More and more schools are adopting Apple programs that allow students to use technology in the classroom, increase engagement and motivation across the board. But as with anything, there are always concerns about the risks this poses.
One of the biggest questions raised is about the security and safety of the people who use those digital devices, such as the K-12 students. After all, some of the programs allow students to take home those devices, and others use a shared device program. How can parents know that their students’ info is safe? And what can the IT team do to ensure device security? A data breach is a costly and complex situation to handle, so minimizing the risk of a breach is critical.
Following specific security guidelines is important, but where do you start? Whether you’re wondering if you’re following the standards and best practices for security on your macOS devices, or if you need to make some changes, the Center for Internet Security (CIS) is here to help.
In this article, we’ll go over what CIS is and how you can make sure that your Apple devices are CIS compliant, ensuring security and safety of your end-users. We’ll also go over how MDM can help you with this task.
The Center for Internet Security (CIS) sets the global standards for IT security, curated by security practioners and cyber experts. They offer free benchmarks that anyone can download to help safeguard their systems, including benchmarks for macOS.
There are also multiple configuration profiles with varying levels of depth, one which provides you with a good foundation for security and one which is for “environments where security is paramount,” as CIS puts it in their FAQ. You can learn more about that here. Each benchmark has a scoring status, which indicates whether or not a specific recommendation affects the final benchmark score.
When it comes to educational environments, ensuring the safety of your end-users when using EdTech tools should be one of the main priorities. Following CIS guidelines can be a step towards making sure that your devices, and your end-users, are safe. There are many different ways that you can meet CIS compliance.
Here are some aspects of security that CIS recommends focusing on:
There are a lot more topics and recommendations to look at, so read more information about each of them here.
One way to ensure that you’re CIS compliant is by using a mobile device management (MDM) solution. This way, you can manage and configure certain security settings for your fleet of devices in bulk.
When you use an MDM solution like Mosyle Manager for K-12 schools, you can have ultimate control over settings that follow the CIS best practices.
A huge aspect of security is focused on software and app updates. When you apply updates regularly, you ensure that you’re getting the latest and greatest security patches from Apple. Mosyle Manager gives you the ability to send updates to all your devices, or specific ones, at once in Bulk Operations area.
As mentioned earlier, there are also certain system preferences that CIS suggests should be configured for optimal security, such as Bluetooth settings. With Mosyle Manager, you can turn off Bluetooth capabilities remotely and in bulk across your fleet, which helps create a less susceptible environment. If it’s necessary for Bluetooth to be on for certain activities, CIS recommends that the device is not in discoverable mode, which decreases the chance that an authorized user can access it.
Another way to ensure security is to take advantage of macOS’ encryption capabilities, such as FileVault. This keeps your system’s data safe, so make sure to configure this properly and encrypt any sensitive data. Learn how to configure security and privacy settings in Mosyle Manager using our Mac deployment guide.
You can also configure login screen settings and Wi-Fi settings in Mosyle Manager. Ensuring that the private information of your end-users, such as students, is also very important. Discover more about identity management here.
Tip: enable the Firewall to add an extra layer of protection for your fleet of Mac computers.
Make sure to use the CIS benchmark guide mentioned earlier to see what else you can do!
With Apple’s new User Enrollment features, there’s an extra added layer of security that helps ensure your BYOD users and devices are protected. Learn more about what User Enrollment means for you here.
As an IT specialist, the safety of your end-users should be one of your top priorities. By following the CIS guidelines for security, students, teachers and others are less at risk of a costly data breach. Using an MDM solution makes it easier to stay within those guidelines. With Mosyle Manager by your side, you can rest assured knowing that your devices, and your end-users, are safe.
Save countless hours of IT effort while empowering teachers to manage iPad, Mac, and Apple TV devices in the classroom.
2019 Mosyle™ Corporation | Trusted by 14,000+ educational institutions across the globe