‘Shadow IT’ poses risk for schools – expert

‘Shadow IT’ poses risk for schools – expert

A recent report found that Australia will need an extra 100,000 technology workers by 2023 to become a global ICT leader.

According to the report, by recruitment company Robert Half, almost a third (29%) of Australian CIOs think increased collaboration with education providers and universities is the primary solution to alleviate the skills shortage in the technology field.

Responding to a marked decline in the digital literacy of Australia’s schoolchildren, Microsoft’s Tech Lab, powered by Surface, is giving teachers across Australia hands-on experience in how they can effectively integrate technology into the classroom and augment learning.

However, the proliferation of digital devices and the programs to support them carries certain risks – especially when teachers bring their own devices – sometimes known as ‘shadow IT’ – into the mix.

The risks of ‘shadow IT’

Christian Lucarelli, vice president of sales Asia Pacific at Nintex, a company that provides end-to-end process management and workflow automation, said devices may lack the security that has been installed on school-issued equipment.

“This potentially opens them up to cyber threats. If an infected device is used to connect to central school systems, the infection could rapidly spread,” Lucarelli said.

Shadow IT can also pose problems from a security and privacy perspective, he pointed out.

“What happens if student records or personal details are accessed by a teacher on a personal device that is then lost or stolen? What if a thief uses the device to access the school’s systems and deletes or changes records?” Lucarelli said.

“Trying to outlaw the use of shadow IT devices within the school is unlikely to be a successful strategy. Both teachers and students like the flexibility and freedom it offers and want to make use of the same devices in their school life as they do after hours”.

A better approach

Rather than taking a heavy-handed approach and attempting to stamp out shadow IT, Lucarelli said schools should instead take a more open and conciliatory path.

The steps that could be taken include:

  • Assess the situation: A good first step is to spend some time with staff and students as they go about their daily activities. Watch what types of shadow IT devices and applications they are using and the benefits they deliver.
    Once this process has been completed, you will have a much clearer idea of why the technologies have been chosen and, potentially, why technologies selected by the school are not meeting staff and student needs.
  • Communicate: Once a clear picture has been obtained, talk openly with staff and students about the technologies they are using. Explain the potential security and privacy risks and let them know that steps can be taken to overcome these challenges. Do make it clear that you won’t be mandating systems and solutions that don’t meet their needs.
  • Ask for input: Seek guidance on the types of technologies that staff and students would like the school to provide. Make it clear that their input is valued and will help to shape the school’s technology mix in the future.
  • Adjust your strategy: Take the learnings and adjust your school’s technology strategy. Examine ways to improve the security of personal devices and replace any school systems that are not adding expected value.

“By taking an open approach to school technology, the perspectives of all participants can be used to ensure devices and software are delivering the types of services and capabilities that staff and students require,” he said.

“Rather than being something that causes problems, shadow IT can become an integral part of the education process and something that adds real value”.