Ah, kids. Many of us have them. We can all testify to the fact that they’re a few years away from good judgment, like ours.  (Yes, that’s meant to be ironic.)

But there’s a new wrinkle in the judgment game that’s really only manifested itself in the last few years. The balance of online temptation and online responsibility has become a moving target. And it’s particularly significant for education facilities, which are trying to offer cutting edge educational opportunities while minimizing risk to infrastructure and exposure to liabilities.

These threats often come in the form of play. Because it seems innocent, and because users at large haven’t been educated, students often see, for example, games on Facebook as harmless. Too often, they’re not; malware and adware are on board, changing the configuration of host computers and inserting ads and surveys that further compromise the machine.

Mobile apps are also a threat. They often require access to information on the mobile device. They often demand access to information on the mobile device that they don’t need to do their jobs. That’s your first clue that an app is probably not what it purports to be.

The good news is that, for now, mobile malware’s impact is largely confined to the infected machine. The bad news is it won’t stay that way long. As mobile malware becomes more sophisticated and jumps from the connected device to the network it’s connected to, there’s a huge vulnerability. Think about your home network, with maybe half a dozen connected devices. Now picture a school environment, with hundreds of students potentially connected to the environment. The vulnerability expands exponentially.

So what to do? The obvious and safest answer is, don’t offer Wi-Fi access. The only absolutely safe computer is one not connected to a network, and the only absolutely safe network is one not connected to devices. The absurdity is self-evident. Schools need connected computers, at a minimum to perform administrative functions, but also to open up educational opportunities. It’s often remarked that the Internet has created a vast network of learning tools, but at the same time exposed schools to compromise and vulnerability. The reverse is also true; yes, there’s exposure, but there’s also great opportunity to use online learning tools. Shutting down network access for students is an answer, but it’s the wrong one.

Educational institutions can take a page from convention centre book. During a large event, the wireless network at a convention centre might have to be able to handle up to 20,000 devices. Rather than Wild West free access, with users downloading movies and playing bandwidth-intensive games, the delegates’ Wi-Fi access is often handled through a portal or an app. By connecting delegates through a portal, event organizers can restrict and manage wireless access so that all users have a workable experience. If you need to watch Game of Thrones while you’re at the orthodontists’ convention, your own data plan will have to handle it. The portal won’t let you.

The reasons are different, but the strategy is similar when it comes to the educational institution’s network. By driving wireless traffic through a portal or app, there are huge data management and security gains.

  1. You can manage bandwidth allocation to individual users, making sure that hogs don’t compromise the experience for other users.
  2. You can restrict the use of applications that pose a threat—Facebook games, e-mail attachments, blacklisted Web sites, etc.
  3. You can segregate “legitimate” traffic from “illegitimate” traffic. Students who insist on using non-approved traffic have to use their own data plans; their devices are separated from the network, and thus don’t expose it compromise.

If you work for an educational institution and are wrestling with the question of how to offer wireless access to students, you could do worse than taking a look at the conference centre model.