pixel Cloud Archives - Page 3 of 3 - Tech Reformers

Category Archive :Cloud

cloud market graph showing AWS with highest market share

Cloud computing is one of the fastest-growing tech industries in today’s job market. Synergy Research Group reported AWS still continues to hold steady as the market leader in cloud computing services. These services are Infrastructure as a Service (IaaS), Platform as a Service (PaaS), and private cloud models.

Cloud Infrastructure Services Market

As an AWS Educator, I often try to prepare my learners that learning cloud computing skills is not a “one-and-done” learning experience. In fact, as I go through the orientation of resources and expectations, I ask my class to raise their hand if they are a lifelong learner. If they don’t raise their hand – they are in the wrong class and need to reconsider their career choice. Thankfully, the response is typically one where they all raise their hands and affirm they are in the class to start their learning journey with the cloud – but not end it there. 

Lifelong learning is where you take personal responsibility for your own continued education. As my sons decided what their subsequent paths would be after high school, I reminded them that it is up to them to go beyond what they learn in the classroom. I was a college instructor for eight years. I understand the challenges of what can be taught in the classroom. This is especially true in rapidly growing fields like technology. There are limits to time and resources that require learners to take more responsibility for their own educational experiences outside the classroom. A mentality to embrace lifelong learning is not optional in today’s day and age. 

AWS, not surprisingly, is well aware of the need for opportunities to help these lifelong learners. AWS is educating as many people as possible to become AWS cloud professionals. That is why resources such as AWS Skillbuilder and AWS Educate exist. 

What is AWS Educate?

AWS Educate was formed in 2015. The goal was to provide resources and hands-on lab experiences to high school and college students who wouldn’t have had access to the lab experiences otherwise. Initially, it was limited to individuals 13 and older who were in high school or college. This limited access required an application and verification process. 

In March 2022, AWS announced that AWS Education was going to be accessible to the general public, which I was thrilled to see. This expansion has allowed me to include this as a supplemental resource when teaching AWS Academy or AWS re/Start courses. AWS Educate continues to provide resources to help learners get started on their cloud journey without providing a credit card as you would need to with an AWS account. (It is important to note that the labs in AWS Educate are temporarily provisioned, which means work is lost and resources are terminated.) 

What are the Benefits of AWS Educate?

In addition to the coursework and hands-on lab experiences, AWS Educate also provides the following benefits:

  • Learners can explore recommended courses based on seven different topics: Analytics, Cloud Computing, Development, Machine Learning & AI, Network & Infrastructure, Professional Skills, Security
  • Learners can choose at what level they want to learn: Foundational, Intermediate, or Advanced
  • Learners only need an email address to begin using the AWS Management Console. 
  • An Explore option on the homepage features supplementary content, such as new courses, Twitch videos, blogs, and white papers.
  • Learners will be able to access a job board for AWS Educate learners

What are AWS Educate Badges?

One of my favorite features that I encourage my learners to utilize to start building their professional profile today is the badge opportunities. AWS Educate badges are not a new concept for the platform. They had them when it was exclusive for high schools and colleges, and I had many students who were motivated to go beyond the assignment simply because they wanted to collect the badges. This was when the Pokemon “gotta catch them all” game was popular, and they compared it to the same motivation. 

In 2022, when AWS Educate became offered as a public learning resource and not limited to targeted demographics of 14 – 24, the platform adopted a new look – which is what we see today. With the new look have come new badges to showcase. 

AWS Educate has seven different courses that, after successful completion, will award the learner with a badge to share this accomplishment on platforms like LinkedIn or with your current employer as evidence that you are focused and investing in your own education to grow in your career. 

The labs and badges available are diverse and include the following:

  • Getting Started with Databases
  • Getting Started with Cloud Operations
  • Getting Started with Networking
  • Getting Started with Compute
  • Getting Started with Storage
    • AWS DeepRacer Primer
  • Introduction to Cloud 101

You can see from the above list that the fundamentals of AWS cloud computing (Databases, Networking, Compute, and Storage) are provided. These are also specific lesson modules in AWS Academy’s Cloud Foundations course to prepare learners for their AWS Cloud Practitioner certification. To provide a more well-rounded educational experience and additional learning opportunities, I assign these labs to complete and encourage them to share their badges on their social media platforms (specifically LinkedIn and Twitter) and, if appropriate, provide a copy of the badge verification to their human resources departments and supervisor. 

While the ultimate goal is to prepare and earn their AWS Cloud Practitioner certification, smaller achievements along the way can help continue to motivate the learner to continue on their journey. Motivation tactics such as these badges can help propel the learners to continue on their journey as things get more challenging (because they do) when learning about the AWeSome world of AWS. 


Tasha Penwell is an AWS Educator and a Certified Solutions Architect. She is also a subject matter expert (SME) in web development, cloud security, and cloud computing. As a speaker, she talks about AWS education and AR technologies.

Recently K12 Security Information Exchange (K12 Six) released its annual State of K-12 Cybersecurity, Year in Review. K12 Six has been tracking cybersecurity incidents in K-12 for several years and has been attracting a following among school district Information Technology (IT) leaders. They are perhaps best known for their heat map which is a visualization of publicly disclosed school cyber incidents from 2016 to now. Besides the map and this research, they are an information exchange where IT leaders can learn from each other, leaders in the cybersecurity field, and cybersecurity vendors.

cover of The State of K-12 Cybersecurity: Year in Review
2022 Annual Report that show cyber incidents in K-12

The definitive annual report series on cyber incidents affecting U.S. public elementary and secondary (K12) education institutions. Based on a data source that the U.S. Government Accountability Office (GAO) found to be the “most complete resource that tracks K-12 cybersecurity incidents, including student data breaches.”

U.S. Government Accountability Office (GAO)
Number of Publicly-Dislclosed K-12 Cyber Incidents by Incident Type 2016-2021. Data steadily rising for data breach, ransomware, BEC, DDOS, Invasion, and other to total about 1300 cybersecurity incidents.
K12 Six The State of K-12 Cybersecurity 2022 Annual Report

The report itself tells us what we already know: there is a growing number of cybersecurity incidents in school districts. But, it provides specific numbers, categories, and examples that drive home the problem. Note that K12 Six reports that the reporting is not what it should be. Based on anecdotal evidence, incidents occurred perhaps 10 to 20 times more often than reported.

2021 was Unique

2021 had some unique variables that may have caused the increase. With the pandemic and remote learning, a new cyber incident became evident. Dubbed “zoombombing” or class invasion, these incidents rocked the virtual classrooms of the United States. Vendors and users implemented technical and operational controls respectively to blunt this threat. Luckily, learning from mistakes and the return to the classroom should diminish this threat.

Also, 2021 became the year school districts became more aware of the need for and requirements of cyber insurance. While many school districts had insurance, they did not meet the stricter requirements of their insurer. Insurance companies got slammed over the previous years with the rise of ransomware, and now were enforcing a set of requirements on districts to keep their policies in force. With both the increased media attention to cyber incidents and the new insurance requirements, district leaders and board members, not just IT or Risk Management, began to focus on cybersecurity. So 2021 wasn’t all bad!

Ransomware – #1 Cyber Incident

Of all the cybersecurity incidents, the top incidents were ransomware, data breaches, and class meeting invasions. Ransomware, for the first time, is the top threat. In 2021 62 K-12 districts across 24 different states reported ransomware cybersecurity incidents. 2021 was the third year with over 50 incidents. Unlike a data breach, ransomware often results in class cancellations, school closures, and a breakdown of district core operations.

The Baltimore Sun headline:
Ransomware attack cripples Baltimore County Public Schools. No timeline for return to class.
The Baltimore Sun headline

The report outlines striking examples that include Baltimore County (MD) Public Schools where the cost of ongoing recovery from a Ryuk ransomware attack grew to nearly $9.7 million dollars and closed school for days and limped back for weeks.

The Buffalo News headline
The Editorial Board: Ransomware attack on Buffalo schools show again the need for strong security.
The Buffalo News headline

Similarly, the Buffalo School Board approved spending nearly $9.4 million on IT consultants to respond to a ransomware attack in March 2021.


Data Breaches

Initiator of K-12 Data Breach/Leak Cyber Incidents: 2016-2021
K-12 Vendor 55%
Other / Undisclosed 24%
Staff 14%
Students 7%
K12 Six The State of K-12 Cybersecurity 2022 Annual Report

The most significant vector for student and teacher data breaches, the loss of personally identifiable information (PII), remains school district vendors and other trusted non-profit and government partners, not the districts themselves. An exception to the Family Educational Rights and Privacy Act, or FERPA, allows districts to transfer the role of a so-called “school official” allowing a district to share educational records with third parties as part of outsourcing service that it lacks the capacity to perform itself. Although allowed, districts must vet these 3rd party vendors from the large Software as a Service (SaaS) ubiquitous in Student Information Systems (SIS) and Learning Managementment Systems (LMS) to the smallest EdTech vendors.

Another significant source of K-12 data breaches is school district staff and school board members,
who inadvertently share the PII of students and/or staff in the course of their duties. Two common examples are losing an unencrypted district device or emailing a spreadsheet of data.

The other K-12 cyber incident types disclosed during 2021 as reported by K12 Six include:

  • Business Email Compromise (BEC) where district emails are spoofed or stolen to fraudulently request gift cards, W-2s, and invoice payments;
  • Class Invasions where malicious actors gain access to classes or meetings;
  • Email invasion where the district email system is breached for spamming;
  • Website and social media access where lack of controls leads to defacement or worse by a 3rd party;
  • Denial of Service (DOS) attacks to bring down systems and testing periods.

Responsibility for Cyber Incidents

The research shows where most of the incidents are occurring. Incidents per 100,000 students, which compensates for the size of the district, show that the states of Montana, North Dakota, Connecticut, Maine, and Hawaii have more than their expected share of K-12 cybersecurity issues. Larger school districts and wealthier ones appear to be at a greater risk of cybersecurity incidents than small school districts and lower-income districts. This may be because cybercriminals are targeting districts with more money and the ability to pay a ransom.

So who is responsible and why do these incidents keep occurring? K12 Six found 4 groups.

  • Teachers, administrators, and board members who have a lack of training
  • Tech-savvy students who are not monitored
  • Suppliers and vendors who are not properly vetted
  • Cybercriminals (of course) who realize that school systems are “soft targets”

Key Finding

There is a lot of great information in the K12 Six report that is backed up by well-researched data. While they come up with several conclusions, there is one main point that comes from the data. K-12 school districts need to implement commonsense cybersecurity controls and practices. As a district leader, you do not want to risk the money, lose productivity and class time, or get on the K12 Six K-12 Cyber Incident Map. Read the full report here: The State of K-12 Cybersecurity Report Series — K12 SIX.

Next Steps

Tech Reformes is hosting a webinar, The Ransomware Hostage Rescue Checklist: Your Step-by-Step Guide to Preventing and Surviving a Ransomware Attack. In this webinar Roger A. Grimes, KnowBe4‘s Data-Driven Defense Evangelist and security expert with over 30-years of experience will take you step-by-step through best practices for preventing ransomware attacks and a post-attack response plan. Join us May 11, 2022 11:00 am PDT, 2:00pm EDT. Don’t be a victim of the #1 cybersecurity threat in K-12.

New Webinar
The Ransomware Hostage Rescue Checklist:
Your step-by-step guide to preventing and surviving a ransomware attack. Avoid cyber incidents!

The Russian invasion of Ukraine increases the risk of wiper malware spilling over to the US and our education infrastructure. You may remember NotPetya, which caused billions of dollars of downtime damage. The Wall Street Journal (WSJ) reports that Symantec observed wiper malware was put in motion just hours before Russian tanks arrived in Ukraine.

WSJ Reports

The WSJ said: “The wiper malware—this version is being called HermeticWiper by researchers—could mark an escalation in cyberattacks against various Ukrainian targets, security experts said. Websites of government agencies and banks were disrupted on Wednesday, and on Thursday, that of the Kyiv Post, an English-language newspaper.”

“On Wednesday, Slovakia-based cyber firm ESET said it also detected the wiper strain on hundreds of machines in Ukraine, adding that timestamps indicated the malware had been created nearly two months ago in preparation for deployment.”

The WSJ noted that “On Thursday morning, CISA Director Jen Easterly tweeted a Wired magazine article on the 2017 NotPetya hack, which emanated from a Ukrainian accounting firm and caused billions in lost sales and other damage to businesses including FedEx Corp. and Merck & Co. Inc.”

“While there are no specific threats to the U.S. at this time, all organizations (including school districts) must be prepared for cyberattacks, whether targeted or not,” Ms. Easterly wrote.

Recommendations

So, Tech Reformers strongly recommends to:

  • Make sure your backups work and test your restore function, not for just files but whole servers
  • Patch all known vulnerabilities and test the patches
  • Deploy strong MFA to as many employees as possible (some MFA can be easily circumvented).
  • Step all employees through at least a 15-minute security awareness training module to keep them on their toes with security top of mind.

Also, warn your staff: cybercriminals will start new, devious charity campaigns that claim to help people in Ukraine. Be prepared for the wiper malware.

Cybercrime has become an arms race where cybercriminals constantly evolve their attacks. You, the vigilant school district IT pro, must diligently expand your knowledge to prevent intrusions. This includes protecting the district network and your cloud (your SaaS and Infrastructure providers). Staying a step ahead may even involve becoming your own cybersecurity investigator. Learn to forensically examine actual phishing emails. Determine the who, the where, and the how to adjust your defenses.

In an on-demand webinar, Roger Grimes, KnowBe4’s Data-Driven Defense Evangelist, hosts. He shows you how to become a digital investigator to fight cybercrime.

Roger Grimes, Cybersecurity and cybercrime expert at KnowBe4

You will learn:

  • How to forensically examine phishing emails and identify other types of social engineering
  • What forensic tools and techniques you can use right now
  • How to investigate rogue smishing, vishing, and social media phishes
  • How to enable your users to spot suspicious emails sent to your organization

Register for an on-demand webinar sponsored by Tech Reformers. No waiting. So, get inside the mind of the cybercriminal. Learn their techniques, and how to spot phishing attempts and improve district cybersecurity.

project tomorrow logo

Late in 2021, Project Tomorrow released a report, 2021 Project Tomorrow – iboss National K-12 Education Cybersecurity Research Study. Project Tomorrow is a nonprofit whose mission is to support the effective implementation of research-based learning experiences for K-12. This research points to how security and the cloud can shape student learning.

Researchers interviewed nearly 600 district administrators and technology leaders from a cross-section of school districts across the country. The results call for a national response for greater awareness and actions in K-12 cybersecurity. Most importantly, research showed that security is not the job of just the technology department. We need greater awareness. And, particularly, all district personnel, students, and families must act.

There has indeed been negative press on the effects of remote learning. Nevertheless, the pandemic looks like it cemented districts’ commitment to devices, digital resources, and internet connectivity. With this increased usage, the vulnerabilities of school districts have increased. We all hear the reports of ransomware, hacking, data breaches, and other cybersecurity incidents. They have hit school districts with increasing regularity.

The report findings do not reveal technical specifics for protection. Results offer areas of misalignment that need to change. Three key areas surfaced.

  • An effective cybersecurity plan must have shared responsibility across the district.
  • District leaders must reassess the approach to the management of technology.
  • Funding must increase for cybersecurity for both readiness and mitigation efforts.

Share Responsibility for Cybersecurity

The readiness of District Leadership to implement effective methods for protection or response to a ransomware attack or hack to district systems depends first upon the Superintendent. And his or her cabinet must have an understanding of their district’s vulnerabilities and response planning. Unfortunately, the study shows that there is a mismatch in the commitment across leadership.

Chart of Cloud adoption
Perceived use of Cloud

The pandemic showed that district staff needed to adjust their jobs to meet the needs of the moment. This change, or transformation, must continue. Tech staff may need to learn more about cybersecurity and the cloud and less about servers and copy machines. Teachers may need to address digital citizenship and online safety more actively.

Reassess Needs to Focus on the Cloud

Software as a Service (SaaS) and cloud are widespread even before the pandemic. That’s only increasing. But Leaders need to ensure training on new technologies. Staff now should spend less time running a data center rather than running cloud applications. Staff to focus on this new landscape. Time is needed for practices and procedures to evolve. Vet SaaS and cloud providers to hone skills. Spend less time spent on, say, testing shrink-wrapped software.

Increase Funding for Cybersecurity and Cloud

Finally, the Project Tomorrow research points to the need for more funding for cybersecurity. These investments should go to awareness training, locking down vulnerabilities, updating security and student safety software, cloud adoption, and having a robust business continuity and disaster recovery plan.

Download the full report.

FETC Conference, January 25 - 28, 2022 Orange County Convention Center Orlando, FL
See Tech Reformers in Booth 4211 in the Startup Pavilion

At FETC, the Future of Education Technology Conference, Tech Reformers, a leader in K-12 Cloud,
is releasing TR | AppStream, a managed AWS AppStream 2.0 service. So, K-12 school districts can now offer virtually any application to students on Chromebooks and any device even with low bandwidth. Enabling all students to access high-end applications, TR | AppStream gives any time, anywhere access to, for example, Adobe Creative Cloud, Autodesk Inventor & Revit, and engineering and computer science applications from Project Lead the Way (PLTW). In sum, virtually any application that schools need students to access at home or in school, TR | AppStream makes it possible on any device. As a managed service, it’s no extra work for IT.

Target equity, the digital divide, and homework gap

While some think that Chromebooks and hotspots have solved the digital divide and homework gap, nevertheless students with only a Chromebook or just a hotspot don’t have equitable access compared to students who can use a full-featured multimedia computer and high-speed broadband at home. With the cloud, Infrastructure as a Service – IaaS, that opportunity gap disappears. A Chromebook or any home computer with an internet connection can tap into all the powerful applications. They stream from servers in the AWS cloud, all managed by Tech Reformers.

Heretofore, creating district platforms to allow virtual desktops or streaming apps have been too expensive and too difficult to manage for most school districts. Building out the virtual desktop infrastructure (VDI) has been a huge capital expense. The cloud offers a solution, but district IT staff may not have the time or the expertise to deploy and manage what is needed. But, there are success stories. The cloud billing model may seem fraught with risk so TR | AppStream has per student, flat-rate cost.

TR | AppStream is a fully managed service

AppStream combines AWS AppStream 2.0 with fully managed services focused on the needs of K-12. School Districts who just determine the applications and use cases they want for their students and how many students they have to access it. Therefore, no configuration or VDI environment. So districts pay a per-student price with no need to worry about infrastructure, IT workload, or streaming rates.

TR Appstream Banner

Tech Reformers has created a demo for you to see and test yourself right away. The demo contains free applications for demonstration purposes only. But, when trying, imagine offering licensed software to your students in a fast, easy-to-access portal. For example, you can leverage your Adobe licensing or PTLW commitment to extend usage beyond school to the homes of all students. Tech Reformers will customize to your needs. TR | AppStream can even enable districts to eliminate computer lab desktop computers. Allow students to access productivity, creative, computer science, and technical applications on their laptops.

Try for yourself

Sign up for immediate access to the self-paced demo, and, during FETC, we will be raffling off Tech Reformers Yeti mugs to registered users.

Also available to request are demos for Adobe Creative Cloud, 3D, gaming, or your request. You will get your environments after a setup period and be offered a walk-through.

And, we are looking for districts who want to expand access to all students to be customers this school year at a great discount to try the service. We welcome districts that want to pilot the solution. For equity, bring AWS AppStream 2.0 to your students.

For inquires, reach out to info@techreformers.com, or, if you are in Orlando at FETC, stop by booth 4221.

Tech Reformers is an AWS Partner. If you want help doing it yourself, our AWS Certified Architects help you get started.

—-

Tech Reformers booth at CIT
Booth 704

We are highlighting our partnership with OpenText. About 200 school districts use OpenText. OpenText was named a “Leader” in content management by both Gartner and Forrester.

OpenText Key Capabilities include:

  • Information management (records retention, document management, archiving, etc.)
  • Electronic forms & workflow
  • Business process automation
  • Document capture (OCR), and
  • Integration with M365

Better yet, Tech Reformers offers the only fully hosted and managed OpenText solution designed for K-12. Furthermore, OpenText can integrate with your existing productivity suite.

At CITE, Tech Reformers will be also featuring our K-12 Cloud services not only for information management. We will share our managed services, hosting, and Infrastructure as a Service (IaaS). Tech Reformers has proprietary AWS-hosted solutions for OpenText and App Stream 2.0. We have best-in-breed partner solutions for cybersecurity and disaster recovery.

So, please stop by our CITE booth at #704.


Finally, we are having a special get-together. Please join us at our November 18th, 6-8 pm Happy Hour at Dive Bar.

Follow Tech Reformers on Linkedin and Twitter and Facebook.