many, pushing a growing number of schools to develop and adopt their own BYOD policies in order to attract applicants.

By integrating digital learning inside and outside of the classroom, schools have an opportunity to provide a more engaging learning experience. Today’s students simply expect to be able to bring their devices into the classroom and readily log on to the network to do online research, connect with classroom technology, access open educational resources (OER) such as textbooks, and more.

A Mixed Blessing for IT

Although BYOD offers significant benefits to students and faculty, it does create both challenges and opportunities for IT teams. After all, an effective BYOD policy shouldn’t only be about enabling people to easily access the network with their various devices; it should also be about protecting the data and systems involved.

A few of the most common IT perks of BYOD include:

  • Reduced costs thanks to fewer investments in hardware, electricity, building space, management, and maintenance
  • The ability to support technology curriculum mandates that provide a rich online learning experience
  • Once the BYOD policy is established, the ability to easily add new users and guests

Meanwhile, BYOD creates a variety of IT challenges:

Device support. BYOD puts more of a burden on IT to support all the various devices that students want to use. To further complicate things, it can be difficult to ensure that hundreds or even thousands of devices—running iOS, Android, and other OS—can support the same applications. For that reason, most apps that will be widely used on campus must be OS-agnostic.

Security. This is usually IT’s biggest concern regarding BYOD—and the reason many schools avoid adopting a formal policy. Introducing countless new endpoints onto a university’s network can no doubt be dangerous and, if not done right, can expose a school to viruses and malware. Most school IT departments are unable to scan each personal device for antivirus software and security updates, so they can’t be sure the devices aren’t compromised.  

Then, there’s further difficulty in controlling each user’s activity. If you allow BYOD, your IT team can’t lock down users’ devices to prevent things from being installed or run on the network. This can be especially troublesome during peak load times when apps, such as YouTube, are eating up precious bandwidth. Because IT can’t control the endpoints and users’ applications, team members have to spend time adding controls to the network itself to block apps that might overload the network.

In addition, incorporating accessory hardware presents another challenge. For example, on campuses where multi-factor authentication (MFA) that uses fingerprint scanners is implemented, IT can experience difficulty in standardizing BYOD devices on the required hardware. To complicate things further, IT also must determine who has access to communal devices, such as printers.

There you have it—perks, challenges, and security concerns of BYOD in higher education. In Part 2 of this series, we’ll discuss how to enable streamlined, secure BYOD using a modern identity and access management platform.

Higher Education Identity Access Management


Subscribe Here!