Today’s K-12 environments all have something in common: lots of connected devices. In fact, a December 2015 CNBC article noted that 4.4 million of the 8.9 million devices sold to schools and school districts that year were Chromebooks. If you were to do the math and factor those purchases into a typical school year, every school day some 30,000 new Chromebooks would be put into use. Imagine onboarding and managing 30,000 connected Windows laptops inside a corporation where the user base is consistent—imagine the challenges that would present. Now put kids in the picture. And although the percentage of iOS devices being deployed in K-12 has declined over the past few years and has been overtaken by both Microsoft and Google, there’s still a significant number of iOS devices being deployed annually into the mix.
Not counting new device acquisitions—whatever they might be—schools and school districts are usually challenged with high device counts spread across multi-location networks that are necessarily segmented to handle security and the differing needs of students and staffs. And those already tough challenges are compounded by the thousands when students change schools, especially with school boundary re-alignments. You can begin to see how complex the issue is for the Network, Security and Systems Administrators. And let’s not forget the whole Bring Your Own Device/Technology (BYOD/T) trend that has thousands more devices connecting to and consuming school district networking resources.
So, how can you gain visibility into those devices, including both the ones you own as well as those you don’t?
- How can you determine if the all-too-technically-savvy high schoolers haven’t downloaded some VPN or anonymized some application to hide their activity from your firewall?
- How do you track your school-owned devices and assets?
- How do you help to ensure that the owned devices have access to resources the BYOD/T do not?
Despite the fact that many devices are not your typical Windows devices (more easily discovered, managed and controlled), the requirements to track, control and manage them still exist. Fortunately, the industry has evolved to recognize this, and solutions are available today from companies such as Jamf® for Apple® and Google® devices. However, while the solutions available today generally provide the ability to onboard devices and such, there isn’t much available from a device visibility, asset tracking or network access control standpoint. In other words, these solutions on their own do not provide what is needed in order to obtain comprehensive visibility and answer the questions above.
Ideally, you have a solution in place to automatically and agentlessly discover the Windows-based endpoints connecting to your network, as well as integrate with solutions such as Jamf Pro™ or G Suites™ to help ensure only owned, compliant devices are connecting to the appropriate parts of your networks. Also, wouldn’t it be great to be able to track these devices and other assets throughout their lifecycles or have them be visible to your Service Desk in the event that someone needs to open a Service Desk ticket or deal with incident response?
I can think of a solution that can help you with that :)