Guest Column | November 6, 2013

Three Mistakes Schools Make With BYOD

By Cal Calamari, Global Solutions Lead For Enterprise Networks and Connections, Motorola Solutions

Mobile devices and education are nearly synonymous these days. Higher education students are bringing more than three Wi-Fi enabled devices with them to campus. Students in K-12 are bringing smartphones, iPod touches, Kindles, tablets, and laptops, which are used for digital textbooks and online testing. The explosion of these powerful mobile devices puts desktop applications into the hands of students, while the latest Wi-Fi standards such as 802.11n and the introduction of 802.11ac eliminate the need for wires. All of these Wi-Fi devices can create havoc on the educational institution’s wireless LAN and overload an IT department or administrator.  The challenge for IT is how to onboard all of these devices securely and apply the appropriate policy for network access to protect the network, resources, and individuals using the network.

This has led to BYOD (Bring Your Own Device), which started simply enough: how to onboard all these devices without a manual setup or registration of MAC addresses by users or IT staff. However, BYOD is beyond simple onboarding. It is about identifying the student, authenticating that student, and then onboarding student devices with secure connections while provisioning that device with the appropriate access. And it’s not just about student access — teachers, administrators, maintenance staff, and visitors expect to be able to use their own devices on campus — especially as they come to depend on smartphone applications to do their jobs.

When considering a BYOD strategy for K-12 and campuses,  IT directors need carefully think about how to implement a strategy that is easy and secure for their users while managing their most precious resource; their wireless LAN.

Here are three key mistakes schools make when implementing a BYOD strategy on campuses:

1. Underestimating the number of devices accessing the network. College students are bringing many types of Wi-Fi enabled devices to campus. The majority of devices include smartphones, tablets, and laptops, but you cannot forget they may have iPods, gaming stations, and printers. If the average student brings three devices, a campus of 10,000 students could have 30,000 devices to register — and students upgrade their devices regularly. Not all of these devices would be used simultaneously, but the system you use to onboard these student devices must be simple so the student can do it without IT assistance, and it should ensure the student’s connection is secured via WPA2 encryption to protect the student’s privacy and prevent identity theft.

In a K-12 environment, staff and students will be bringing in many types of devices. Many could be hand-me-downs and these devices could be changing regularly. The system must be simple and flexible to accommodate the ever-changing landscape of devices, and the number of devices will continue to increase.  In K-12, network access is typically more restrictive than in higher education. Schools will want to restrict sites the students have access to, such as social media sites and video sites such as YouTube. Children’s Internet Protection Act requires students have safe access.

2.  Not differentiating access between school-issued and student-owned devices.  A number of higher education and K-12 institutions issue mobile devices for student use. In K-12, these could be loaners to use within a class or for use during the school year. These devices could be viewed as corporate devices, locking down the device and not allowing any changes. In these cases, students could have a school-issued device and have a personal device. It will be important that the BYOD system be capable to differentiate between the two. The student has the same credentials to access the system, but the devices will have different restrictions and access to the network.

3. Forgetting to factor the use (and benefits) of social media platforms. In higher education, IT administrators have a number of options for authenticating students onto their networks. Open Auth (OAUTH) is a standard that would allow applications to authenticate user credentials against other sites that the user belongs. In this case, instead of asking students to authenticate using their student ID, the student could authenticate with something they use all the time such as Facebook, Google+, or Linked-In.

Implementing an effective BYOD strategy is not a 5-minute job. With careful planning, however, you can realize some enormous benefits: higher efficiency, better security, more empowered students and staff, and access to productivity applications.

Cal Calamari is the Global Solutions Lead for Enterprise Networks and Connections at Motorola Solutions. He has over 20 years in high tech and is a patent holder in processor technology. His diverse background includes engineering, chip design, software, product strategy, channel strategy, and marketing. Today, he works closely with Motorola product managers, sales teams, channel partners, and customers to identify the ideal wireless solutions to meet the specific needs of several vertical markets including education, Motorola offers solutions tailored for vertical markets, such as MOTOTRBO Anywhere that connects smartphone users and two-way radio network via a special app.