Incident IQ

K-12 Workflow Management Blog

How To Choose the Best MDM for Your School District

Logos for Google, Microsoft Intune, jamf, filewave, and more

What’s more difficult than managing a classroom full of K-12 students?

For most IT teams, it’s trying to manage the tens of thousands of devices that those kids are using each and every day. Despite the knowledge and skill your IT agents may possess, managing mobile school devices is nearly impossible without Mobile Device Management (MDM) software.

MDM software gives K-12 network administrators centralized management over all the school devices in their K-12 district.

With MDM software, network administrators can set policies on what applications can be used, what type of data can be stored on devices, decide if the device camera is operational or not, and more. An MDM essentially gives K-12 IT admins complete control over all the mobile devices within their districts (including laptops, tablets, Chromebooks, etc).

Mobile Device Management for Schools

School districts are in a unique position when it comes to mobile device management. With the rise of 1:1 technology in schools, most school districts are deploying a growing number of mobile devices that would rival most companies.

The increasing need for MDM software is largely due to a significant uptick in the use of digital instructional materials in K-12 schools. In the CoSN, State of EdTech Leadership in 2021 report, the percentage of respondents reporting that the majority of their materials are digital almost doubled since 2020, from 34% to 64% in 2021.

Percentage of instructional materials in digital format in K-12 schools

Not to mention, increasing concerns over cybersecurity threats to unsecured school devices means that K-12 IT teams need to have the tools available to keep sensitive school and student data safe. Ransomware attacks alone impacted 1,681 U.S. schools, colleges and universities in 2020. Globally 44% of educational institutions were targeted by such attacks.

To meet the growing demand for mobile device security and management, choosing the right MDM for your school district is crucial—so, here’s a list of all the features you should be looking for in your school’s MDM software.

What To Look For in an MDM Solution

Screen lock feature

A screen lock is typically the first line of defense for your district’s mobile devices. Screen lock functionalities can be managed with MDM software and allow IT admins to set rules such as:

  • All users must create an alphanumeric passcode
  • If a passcode is entered incorrectly ten times, the user is locked out of the device
  • Input from a security team is required if a user has been locked out of a device

These rules can easily be configured within your district’s MDM and help protect your mobile devices from potential brute force attacks.

Security for Student Apps and Data

From a security perspective, MDM software allows IT admins to manage access controls on individual devices and set security requirements on those devices. This could include forcing screen locks and individual user PINs on single-user devices.

These security measures also apply to application management on district devices. With 24/7 access to their school network, students and teachers alike can easily download new applications on their mobile devices. The problem with this is that not all applications are written with security in mind—and some apps are even written to be intentionally malicious.

For example, in 2020, Baltimore County’s school system collapsed due to a ransomware attack that hit all its network systems and closed schools for 115,000 students. Cybersecurity threats such as these are made possible when devices are unsecured—application management through your school’s MDM software can help prevent this.

One way to avoid malicious apps being installed on your district devices is to manage application use through an application whitelist, and then import that whitelist into your MDM software. Once the whitelist is implemented, district users can only install applications that are on the approved whitelist.

Mobile information management capabilities

Mobile Information Management (MIM) is a part of most mobile device management (MDM) solutions that provide secure access to organizational or school district resources such as documents and media files.

A good MDM will allow system administrators to keep internal network data secure without limiting data access to approved users. In general, you want to make sure everyone within your school district has the data they need to complete their assignments without allowing unauthorized users outside your organization to access district information.

For additional security, many mobile devices include options for Data Loss Prevention (DLP). DLP ensures that data is encrypted on the mobile device, so sensitive student or district data can’t be stolen or copy/pasted elsewhere. A good MDM software will allow you to manage these DLP options for the mobile devices in your district and set broad policies for all users.

Remote data wiping features

Another important security feature that a good MDM will offer is the ability to remotely wipe all data from an individual device. This is ideal in emergency situations where sensitive school or student data is breached or jeopardized. In the case that a student or teacher’s device is stolen or goes missing, you can use the remote data wipe feature to make sure that nobody outside your district gains access to that information.

Geolocation and Geofencing

Geolocation is another common feature in MDM software, and it allows your IT team to quickly locate mobile devices within your district. Geolocation can help IT teams determine which school campuses mobile devices were deployed to. However, geolocation is arguably most effective when trying to locate mobile devices that are reported as stolen or missing.

This technology also gives K-12 IT admins the ability to take advantage of Geofencing features. While not all MDMs allow Geofencing, it can be a handy tool for restricting or enabling individual device features whenever the device is in a particular area or location. For example, if one of your district’s mobile devices were ever to leave the state your district is located in, you could set a rule to have that device automatically disable itself.

While the rapid increase in 1:1 technology means more students are using their assigned school devices outside of the classroom, Geofencing is still a great tool your K-12 IT can leverage for additional security.

Passwords and PIN management

When working in K-12 IT, forgotten passwords and PIN numbers will probably be a common issue within your school district. In the case of a forgotten password, students and K-12 staff will need to first issue a ticket through their school help desk software.

Once a help ticket has been received by your school IT team, your IT agents can initiate a password/PIN recovery process from your MDM software. Additionally, if your MDM of choice integrates with your school help desk, your IT may be able to automate password resets and recovery.

At Incident IQ, we make this possible with our Password Assistant app that allows IT teams to streamline the password recovery/reset process.

Incident IQ Password Assistant App

Benefits of Integrating With Asset Management Software

MDM software does a lot of heavy lifting on its own—but what if it were integrated with your school’s help desk or asset management software?

By integrating your district’s MDM of choice with your asset management software, IT agents can use the information from your MDM to access recent login data, quickly view system specs, and run actionable reports on school assets within your school asset management software.

Service features aside, MDM integrations also provide an incredible safety net for vulnerable devices. For example, MDM integrations allow IT agents to immediately lock a lost or stolen device directly from a help ticket, without needing to switch between systems or juggle user permissions.

Managing Mobile Devices With Incident IQ

MDM software plays a huge role in K-12 IT—but it’s only one piece of the puzzle.

At Incident IQ, we’ve built a service management platform that helps busy K-12 IT departments integrate leading MDMs (such as Jamf, Microsoft SCCM, Mosyle Manager, Filewave, and more) with our service management platform built exclusively for K-12 school districts.

Take a look at some of our MDM integrations or schedule a demo and chat with us to learn more.