Deployment Timeline
When the Aleutians East Borough School District (AEBSD) first contacted SecureW2 in March of 2021, they were ready for a change. What their Head of IT, Austin Roof, knew was that they needed a solution that was simple to deploy, required little maintenance and - most importantly - would empower him to keep students on a separate network from staff.
SecureW2 has worked with hundreds of schools - both K-12 and universities - before. We were able to work with AEBSD quickly to integrate with their infrastructure and deploy certificates to the school’s 1:1 Chromebooks. Here’s their story.
Challenges
When you’re a small school like AEBSD, you don’t have access to as many people or resources. This issue is exacerbated by the fact the school is located in remote Alaska; they have a limited bandwidth, which means they can’t have extra, unauthorized devices on their network. What’s more, staff members find themselves having to perform extra duties throughout the day, with employees like Austin having to split themselves between a number of additional tasks.
Schools also often need to find a secure, safe way to restrict students to their own network. This is to protect students from accessing inappropriate content and to ensure that the network is limited to school-owned, 1:1 devices as opposed to being bogged down by the plethora of mobile devices the average student has access to. Creating a secure network environment for students - with documentation to prove it - has a very tangible benefit for schools: it helps them meet standards set by the Children’s Internet Protection Act (CIPA) and secure E-Rate funding from the federal government.
However, maintaining this network segmentation without the right tools is challenging and time-consuming.
Network segmentation isn’t just important because it can protect students from access to inappropriate materials, though. It can also protect school networks from the possibility of threats spreading. The varying degrees of student technical literacy are huge, and there are plenty of students who simply don’t know how to protect themselves from malicious software. Without proper segmentation, an infected device can spread this malware to the rest of your network.
Solutions
Deploying our solutions quickly is something we have experience with - especially after hundreds of school deployments. We’re also familiar with the needs of schools like AEBSD.
We started by setting them up with JoinNow Connector, our Managed Cloud PKI which allows schools like AEBSD to create their own Certificate Authority (CA) and manage certificates from one pane of glass. Digital certificates are excellent for Wi-Fi authentication; they provide context-rich security that allows IT administrators like Austin to control who’s on the Wi-Fi.
Getting those certificates on student Chromebooks was also going to be key. Fortunately, SecureW2 has the industry-first extension for automatically issuing certificates to managed Chromebooks. It allows end-users to enroll for certificates by installing the extension, which transmits the device’s request for a certificate to our PKI.
The end result is that student Chromebooks are auto-configured for certificate-based Wi-Fi access. No end-user input is required, which is ideal when you consider the varying levels of technical literacy students can have.
Evaluating Success
In this story, the biggest indicator of success is AEBSD’s students being able to safely, securely connect to the Wi-Fi. But another indicator, in our opinion, is achieving this without causing the school’s limited IT team - staffed only by Austin - unnecessary headaches.
Both these goals were met. Now, students can quickly connect to the school Wi-Fi without requiring any complex configuration on their part. Austin has complete visibility over all devices connected to the students’ VLAN.
But we’re not the only ones saying it was a success.