How Chromebook tools strengthen school cybersecurity

Schools and organizations that deploy large numbers of computers have a much-needed computing edge against cybersecurity risks with enterprise-grade Chromebooks.

Consumer-grade Chromebooks come with what Google calls “defense in depth,” which provides multiple layers of protection. If attackers succeed in bypassing one layer, the others remain in effect Networked Chromebooks deployed in school systems, medical facilities, and government offices take multi-layered security and enhance it with additional features. One of them is Zero Trust security, a framework that verifies every user and device.

All Chromebook devices run ChromeOS, an embedded operating system built around Google’s Chrome web browser They run the same Google-certified operating image system. This built-in superior security and automatic updates are designed for zero trust protection and require no monitoring by users.

Endpoint resiliency and data security are enhanced by two critical components of Zero Trust, robust data loss prevention (DLP) and granular access control. Enterprise-level Chromebooks running on an organization’s network are easily maintained by IT system administrators through a console accessible to users.

This approach works whether students or employees are using Chromebook devices internally or remotely, ensuring that the security shield is always engaged. For example, users can access their devices using QR codes and image-based login options.

“Schools are frequent targets for cyber attacks such as ransomware, phishing and malware,” said Jeremy Barnett, vice president of technology. CTLAt a recent seminar where his company presented updated security features built into both consumer and enterprise Chromebooks.

CTL is a Chromebook manufacturer and ChromeOS OEM service provider that partners with Google to provide tailored solutions for educators, students and businesses. These solutions address the growing threat of cyber attacks facing schools and organizations

ChromeOS based security

According to Andrew Luong, Success Engineer, partner at Google and ChromeOS, the goal is to have strong authentication with second factors, or security keys. Despite other login options, students and others less familiar with technology prefer passwords.

“It’s complicated for users to change passwords frequently because every app you use today asks for longer and more complex passwords. It’s become quite a hassle,” he told the virtual seminar audience.

Google’s password manager has been very helpful in creating stronger passwords because the more you have to change them, the less you’ll remember. Google’s various login tools help users manage passwords better.

Another big challenge is device health, he added. Devices should be regularly updated with the latest security patches.

“Using ChromeOS is where we really shine,” Luong noted “ChromeOS devices update automatically, a key benefit and differentiator, with all running the same Google-certified operating image.”

However, he added that school IT teams must ensure that these devices are connected to receive those updates and are on the version approved by your district or in agreement with your school.

Using the IT administration console makes it easy to keep them on a specific version of ChromeOS so that students can take their tests or teachers or staff can use the tools in their classrooms.

“What we’re doing in our console is having Google AI surface and as you log into the cloud console show you that the devices are all up to date,” he said.

ChromeOS security behind the scenes

Updates are installed in the background on the second copy of the OS. The process does not interfere with any user activity. Once all the updates are downloaded, a reboot button will appear to load the new OS version.

Chromebooks include Verified Boot, a trust connector technology that verifies the integrity of the operating system during startup and ensures that the system has not been tampered with. If tampering or corruption is detected, the system automatically attempts to repair itself, often restoring the OS to its original state. It ensures that the operating system remains protected and intact, addressing any failure of its integrity.

Enterprise Chromebooks now have context-aware signaling to allow devices to connect to school applications before checking the integrity of the running ChromeOS version. This is an innovation of the zero-trust architecture framework, Luong explained.

Another recent security feature added to the IT management console is threat detection and response, which uses no agents. Management licenses enable administrators to configure and monitor information flowing from security events on ChromeOS devices to the security event notification system.

“So centralized reporting and insights simplify that zero-trust framework and increase your cybersecurity,” he said. “ChromeOS has built-in malware protection. No ransomware has ever been reported (on ChromeOS devices).”

These enhanced enterprise cybersecurity features are available on enterprise-grade devices through the Admin Console under plans licensed from authorized providers such as CTL. Consumer-grade Chromebooks have other features such as automatic updates and built-in malware and antivirus protection.

Internal risks to school cyber security

Luong emphasized an essential point about the strict cybersecurity protections inherent in all Chromebook devices. They cannot always survive the actions of careless employees.

“When it comes to phishing, about 90% of data breaches in K-12 schools are the result of a system employee clicking on a link — and that’s not a knock on school system employees,” he said.

If that click results in a ransomware attack, it’s not the Chromebook’s fault. Educational institutions are among the most targeted sectors.

That’s where cyber security training comes into play. US schools and colleges lose about $500,000 per day in downtime during ransomware attacks. So, the stakes are high if something happens, Loong observed.

Cybernaut Provides security awareness training. The company’s platform is designed to be highly gamified and engaging, based on micro training sessions with short, gamified experiences.

“The real goal is to allow schools to measure behavior change. Our success isn’t just based on faculty staff checking a box after watching a short video and taking a quiz. We’re laser-focused and measure behavior change through an ongoing, perpetual training experience. deliver,” said Oliver Page, co-founder and CEO of Cybernaut.

He offers a free trial, which allows organizations to learn about cybersecurity training It includes a free phishing assessment to see how a school district is positioned from a security posture perspective.

The high cost of cyber attacks on schools

As the quality of phishing emails has become more sophisticated over the past 10 or 20 years, ransomware attacks on K-12 schools have increased significantly in the past year. According to Page, most of these attacks come through malicious emails and phishing.

“It’s scary because it depends on how you calculate that number. If you’re talking about schools that were targeted in some way and something happened, it’s close to 100% of schools receiving malicious emails that could lead to a ransomware attack every day. So, It’s conventional,” Page said.

Several factors put schools in the crosshairs. Among the primary reasons is lack of budget, which leads to lack of staff and skills.

“It gets worse when we connect it to thousands of devices to manage and secure. We have a lot of valuable data,” Page warned.

The average ransomware payment last year was $6.5 million. In addition to that ransom, you’re looking at millions more in recovery costs.

One of the realities is that no one teaches students about cyber security, he adds. Parents spend an average of 46 minutes teaching their children about cybersecurity.

“Couple with the fact that the average child over the age of 13 spends seven hours a day online, it’s easy to see where the disparities and concerns lie,” he concluded.