In the modern threat landscape, it’s important to consider whether your cybersecurity strategy is equipped to help you navigate these challenges. Deploying the most up-to-date devices, software, and operating systems can help close security vulnerabilities and build proactive protection. Windows 11 helps you strengthen your overall security posture, drive greater productivity, and build safer communities for learning, working, and teaching.

Unlock greater productivity while maintaining robust and comprehensive protection

Today, organizations around the world are rethinking their security approaches down to their hardware. Cybersecurity software alone is no longer enough to protect systems as bad actors leverage new technologies and tactics to bypass defenses and access critical resources.

Designed to address education’s most critical cyberthreats, Windows 11 is the most secure version of Windows to date, designed with security built into each level, including:

• Cloud
• Identity
• Application
• Operating system
• Hardware

The default security features of Windows 11 were created based on threat intelligence, global regulatory requirements, and Microsoft Security expertise. Through partnerships with original equipment manufacturers and silicon manufacturers, Windows 11 is designed for greater security starting at the chip level—enabling hardware and software to work together to shrink the organizational attack surface, protect system integrity, and secure institutional data.

To simplify deployment for IT teams, Windows 11 comes with key out-of-the-box features enabled, including:

• Credential safeguards
• Application protection
• Malware shields

It’s also designed to integrate with Microsoft Security Copilot, which leverages generative AI capabilities to provide greater insights and efficiency to help improve security at scale. Windows 11 Pro devices drive a 62% drop in reported security incidents and are shown to accelerate workflows by 50% on average, helping you and your organization achieve more with less time and effort. Let’s take a deeper look at how Windows 11 helps you tackle cybersecurity challenges across different environments.

Application safeguards help keep critical data safe

Windows 11 offers a complete platform for educational institutions to house and protect critical applications such as learning management systems (LMS), administrative software, and productivity tools. Attackers often target poorly secured applications, which is why Windows 11 provides you with built-in capabilities such as preemptive application and driver control to isolate breaches quickly. Robust application safeguards help you maintain governance of your sensitive data, including:

• Student records
• Financial information
• Access credentials
• Research data

Windows 11 is designed to support Zero Trust strategies, which play a key role in helping you strengthen application and operating system protection. This approach is centered around the principles of “verify explicitly, use least privilege access, and assume breach,” meaning that you and your team can verify each access request as though it originated from an uncontrolled network—instead of assuming that everything behind the firewall is safe.

To that end, Windows 11 enables you to more easily find and detect cyberthreats, respond to them, and prevent or block undesired events across your education institution. In the case of a presumed breach, you can combat common application attacks from the moment a device is provisioned. When it comes to network security, granting access within a trust-by-exception policy versus a trust-by-default policy helps better protect the digital security, privacy, and compliance needs of your educational community.

Deliver end-to-end protection with Windows 11 cloud-based device management

With the introduction of more tech solutions, many education institutions face new challenges in managing cybersecurity. Having more devices across school and home environments creates more access points for potential attackers. To get ahead of potential breaches, get started with proactive, end-to-end device management strategies that help protect privacy and security.

Windows 11 helps empower you and your IT team by offering comprehensive cloud services for identity, storage, and access management. Adhering to Zero Trust principles, enforcing compliance, and granting conditional access helps verify that Windows 11 devices connected to an organization’s networks are trustworthy and safe. With more than 90% of ransom-stage cyberattacks leveraging unmanaged devices in a network, interoperable cloud-based device management solutions enable you to secure the digital estate and quickly respond to threats.

Managing and enabling secure use of devices at scale can also be a challenge for IT departments at education institutions. To give you and your team greater visibility and control over their digital estate, Windows 11 offers an integrated management suite. This suite supports comprehensive endpoint management solutions such as Microsoft Intune that help secure, deploy, and manage users, apps, and devices.¹ Intune can further integrate with Microsoft Entra ID to manage security features and processes, including multifactor authentication.

Additionally, Windows Hello enables you to deploy passwordless authentication for a safer and simpler sign-in experience. Thanks to the addition of passkeys, students can enjoy even greater security and convenience by using their face, fingerprint, or PIN to sign in to websites and apps. Enhanced threat detection on Microsoft Defender for Endpoint helps shield devices against phishing and malware and empowers IT teams to thwart attacks before they cause harm.¹ By adding Security Copilot, IT staff can leverage natural language queries to get holistic insights on the security and safety of their organization, which can help drive better decision-making and strategic planning.

Start preparing now for future security protections

In planning your security approach, your institution has an opportunity to adopt modern, secure, and highly efficient computing solutions that help your organization tackle the cybersecurity challenges of today and tomorrow. Windows 11 offers powerful, hardware-backed protection that provides a foundation for implementing new technology solutions as they’re developed, such as AI that helps accelerate workflows and supercharge efficiency of operations.

Now is the time to identify devices in your organization that are due for upgrades and start improving your institution’s security and your IT team’s efficiency today. Get started with these resources:

• Evaluate which of your devices are eligible for updates by reviewing the Windows 11 hardware requirements.
• Join the Windows Insider Program for Business to evaluate your readiness and explore new features.
• Start developing a plan for your organization’s upgrade to Windows 11.

¹ Sold separately from Windows 11

The post Building resilient digital security in education with Windows 11 appeared first on Microsoft Education Blog.

For Safer Internet Day, we invite school IT professionals to explore tools that create safer online experiences. Start by discovering tools and strategies to create a safer internet for your school community.

Teach students the fundamentals of safe online behavior

We recognize that everyone has a role to play in cybersecurity and online safety. To get started, begin discussing internet safety with students, educators, and families with help from these resources from Microsoft Education:

• K-12 Cybersecurity Conversation Guide – Get practical tips and conversation starters for discussing safe online practices and cyber hygiene with students.
• K-12 Cybersecurity Infographic – Use visual examples of phishing links and scam ads to help everyone learn how to identify online threats.

As students develop essential digital skills, they’ll become more aware of the threats that often target schools, social media apps, and the communication tools they use daily. Help them understand the cause and effect, so they can learn how to protect themselves and recognize the importance of staying vigilant.

A suite of products that work together

Every student deserves a secure technology environment that maximizes learning, but cyberthreats continue to jeopardize cyber safety in schools and institutions. With more than 15,000 malicious messages targeting the education sector daily, this year’s Safer Internet Day theme of “together for a better internet” comes at a critical time for schools and institutions.

With Microsoft 365 Education A3 and A5 plans and security add-ons, you can deliver innovative protection through a single, cost-effective platform. Tools like Microsoft Defender for Endpoint P2 – Students and Microsoft Purview provide seamless, integrated solutions to protect students and educators.

Dedicated protection for student devices

Microsoft Defender for Endpoint P2 – Students offers enhanced device protection that shields students’ devices from phishing, malware, and other attacks. With Defender for Endpoint, you can:

• Identify and neutralize cyberthreats in real time using advanced detection technology.
• Disrupt in-progress cyberattacks by automatically containing compromised assets early, minimizing impact and recovery time.
• Protect student data with industry-leading encryption protocols.
• Remotely track, lock, or wipe devices to safeguard sensitive information in case of a lost or stolen device.
• Monitor and update devices to protect against the latest vulnerabilities.
• Ensure safe browsing for students by blocking harmful or malicious websites with robust web content filters.

Web filtering is a core component of Defender for Endpoint. You can use it to block adult content, criminal activities, and social networking sites so that students are unable to access inappropriate content while they browse the web. Web content filtering also blocks harmful content before it reaches devices.

For example, a middle school student conducting research for a class project would be less likely to stumble on a website with malware because it would be blocked through Defender for Endpoint. The student would be able to continue their work without disruption—and educators and IT teams can continue devoting their time to engaging learning experiences, instead of managing a security incident.

Defender for Endpoint also sends alerts of suspicious activities and threats. If a bad actor tries to attack a student device on a compromised, public Wi-Fi network, your school IT team is alerted to suspicious activity and Defender for Endpoint automatically blocks the threat before any sensitive information is compromised.

Our commitment to safe online experiences includes providing you with the tools you need to protect student devices. With Microsoft Defender Threat Intelligence analyzing more than 78 trillion daily signals, Defender for Endpoint safeguards learning environments from emerging online threats.

Addressing cyberbullying with Microsoft Purview

Preventing cyberbullying requires proactive strategies and effective tools. In schools around the world, educators teach students to be upstanders who “say something if they see something” and report bullying and harassment in their classrooms. Good digital citizenship practices like reporting, coupled with security solutions like Microsoft Purview, can go a long way to creating a safe space for all.

Microsoft Purview is a comprehensive set of solutions in Microsoft 365 Education A5 plans that helps your institution secure and govern your entire data estate. You can use Microsoft Purview as a part of a systematic approach to cyberbullying by leveraging some of its solutions in unique ways:

• Microsoft Purview Communication Compliance: Monitor harmful messages and images in Microsoft Teams for Education with policies that flag disparaging or self-harm remarks. Machine learning detects intent behind messages, empowering administrators to act quickly.
• Microsoft Purview Data Loss Prevention: Protect records by preventing students from deleting files or data that’s a part of a cyberbullying incident. Set up alerts when someone attempts to delete data so that you can have a complete record for investigation and compliance requirements.
• Insider Risk Management: Detect instances when students or staff send hateful messages or make harmful threats across Microsoft and third-party platforms. Integrated tools enable IT, human resources, and legal departments to collaboratively investigate incidents.
• Microsoft Purview eDiscovery: Create policies that maintain records of cyberbullying incidents so that your school can stay in compliance with laws like the Children’s Internet Protection Act (CIPA). Use this solution to discover, preserve, and analyze sensitive content in email and instant messages on Microsoft systems and third-party platforms like learning management systems (LMS).

Both Defender for Endpoint P2 – Students and the Microsoft Purview compliance suite are a part of our ongoing commitment to creating secure learning experiences. For Safer Internet Day 2025, take the opportunity to bolster your school’s cybersecurity defenses and foster a secure technology environment for all.

The post Adopting cybersecurity solutions and strategies for a safer internet appeared first on Microsoft Education Blog.

The principles of Trustworthy AI—fairness, reliability and safety, privacy and security, inclusiveness, transparency, and accountability—are central to Microsoft Security’s approach. Security teams can use these principles to prepare for AI implementation. Watch the video to learn how Microsoft Security builds a trustworthy foundation for developing and using AI.

Microsoft runs on trust, and trust must be earned and maintained. Our pledge to our customers and our community is to prioritize your cyber safety above all else.

Charlie Bell, Executive Vice President Security, Microsoft

Gain visibility into AI usage and find associated risks

Introducing generative AI into educational institutions offers tremendous opportunities to transform the way students learn. With that comes potential risks, such as sensitive data exposure and improper AI interactions. Purview offers comprehensive insights into user activities within Microsoft Copilot. Here’s how Purview helps you manage these risks:

• Cloud native: Manage and deliver protection in Microsoft 365 apps, services, and Windows endpoints.
• Unified: Enforce policy controls and manage policies from a single location.
• Integrated: Classify roles, apply data loss prevention (DLP) policies, and incorporate incident management.
• Simplified: Get started quickly with pre-built policies and migration tools.

Microsoft Purview Data Security Posture Management for AI (DSPM for AI) offers a centralized platform to efficiently secure data used in AI applications and proactively monitor AI usage. This service includes Microsoft 365 Copilot, other Microsoft copilots, and third-party AI applications. DSPM for AI provides features designed to help you safely adopt AI while maintaining productivity or protection:

• Gain insights and analytics into AI activity within your organization.
• Use ready-to-implement policies to protect data and prevent loss in AI interactions.
• Conduct data assessments to identify, remediate, and monitor potential data oversharing.
• Apply compliance controls for optimal data handling and storage practices.

Purview offers real-time AI activity monitoring, enabling quick resolution of security concerns.

Protect your institution’s sensitive data

Educational institutions are trusted with vast amounts of sensitive data. To maintain trust, they must overcome several unique challenges, including managing sensitive student and staff data and retaining historical records for alumni and former employees. These complexities increase the risk of cyberthreats, making a data lifecycle management plan critical.

Microsoft Entra ID enables you to control access to sensitive information. For instance, if an unauthorized user attempts to retrieve sensitive data, Copilot will block access, safeguarding student and staff data. Here are key features that help protect your data:

• Understand and govern data: Manage visibility and governance of data assets across your environment.
• Safeguard data, wherever it lives: Protect sensitive data across clouds, apps, and devices.
• Improve risk and compliance posture: Identify data risks and meet regulatory compliance requirements.

Microsoft Entra Conditional Access is integral to this process to safeguard data by ensuring only authorized users access the information they need. With Microsoft Entra Conditional Access, you can create policies for generative AI apps like Copilot or ChatGPT, allowing access only to users on compliant devices who accept the Terms of Use.

Implement Zero Trust for AI security

In the AI era, Zero Trust is essential for protecting employees, devices, and data by minimizing threats. This security framework requires that all users—inside or outside your network—are authenticated, authorized, and continuously validated before accessing applications and data. Enforcing security policies at the endpoint is key to implementing Zero Trust across your organization. A strong endpoint management strategy enhances AI language models and improves security and productivity.

Before you introduce Microsoft 365 Copilot into your environment, Microsoft recommends that you build a strong foundation of security. Fortunately, guidance for a strong security foundation exists in the form of Zero Trust. The Zero Trust security strategy treats each connection and resource request as though it originated from an uncontrolled network and a bad actor. Regardless of where the request originates or what resource it accesses, Zero Trust teaches us to “never trust, always verify.”

Read “How do I apply Zero Trust principles to Microsoft 365 Copilot” for steps to apply the principles of Zero Trust security to prepare your environment for Copilot.

Microsoft Defender for Cloud Apps and Microsoft Defender for Endpoint work together to give you visibility and control of your data and devices. These tools let you block or warn users about risky cloud apps. Unsanctioned apps are automatically synced and blocked across endpoint devices through Microsoft Defender Antivirus within the Network Protection service level agreement (SLA). Key features include:

• Triage and investigation – Gain detailed alert descriptions and context, investigate device activity with full timelines, and access robust data and analysis tools to expand the breach scope.
• Incident narrative – Reconstruct the broader attack story by merging relevant alerts, reducing investigative effort, and improving incident scope and fidelity.
• Threat analytics – Monitor your threat posture with interactive reports, identify unprotected systems in real-time, and receive actionable guidance to enhance security resilience and address emerging threats.

Using Microsoft Intune, you can restrict the use of work apps like Microsoft 365 Copilot on personal devices or implement app protection policies to prevent data leakage and limit actions such as saving files to unsecured apps. All work content, including that generated by Copilot, can be wiped if the device is lost or disassociated from the company, with these measures running in the background requiring only user logon.

Assess your AI readiness

Evaluating your readiness for AI transformation can be complex. Taking a strategic approach helps you evaluate your capabilities, identify areas for improvement, and align with your priorities to maximum value.

The AI Readiness Wizard is designed to guide you through this process. Use the assessment to:

• Evaluate your current state.
• Identify gaps in your AI strategy.
• Plan actionable next steps.

This structured assessment helps you reflect on your current practices and identify key areas to prioritize as you shape your strategy. You’ll also find resources at every stage to help you advance and support your progress.

As your AI program evolves, prioritizing security and compliance from the start is essential. Microsoft tools such as Microsoft Purview, Microsoft Entra, Microsoft Defender, and Microsoft Intune help ensure your AI applications and data are innovative, secure, and trustworthy by design. Get started with the next step in securing your AI future by using the AI Readiness Wizard to evaluate your current preparedness and develop a strategy for successful AI implementation. Get started with Microsoft Security to build a secure, trustworthy AI program that empowers your students and staff.

The post Get ready for AI: How education institutions can secure and govern AI appeared first on Microsoft Education Blog.

Poor security practices can lead to significant consequences, from identity theft and unauthorized access to students’ personal and academic information, to severe breaches across education networks and systems. While schools have focused on encouraging a more proactive access control approach—such as creating stronger unique passwords—success ultimately depends on the students. Protect your school’s devices and data with Microsoft’s industry-leading cybersecurity solutions that bring the digital security needs of your students, teachers, and school districts to the forefront.

MFA without a smartphone: a convenient and secure option

Traditional MFA processes are unrealistic for students, as institutions from primary schools to universities cannot expect every student to have a phone or device to deploy legacy MFA options. Additionally, using personal devices for authentication comes with even more privacy and security concerns for educational institutions. However, studies have shown that an account is more than 99.9% less likely to be compromised if using MFA. So, what can schools do?

Luckily, hope is on the horizon—Microsoft has pioneered a passwordless approach using MFA without a smartphone that ensures students can easily access their learning environments securely. With no phone required for authentication, this is the first passwordless MFA solution from an industry-leading security and education solution provider for primary and secondary (K-12), and higher education students. Without having to rely on a homegrown or third-party identity provider (IdP), credentials can be set and distributed to students that may not have a phone to complete the setup. Additionally, this passwordless approach helps schools meet stringent cyber insurance requirements and qualify for a variety of government funding opportunities and cyber grant programs around the world, such as the recently announced $200 million FCC Cybersecurity Pilot Program for schools in the US.

By replacing passwords with your choice of convenient and secure options for passwordless authentication, you can transform the security of your entry points with best-in-class technology and increase your IT team’s productivity.

Why use MFA to go passwordless?

Passwords are often the weakest link in security protocols and can be easily guessed, stolen, or forgotten. As we grow more predictable in our password generation and choices, our vulnerability increases. According to a recent study by the National Institute of Standards and Technology (NIST), more than 68% of primary school students and 81% of middle school and high school students reuse the same password across multiple accounts, making them vulnerable to identity theft and attacks. Even strong passwords are vulnerable because they are often reused across multiple sites—there have been a number of high-profile data breaches exposing millions of user passwords, and just one recycled password can give hackers the ability to conduct attacks across websites.

Unfortunately, students in particular may be more likely to use weak passwords or reuse passwords as they’re less aware of or concerned about security best practices. While traditional MFA does add an additional layer of protection, it’s still reliant on the use of a password and a second device.

Passwordless authentication helps minimize the threat of password theft while enabling easy sign-in security that achieves leading industry standards—all while providing a smooth and efficient experience for students, faculty, and IT. Passwordless authentication also doesn’t require a phone for use (FIDO2-compliant security keys can be used instead of apps, SMS, or voice calls) yet still leverages advanced technologies like biometrics and PINs, which are more secure, user-friendly, and popular based on feedback from end users.

Passwordless authentication with Microsoft adds multiple layers of safety for student data. For example, if biometrics are used as part of the Windows Hello face authentication system, the biometric data never leaves the device—the data is hashed and stored locally instead of on the cloud. Also, if using a PIN with Windows Hello, the PIN is tied to the specific device on which it is set up—so if a malicious actor obtains the PIN, they can’t use it to access the account from another device.

How to implement passwordless MFA

There are three main steps to planning, implementing, and managing passwordless MFA for students.

The first step is distributing Temporary Access Passes (TAP) which are often generated when passwords are provided to students for the first time or when students receive new devices. By using authentication methods in Microsoft Entra ID, you can control what MFA methods students are prompted to set up and use.

The second step is configuring devices. Depending on the device and system, passwordless sign-in methods can be configured for each operating system to meet your requirements:

• For Microsoft Intune-managed devices, there are two methods for configuring Windows Hello for Business: tenant-wide Windows Hello for Business policies or targeted policies. For more information, see Configure Windows Hello for Business.
• To use passwordless credentials on macOS, you can set up Platform SSO with secure enclave. For more information about setting up Platform SSO with Intune, see Configure Platform SSO for macOS devices.

Each operating system has a different implementation for device-bound passwordless credentials. For more detailed information on hardware requirements and bioinformatic information needed, see the Microsoft 365 Education documentation Passwordless for Students.

If you’re requiring students to use Microsoft Entra ID for authentication, configuring Conditional Access can ensure that only trusted individuals—in this case, students—can access managed devices with passwordless credentials. A Conditional Access policy can be configured with specific settings for Name, Target, and Grant. For more information, see Overview of Microsoft Entra authentication strength.

The third and final step is to maintain vigilance and quickly address any compromised devices. While passwordless credentials are unaffected by password changes, resets, or policies, if a device is compromised or stolen, there are a few options to resolve the incident. Some common actions include triggering a remote wipe of the compromised device, deleting the associated passwordless credential from the comprised device, and removing the authentication method associated with a user account.

Join the passwordless MFA movement

Transitioning to passwordless MFA without a smartphone is a significant step toward securing student data and enhancing the overall educational experience. By leveraging Microsoft’s robust tools and resources, educational institutions can create a safer, more efficient learning environment.

• For a detailed step-by-step guide on implementing passwordless authentication in your institution, visit Microsoft’s Passwordless Authentication for Education on Microsoft Learn.
• Learn more about MFA on the Microsoft Entra MFA page on the Microsoft Security website.
• For more information about passwordless authentication and Microsoft Entra ID, see Microsoft Entra passwordless sign-in.
• Take Microsoft Learn’s School Cybersecurity Leadership trainings to implement CISA-recommended cybersecurity practices for your institution.
• Stay connected with the latest in educational technology by following the Education Blog on the Microsoft Community Hub.

The post Empowering secure and seamless learning: Multifactor authentication without a smartphone appeared first on Microsoft Education Blog.

As the 2022 Cost of Insider Threats: Global Report reveals, insider threat incidents have risen 44% over the past two years, with costs per incident up more than a third to $15.38 million. We recognize that cybersecurity is a top concern in education—from IT professionals who provide frontline support to technology decision makers that purchase services—and our cybersecurity solutions reflect both their needs as well as our expertise as a leading security company. 

Microsoft Information Protection and Governance, included with Microsoft 365 Education A5, provides built-in, intelligent, and extensible solutions to help schools and districts to secure their data wherever it lives or travels. It allows school IT to enable secured and compliant collaboration with data loss prevention policies that help avoid leaks and restrict external sharing of sensitive data, while providing the ability to configure protection and governance labels and locate sensitive data and understand how it is being used. 

Meeting the unique security needs of schools

Microsoft Purview Communication Compliance helps to minimize communication risks by helping schools to detect, capture, and act on inappropriate messages in their organization.  

Let’s say that a local high school has issued their students laptops for school use. To mitigate student harassment within the school’s network, the IT team creates communication compliance policies. Since students communicate via Microsoft Teams, they created a policy to monitor Teams for any profanity or harassment. With the policy in place, teachers of specific classes and school admin will be notified when the system flags harmful messages. Teachers and admins can then investigate the issues and even work with IT to remove messages to limit exposure! 

Data loss prevention is another crucial issue schools face due to the extensive exchange of sensitive data in a school’s message systems. To enforce compliance requirements, data loss prevention features make managing sensitive data easier than ever before. 

School districts often rely on third party organizations to help with classroom curriculum and evaluate the effectiveness of school programs. Student scores can be shared to help with these efforts but—to ensure personal student information isn’t shared outside of the district—the school district’s IT department needs to create data loss prevention policies for student information. If there is an attempt to share information with anyone outside of the school, the rule will go into effect and interaction will be flagged. School IT can block access to the records being shared and—in some cases—prevent the initial communication containing the personal records from being delivered. 

Microsoft Purview Information Protection helps organizations discover, classify, and protect sensitive data wherever it lives and travels. It provides tools to understand a school’s data, protect it, and prevent data loss. 

For example, a middle school might want to ensure that staff aren’t accessing sensitive school resources on their unmanaged home devices. To ensure that the school’s data is protected, the IT department leverages Microsoft Purview Information Protection to protect sensitive student information such as student records from being accessed on unmanaged devices. If a staff member tries logging onto their school account from their personal device to access their records, this action will be denied. The school’s IT department can set up similar protections for other applications and sensitive data from unmanaged devices. 

A trusted name in security

Microsoft believes that when students, educators, and staff work in a secure and trusted platform, everyone can achieve more. With Microsoft security solutions, schools and districts can improve their risk and compliance posture, safeguard data wherever it lives, better understand and govern this data, and streamline their overall privacy management. 

Microsoft is consistently recognized as a leader by industry analysts. In recent years, Microsoft has been named a six-time Leader in the Gartner® Magic Quadrant™ for Access Management, rates a strong positive in each KuppingerCole’s product and leadership category, and was named Company of the Year for the Global Identity and Access Management industry by Frost & Sullivan. 

Almost all of a district’s identity management needs can be taken care of with Microsoft Entra, a security product family that unites management in a unified platform. Entra works with tools like Microsoft Entra ID, Intune, and School Data Sync to connect accounts and data intuitively and securely in ways that make sense for education and save IT administrators time.  

With Microsoft Entra ID and Microsoft Entra ID Governance, school IT can enable unified SSO access and enhance security with multi-factor authentication (MFA) and apply least-privilege and just-in-time access policies to safeguard a school’s administrator accounts. 

Microsoft Purview security solutions

• Microsoft Purview helps keep school data safe with a range of solutions for unified data governance, information protection, risk management, and compliance, providing everything from data auditing to insider risk management. 
• Microsoft Priva helps schools and districts to protect personal data and keep up with ever-changing and complex privacy requirements by identifying user data and critical privacy risks and automating risk mitigation.  
• Microsoft Purview Compliance Manager offers schools 100 pre-built assessments for common compliance standards and regulations, or custom assessments to meet a school or district’s unique compliance needs. 

In a comparison of Microsoft Purview Data Loss Prevention and Google Cloud Data Loss Prevention on G2.com, reviewers found that Microsoft Purview Data Loss Prevention better met the needs of their business than Google Cloud Data Loss Prevention. When comparing the quality of feature updates and ongoing product support, reviewers felt that Microsoft Purview Data Loss Prevention was the preferred option. One reviewer noted that “[Microsoft Purview Data Loss Prevention] has the best data governance capabilities, data discovery and data analytics.” 

A solution for every role

Protecting student data is a primary concern for school and district IT departments. Microsoft Purview Compliance Manager creates a risk-based compliance score and provides actionable step-by-step guidance on improvement actions. Even better, schools can use pre-built templates for compliance with standards including COPPA (Children’s Online Privacy Protection Rule) and CIPA (Children’s Internet Protection Act). 

District and school leaders are tasked with preserving student safety and privacy. By protecting school data, leaders maintain community trust and avoid costly data breaches or recovery costs. Leaders in Prince William County depend on Microsoft Purview Communication Compliance to protect its users and data.  

Data breaches can also interrupt learning and hinder parental trust. Teachers can depend on Microsoft Education A5 security to keep their classrooms FERPA (Family Educational Rights and Privacy Act) and CIPA compliant. 

Together, we can quickly identify and act

Microsoft security solutions helps schools to identify data risks and manage regulatory requirements, protect sensitive data across apps, clouds, and devices (even if it’s not stored on Microsoft platforms), and gain visibility into all your school’s sensitive data and manage assets across your entire environment.  

Schools need to be able to quickly identify and act on insider risks with an integrated end-to-end approach. Schools with Microsoft 365 Education A5 security can rely upon Microsoft Purview Insider Risk Management for dynamic controls and automated mitigation.  

Want to learn more? Grow your cybersecurity knowledge and skills with these resources: 

• Security, Compliance, and Identity training on Microsoft Learn
• Microsoft Purview training on Microsoft Learn 
• Microsoft Entra Blog – Microsoft Community Hub

The post How authentication and identity governance help protect schools appeared first on Microsoft Education Blog.

With the rapid transition to digital learning and the increased need for device management in education institutions, we understand the importance of providing secure digital environments for all staff and students. Microsoft 365 Education A5 includes a comprehensive set of management, security, privacy, and compliance solutions to help schools meet this need and more, including features like Learning Accelerators, Education Insights, and Unified Communications that enhance teaching, learning, and working. Paid users, such as faculty and staff, benefit from all of these features, and the student use benefit makes a subset of the features available to students at no cost. 

In 2023, Microsoft commissioned Forrester Consulting to conduct two Total Economic Impact™ (TEI) studies that examine the potential security-related return on investment (ROI) that K-12 school systems and higher education institutions may realize by deploying Microsoft 365 Education A5. Prior to upgrading to A5, many of these institutions noted that limitations with their prior systems led to costly security-related events in terms of ransomware payments, recovery efforts, brand damage, and disruption to educational continuity.  

Upgrading to A5 resulted in decreased complexity and difficulty in responding to security threats and compliance requirements, the ability to meet cyber insurance requirements, and increased cost savings over time. 

The impact of Microsoft 365 Education A5 on K-12 schools 

For the purposes of the K-12 TEI study, Forrester aggregated the experiences of the respondents and combined the results into a single composite organization that is a K-12 (primary and secondary education) school system with 60,000 students and 10,000 employees. 

We were able to cut our security license costs 25% by moving to A5. More important than saving money is that we now have better security and user experiences.

Chief Information Officer in a K-12 public school district

Within the composite K-12 organization, the study notes the following benefits of Microsoft 365 Education A5. 

• Improved security and compliance posture: The annual number of significant breaches that cross multiple systems and large portions of users is reduced by 15% for the composite organization, and the cost to remediate the remaining breaches is reduced by 29%. These savings include the actual remediation costs as well as fines and additive audit and compliance costs. Over three years, this is worth about $972,800 to the composite organization. 
• Security solution vendor consolidation reduces license costs by 30%: Consolidating from multiple vendors to Microsoft also reduces the total license/subscription and maintenance spend. The three-year value to the composite organization is $1.1 million. 
• Efficiencies in detection, remediation, and efficiency reduces future IT security team staff growth: Consolidating to Microsoft 365 Education A5 makes it possible to provide the composite organization with necessary improved protection and response to threats without growing the IT security team by the 50% it would need with the prior solutions. In doing so, the composite organization realizes about $545,700 in added labor savings over three years. This is an especially important benefit because of the difficulty the composite organization’s school system has with hiring, training, and/or retaining IT security professionals.  
• Improved security and using security features save employees fifteen minutes per week: After very conservatively reducing this benefit by 75% because not all time saved translates into additional work getting done, the three-year value to the composite organization is $1.7 million. 

The overall financial analysis, which is based on the interviews and survey, found that a composite K-12 organization experiences benefits of $4.22 million over three years versus costs of $1.94 million, adding up to a net present value (NPV) of $2.28 million and an ROI of 118%. 

Executive summary data of the K-12 Forrester study “The Total Economic Impact™ Of Microsoft 365 Education A5 Security For K-12 Schools.”

The impact of Microsoft 365 Education A5 on higher education institutions

For the purposes of the higher education TEI study, Forrester aggregated the experiences of the respondents and combined the results into a single composite organization that is a higher ed organization with a teaching hospital, 50,000 students, and 15,000 employees. 

A big benefit is improved availability. A cloud-first approach means employees are not down as much because of technical or security issues.

A Vice President of technology and Chief Information Officer at a four-year university

Within the composite higher education organization, the study notes the following benefits of Microsoft 365 Education A5. 

• Improved security and compliance posture: The annual number of significant breaches that cross multiple systems and large portions of users is reduced by 15% for the composite organization, and the cost to remediate the remaining breaches is reduced by 29%. These savings include the actual remediation costs as well as fines and additive audit and compliance costs. Over three years, this is worth $1.2 million to the composite organization. 
• Security solution vendor consolidation reduces license costs by 30%: Consolidating from multiple vendors to Microsoft also reduces the total license/subscription and maintenance spend. The three-year value to the composite organization is $1.7 million. 
• Efficiencies in detection, remediation, and efficiency reduces future IT security team staff growth: Consolidating to Microsoft 365 Education A5 makes it possible to provide the composite organization with necessary improved protection and response to threats without growing the IT security team by the 40% it would need with the prior solutions. In doing so, the composite organization realizes about $1.1 million in added labor savings over three years. This is an especially important benefit because of the difficulty the higher education composite organization has with hiring, training, and/or retaining IT security professionals. 
• Improved security and using security features save employees fifteen minutes per week: After very conservatively reducing this benefit by 75% (because not all time saved translates into additional work getting done), the three-year value to the composite organization is $3.3 million. 

The financial analysis, which is based on the interviews and survey, found that a composite higher education organization experiences benefits of $7.28 million over three years versus costs of $3.19 million, adding up to a net present value (NPV) of $4.09 million and an ROI of 128%. 

Executive summary data of the Higher Education Forrester study “The Total Economic Impact™ Of Microsoft 365 Education A5 Security For Higher Education.”

Both studies recognize the unquantifiable benefits of Microsoft 365 Education A5 as well. A5 provides additional features, like Microsoft Teams Phone and Power BI, that support communication efforts and provide expanded data analytics. A5 also helps schools put in place insurance-mandated solutions faster and at less cost than many other alternatives, and it can help slow down the increases in policy premiums. Moreover, with the prevention of unexpected security issues, education institutions with Microsoft 365 Education A5 can focus on improving learning outcomes with a comprehensive learning environment that is safe, secure, and compliant for online and remote learning and digital collaboration.  

Learn more about how Microsoft 365 Education A5 can enhance privacy and security for your K-12 school system or higher education institution to accelerate teaching, learning, and working for students and staff. 

The post Enhancing school security and decreasing costs with Microsoft 365 Education A5 appeared first on Microsoft Education Blog.

We need to be taking these cyber-attacks on schools as seriously as we do physical attacks on critical infrastructure. Schools are the infrastructure of learning in America.

World-class security and secure learning experiences are pillars that guide how Microsoft approaches cybersecurity in education. We recognize that cybersecurity is a top concern across this nation—from IT professionals who provide frontline support to technology decision makers that purchase services—and our solutions reflect both their needs as well as our expertise as a leading security company.

Microsoft cybersecurity solutions for schools are extensive, efficient, and customizable to the most demanding IT needs or federal requirements. The Microsoft 365 Education A5 plan is our most robust security package with unified tools that prevent and detect threats, safeguard data, and provide device management with security policy implementation.

When schools choose Microsoft 365 Education A5, they receive a Gartner-recognized security suite that replaces as many as 26 separate vendors—a budget-conscious savings that’s realized year after year.

Proactive steps to stay secure

The first few steps to keeping accounts and devices secure are simple and extremely effective. In just a few moments, you can help prevent identity attacks and harmful viruses.

Turn on Multifactor Authentication (MFA) for all staff and educators. Multifactor authentication provides an extra barrier and layer of security that makes it incredibly difficult for attackers to get past. Download Microsoft Authenticator for simple, fast, and highly secure two-factor authentication across your apps.

Use antivirus and antimalware protection. Malware attacks are rampant in education. Tools like Microsoft Defender help keep you and your schools’ devices safe from harm.

Regularly update your apps. Programs are constantly improving their resiliency to become more secure. Windows 11 and Microsoft Edge offer you the choice of when and how to get the latest updates to keep your devices running smoothly and securely. Additionally, Microsoft Intune for Education can be used to push updates in many cases.

Defend against threats

While large-scale, high-cost attacks are a concern, it’s equally crucial to address the ongoing threats that schools face, such as social engineering tactics that involve phishing messages and malware.

The Microsoft Defender family of products in the Microsoft 365 Education A5 plan is a suite of tools that detect, prevent, and remediate cyber-threats that impact schools. It includes:

• Microsoft 365 Defender: An extended detection and response (XDR) suite that helps secure endpoints and network devices, safeguard Office 365 products, and manage user access and identities. Defender prevents many types of cross-domain attacks while simultaneously allowing IT professionals to hunt down emerging threats. See how Microsoft 365 Defender is a complete XDR solution for schools.
• Microsoft 365 Defender for Cloud: An XDR tool in the Defender suite that manages, prioritizes, and remediates critical risks in cloud-based platforms. Built-in workflows and unified dashboards allow security teams to efficiently maintain multi-cloud or hybrid environments from day one all the way to the present. Learn how Defender for the Cloud protects digitally connected school environments.
• The Defender family of products also includes Defender for Endpoint, Defender for Office 365, and Defender for Identity.

Dr. Emily Bell, Chief Information Officer for Fulton County Schools in Atlanta, GA, uses the Defender suite to protect the 10,000 employees and 95,000 students that learn in their schools. All the tools have helped her team create a cybersecurity posture that’s ready to address whatever cyber-threats might emerge.

Cyber-incidents happen every day, all day. Our tools and our threat hunters set out to contain and eradicate them. As IT leaders, we’re used to just resolving problems before end users even know about them.

Dr. Emily Bell, CIO, Fulton County Schools

Keep student data safe

Schools store huge amounts of sensitive data across systems which means that knowing where data lives, how it’s used and accessed, and what to do to comply with laws are essential understandings for every IT administrator.

Microsoft Purview is a comprehensive governance, protection, and compliance solution that secures school data. Purview provides complete data visibility across platforms, apps, and clouds while offering unparalleled protection—even if data lives on non-Microsoft systems. It features tools like eDiscovery and Insider Risk Management for auditing, investigating, and acting on events that pose risks to school data as well as policy management for establishing secure computing environments.

Microsoft Purview’s Data Loss Prevention generates alerts with rich details for taking informed, corrective actions.

Purview also includes Data Loss Prevention which gives schools intelligent control over sensitive information across Office 365, OneDrive, SharePoint, Microsoft Teams for Education, or endpoint devices. Data Loss Prevention alerts IT departments when it recognizes risky activities and then automatically protects data through Adaptive Protection policies that dynamically mitigate security incidents. The insights from machine learning analysis save time so that IT teams can focus on other critical needs.

Adaptive Protection in Microsoft Purview dynamically applies policies to prevent data loss from risky activities, suspect files, and events.

Learn how to safeguard data across platforms, apps, and clouds and improve risk and compliance posture with Microsoft Purview.

Simplify device management and deployment

More schools are adopting 1:1 computing programs so that students of all ages have direct access to devices while learning. The large influx of new devices and ongoing refresh cycles require IT departments to efficiently configure, maintain, and secure each new addition to a school’s ecosystem.

Microsoft Intune for Education simplifies deployment and security for all types of devices—even non-Windows operating systems like MacOS and iOS. Intune uses a web-based dashboard that streamlines initial configuration and allows you to remotely set up, manage, and assist students and teachers with their devices. Security is a cornerstone of Intune for Education; IT professionals can apply security policies to protect users, update policies when necessary, and schedule automatic updates when the school day ends or learning stops. Get started now on moving your school to a cloud-based solution.

School Data Sync is a tool that securely connects data from school information systems (SIS) to Microsoft 365 and other applications. It enables easy rostering and flexible integration through the OneRoster® API or CSV files for a worry-free set up experience with apps like Microsoft Teams for Education and Intune for Education. School Data Sync also enables single sign-on (SSO) options for a more secure sign-in experience.

Districts like St. Lucie Public Schools use Microsoft solutions to handle their 1:1 computing program and ensure security measures are in place before devices reach students.

The cloud-based solution allows us to support cybersecurity from afar. Even while we are inside our district office, we can push out things like virus definitions to home networks to make sure that students’ data are safe.

Terence O’Leary, Chief Operating Officer for St. Lucie Public Schools

Take time to explore all the security options that are available in the Microsoft 365 Education A5 plan and learn how Microsoft Education can help you accelerate learning in a safe, secure school environment. Together, we can build a resilient defense against cyber-threats and foster an environment where everyone’s learning can flourish.

The post Ensuring secure, safe experiences for every school appeared first on Microsoft Education Blog.

Explore 10 Microsoft 365 A5 tools and features that can help secure your district and keep it protected.

1. Detect advanced threats with Microsoft Defender for Endpoint

When vulnerabilities are identified and pursued before they become a threat, student learning can remain uninterrupted, and all facets of an institution can continue to operate. Microsoft Defender for Endpoint is a security platform designed to protect enterprise networks from advanced threats using a combination of technology built into Windows 11 and Microsoft’s cloud service. It uses endpoint behavioral sensors, cloud security analytics, and threat intelligence to detect and respond to advanced threats.

2. Prevent phishing attacks with Microsoft Defender

Phishing attacks can happen to anyone within a school or district. Microsoft 365 Defender provides multi-tiered phishing prevention that helps protect users from increasingly complex phishing attacks. Within Defender, default settings protect users from the start and IT staff can fine tune settings such as Spoof, Impersonation, and Advanced Phishing Thresholds. Schools can also refine and improve their protection through simulating attacks on individuals or groups within Active Directory or through Breach and Attack Simulation.

Configure Anti-Phishing settings

3. Protect users from malware with Microsoft Defender

Malware is a huge concern for schools. In fact, over 80% of reported malware attacks in the past 30 days occurred in education. Microsoft Defender contains a security feature that helps schools protect against malware, including viruses, ransomware, and spyware. It runs continuously in real-time to monitor for malicious activity and performs daily scans to check for any threats that may have slipped through. If Microsoft Defender detects something suspicious, it will try to block it and alert the user. Users can also manually initiate a scan for malware at any time from the Microsoft Defender dashboard.

Configure Anti-malware settings

4. Address risks with Microsoft Purview

Whether threats are intentional or inadvertent, it’s vital for schools to utilize every tool and resource available to identify potential risks and close gaps before a breach occurs. Microsoft Purview Insider Risk Management helps organizations identify and address potentially risky activity by leveraging a range of service and third-party indicators. It uses logs from Microsoft 365 and Microsoft Graph to define policies for identifying risk indicators. It also provides the ability to take action to mitigate identified risks, open investigation cases, and take legal action if necessary, using eDiscovery (Premium). This tool helps schools respond to legal matters or internal investigations by identifying and collecting relevant data from the Microsoft 365 platform.

5. Manage mobile and laptop devices with Intune for Education

Intune for Education is the Microsoft 365 A5 solution for device management. In an era of Zero Trust security models, schools that reduce the number of external tools and apps students and staff use help eliminate potential insecurities and breach points. Intune for Education provides IT staff with a single platform that can manage a mix of laptops, tablets, and smartphones in multiple operating systems such as Windows, MacOS, iOS, Linux, or ChromeOS.

Manage your endpoint devices

IT administrators can distribute apps to students and educators without physically handling their devices. These apps become available to users the next time they log in and follow them to any device. This ensures students only have access to the instructional apps they need for learning.

Manage your endpoint apps

6. Follow legal guidelines with Compliance Manager

Compliance and security go together. By understanding and following compliance requirements, schools can better protect students and secure sensitive information. Compliance Manager in Microsoft 365 A5 provides each school with a compliance score that helps IT staff better understand their compliance posture. Schools have access to over 200 easy to use templates that simplify compliance for policies like FERPA and COPPA.

7. Archive communication with Litigation hold

With the number of users and sensitive data that schools support, there is a high chance of needing access to past email for a variety of legal purposes. Litigation hold allows IT administrators to retain all mailbox content, including deleted items and original versions of modified items, in a user’s primary and archive mailboxes. IT staff can specify a hold duration for the retention of deleted and modified items or retain the content indefinitely until the hold is removed. When a Litigation hold is placed on a mailbox, deleted items and modified items are retained in the user’s Recoverable Items folder for the duration of the hold. Additionally, the storage quota for the Recoverable Items folder is increased from 30 GB to 110 GB.

8. Encrypt email with Microsoft Outlook

Email is a common target for school cybersecurity attacks. In 2019, Microsoft blocked 13 billion malicious or suspicious emails. Microsoft Outlook’s protection extends to other facets of email, too, including encryption. Encrypting an email message in Microsoft Outlook converts it from readable plain text into scrambled cipher text that can only be read by someone with the private key that matches the public key used to encrypt the message. Outlook offers two encryption options: S/MIME encryption, which requires a mail application that supports the S/MIME standard, and Microsoft 365 Message Encryption (Information Rights Management). Any recipient without the corresponding private key will not be able to read the encrypted message. Through encryption, schools can keep sensitive data, such as student information, secure while still being able to share with the appropriate staff members or caregivers.

9. Save videos to a private server with Microsoft Stream

Microsoft Stream is a video server platform that helps keep content secure. The platform simplifies the process of recording Teams meetings and sharing with a group, whether that’s a class of students or one for faculty and staff members. Videos are automatically saved in OneDrive and can be shared directly within a Teams for Education class or through the share settings. By keeping files in an internal, managed setting, districts can avoid uploading videos to a public-facing video hosting platform and eliminate the need to pay for a separate district video server.

10. Protect files with Microsoft Defender Safe Documents

Students, teachers, administrators, and caregivers are constantly sending and sharing a variety of files and documents. Because of this, a single corrupted file could easily be opened and cause potential harm. Institutions that use Safe Documents can view potentially malicious files in protected view without the risk of infection. This grants users protection from harmful documents while still being able view the content. Safe Documents scans Office documents in Protected View or Application Guard for Office using the cloud backend of Microsoft Defender for Endpoint. Users can access Safe Documents protection without needing to have Defender for Endpoint installed on their local devices.

Meeting schools’ unique security needs

Microsoft 365 A5 security tools help protect educational institutions from various cybersecurity threats. It includes advanced threat protection through tools like Microsoft Defender for Endpoint, mobile device management with Intune for Education, and phishing prevention with Microsoft 365 Defender. By implementing this comprehensive security solution, districts can better secure their schools and protect themselves from evolving risks.

Explore Microsoft A5 security tools to learn more about protecting against cybersecurity threats.

• Getting started with anti-malware in Microsoft Defender
• Easily manage devices with Microsoft Intune for Education
• Securely manage videos with Stream (on SharePoint)  

The post Protect against cybersecurity risks with Microsoft 365 A5 security appeared first on Microsoft Education Blog.

In today’s learning environment, many schools are providing options for blended learning. With this shift, schools have an increased responsibility for keeping devices functioning properly and keeping online environments secure. 

With on-premises management solutions, school IT managers physically manage each device on school grounds, periodically collecting student devices to perform updates. These updates can be time consuming and disruptive, so IT professionals in schools around the world are turning to cloud-based solutions to streamline the process. 

Many districts, including the Bridgeport, Connecticut school district, found that following Microsoft’s path to cloud management for education helps them efficiently manage, deploy, and secure devices from anywhere.

Jeff Postolowski, Director of Information Technology for the Bridgeport School District, reported that after moving to cloud-based management of the district’s devices, “the IT department has gotten back about 30 percent of its time, which it can now use to enhance curriculum and deliver teacher professional development.” 

The cloud management solution from Microsoft Education

Microsoft’s cloud management solution includes the deployment of Microsoft Azure Active Directory, Intune for Education, and School Data Sync. 

Let’s take a look at some of the key steps on the path that can help your school or district move from legacy on-premises and hybrid management to cloud-based management. 

Maximize teaching and learning

School IT leaders need tools that enable them to deploy devices faster and minimize downtime so teachers and students can focus on what matters most. With cloud-based management, devices are always up to date. They update silently, automatically, and outside of class time, while helping to ensure the latest in security and reliability. Microsoft Intune allows IT to deliver the right apps and policies securely to every student and teacher device. Best of all, the time saved can be used to help teachers make the most of the school’s investments in learning technology. 

Simplify deployment and management

Intune for Education also allows devices to be set up and configured remotely with zero touch, eliminating the need for IT to physically interact with the devices. With several options for provisioning, including Windows Autopilot or the Set up School PCs app, getting new devices ready for learning is quick and easy. Azure Active Directory and Intune for Education combined allow IT staff to establish identities and control access to resources across the network, and help ensure that the right users always have access to the right resources. School Data Sync allows system administrators to define classes, groups, and rosters to also be used in Microsoft Teams, and enables automatic deployment of settings and apps to the right user groups. 

With these tools working together, schools like those in Shelby County are able to scale up quickly and provide devices and apps to all students.

Build a secure and scalable platform

Moving to cloud-based management with Microsoft provides a secure foundation that allows your school to grow and scale toward the future. Web-based tools enhance device management and enable future upgrades and security and performance improvements. 

The ability to apply updates and security patches automatically across all cloud-managed devices, combined with the identity security of Azure Active Directory, empowers districts like the Tustin School District in California to keep students, teachers, and school data secure from cyberattacks. 

Ease your path to the cloud

With applications and resources built for education, the process of moving your school or district to cloud management can be simple. Windows, Intune for Education, and Microsoft 365 are designed to work together for a cohesive, comprehensive cloud-based experience. Step-by-step technical setup guides can help IT professionals deploy the system themselves, or the Partner Finder can help identify a deployment expert who serves the education market in your area. You can also engage with both Microsoft experts and IT peers in education through webinars and online forums, and receive 1:1 migration assistance on the Education Insiders Program. 

Next steps

The flexibility that blended education now requires makes cloud-based management the clear choice for education leaders looking for ways to support students at scale across a variety of environments. And in many cases, moving to cloud management is not an additional expense. To learn more about moving to cloud management with Microsoft Education, we encourage you to contact us. If you’d like to begin your journey to cloud management, visit the Path to Cloud Management infographic or take the Microsoft Learn course to get started today. 

The post Today’s classrooms require flexible, scalable device management appeared first on Microsoft Education Blog.

The Microsoft 365 A1 for devices license costs $38 per device for up to six years, providing more for students and educators relative to competitive offerings at the same price. Microsoft 365 A1 for devices will allow you to support student learning experiences on desktop Office apps with or without an Internet connection. You can unlock social and emotional learning experiences with Reflect in Microsoft Teams, and connect with students where they already are with Minecraft: Education Edition. And with device management through Microsoft Intune for Education, you can save time by managing your devices in a single cloud dashboard as part of Microsoft 365. To learn more, visit our Microsoft 365 website or contact sales to speak to an education expert.

And while licensing gets more affordable, Microsoft 365 and Teams continue to get even better for learning. Microsoft Teams Content from camera gives educators and students the ability to share physical handwriting from a whiteboard or document using their laptop’s camera. Students will be able to see the whiteboard in real-time, even if their educator is standing in front of the whiteboard. This will help build an inclusive classroom experience for every student. 

Microsoft Teams Content from camera joins a growing list of features like Reading Progress and Speaker Coach in PowerPoint and Teams, and the new Reflect social-emotional learning characters in Teams to superpower learning experiences. These features provide even more ways to engage, empower, and give immediate personalized feedback to students while at the same time helping educators connect with students on an individual level to identify opportunities for differentiated instruction. Click here to see more of what you can do for your students and school with Teams.

As Microsoft 365 innovative learning experiences continue to grow, the new Microsoft 365 A1 for devices license provides affordable tools and features to support all learners, including students of all ages, whether they’re in the classroom or at home. Learn how you can get started now by visiting our Microsoft 365 website or contacting sales to speak to an education expert.

The post Support all learners with the new Microsoft 365 A1 for devices license appeared first on Microsoft Education Blog.

As they move forward to implement recovery plans, they want to build on these investments while filling recession-driven budget gaps. To support these goals, new government stimulus funds may be available to purchase technology that can better engage students from wherever school happens. Visit the U.S. Department of Education website to learn more.

Hybrid learning—here to stay?

Many institutions imagine a future where hybrid learning is here to stay. According to a RAND Corporation survey, 10 percent of district leaders have adopted or are considering a long-term hybrid instructional model, and another 19 percent said they were considering ongoing remote instruction.

Many find that technology adopted for remote learning has long-term value to spark new experiences and levels of engagement. At the same time, schools must ensure high levels of security and privacy. Institutions are meeting these needs with Microsoft Surface devices, giving faculty, staff, and students the freedom to teach and learn from anywhere while staying highly secure and productive. 

For example, Morehouse College improved collaboration, productivity, and equity by offering Surface Go 2 devices to all students. Shelby County Public Schools took the same approach to overcome multifaceted educational challenges. Microsoft brings a strong focus on technology accessibility and inclusion to help meet diverse student needs. 

Better learning for every student

In today’s digital, physical, remote, and hybrid classrooms, teachers need new ways to help every student achieve more. Providing them with natural ways to work can help. Touchscreens support intuitive interactions for every student, whether they’re Pre-K or postgrad. Digital inking offers the versatility to sketch ideas, take notes, or do math equations. The Surface family of devices offer rich, responsive interactions like these to help drive student success.

With 2-in-1 devices like Surface Go 2, students can quickly move from writing essays using the keyboard to navigating the web with touch and inking on the screen. These devices are also lightweight and portable for even the youngest students, and they feature a sleek design everyone can appreciate. With all-day battery life and optional LTE, students have the flexibility to keep learning from anywhere. 

Microsoft Surface devices also empower school districts to choose solutions that meet their unique needs. With the Surface Laptop Go, the features most loved by Surface Laptop customers have arrived in a smaller, more affordable design built to fit school budgets. It’s lighter than most textbooks, yet powerful enough to run essential education apps. 

Creating the classroom of the future, today

Many classrooms of the future will follow a hybrid model, mixing remote and in-person learning—a perfect scenario for the Surface Hub 2S large-format digital whiteboard and the Microsoft Teams collaboration environment. Together Mode in Teams puts remote participants in a shared digital space, reducing distraction and creating a connected class experience. 

By unifying in-person and remote participants, hybrid learning becomes more seamless and engaging. This is just one example of the many Teams features that can bring hybrid learning to life. 

Secure and manageable for the long term

Of course, for schools to use any technology, it must meet strict security and privacy requirements. Surface devices feature modern, chip-to-cloud security. Updates are pushed out automatically, helping to ensure that every user has the latest protections. By adding Windows Defender Advanced Threat Protection and Microsoft Endpoint Manager (sold separately), schools can identify and mitigate attacks to prevent data loss and unify device management.

The busy IT departments responsible for managing the transition to remote and hybrid learning can breathe a sigh of relief. Surface devices are easy to deploy and manage. Windows Autopilot provides zero-touch deployment so students, faculty, and staff can set up their devices without help from IT and start using them from day one. Using Microsoft Endpoint Manager, IT administrators can manage all of their district’s devices from one place so they can focus on supporting new forms of learning. 

Microsoft is committed to supporting educational institutions as they move from recovery to reimagining. To learn more, watch the webinars about building transformative device strategies for hybrid learning in K-12 and higher education. To find out more about purchasing Surface devices, connect with a Microsoft partner today.

The post Microsoft Surface devices support the next phase of learning appeared first on Microsoft Education Blog.

Susquehanna Township School District in Pennsylvania understood that device and platform reliability for its 3,000 students and 500 staff should be a priority when shifting to remote learning last March. Justin Green, the district’s IT Director, facilitated the transition.

“We wanted to provide the best education possible while keeping our students as safe as possible,” he said. “It was a hard balance to find at first—but with Microsoft, we didn’t have to choose.” Today, with about half of Susquehanna students in the classroom and half online, Green has helped teachers enable a secure hybrid learning environment. Using the free, innovative security features within Microsoft Teams, Susquehanna teachers can keep their classroom both secure and structured—no matter what the learning environment is.

Whether students are learning from home or in the classroom, educators can find peace of mind with reliable Windows 10 devices and Microsoft Teams. Together, the technologies not only enable secure learning environments—they also foster collaboration, creativity, and connection for classrooms across grade levels and learning needs.

To help you follow Susquehanna’s lead in setting up secure classrooms for your school, we’re sharing the below best practices for Teams. These tips help educators maintain a secure classroom before, during, and after students log on.

Set your meeting up for success before class even begins

• With many students attending class from home, it can be difficult to control background sounds and other interruptions. When you manage audio permissions, you can control whether students are automatically muted when they join class and whether they have the ability to unmute themselves.
• As a general rule, students should join class as attendees rather than presenters, which prevents them from using elevated controls like removing other students from the classroom or muting them. You can limit who has a presenter role to create consistency and minimize distractions in your classroom.
• To prevent students from joining class unsupervised, you can control how students and guests enter your class. This option allows you to manage who—if anyone—may enter your meeting directly, without needing to be manually admitted from the Student Lobby.

Manage and change classroom security settings during class

• You can also reduce distractions during class by muting students’ audio. The Mute All feature keeps students focused on their lesson and reduces the chance of background noise. If a student is being disruptive, you can also use Hard Mute on an individual level.
• To keep class content secure, you can mute students from meeting chats. If you see inappropriate or offensive messages sent through chat in a meeting, you can delete the message.
• Once class is underway, you can still change attendee or presenter roles as needed in your meeting options. Changes to this setting take effect immediately, so you can allow a student or guest to present when appropriate.

Maintain secure environments even after class ends

• Simply hanging up or closing the meeting window does not automatically end the class, so select End Meeting in your meeting controls. This ensures that all your students leave the meeting, preventing them from staying online unsupervised.

These features allow educators to create secure online classrooms that are reliable for their students. As Green noted, Teams “gives teachers more ownership over their classroom and allows students to focus” during remote and hybrid learning. “Features like Student Lobby and Hard Mute really improve the learning experience because students aren’t as disrupted by their surroundings.”

No matter what the future holds for learning environments, powerful solutions like Windows 10 devices together with Microsoft Teams can help make the most of any circumstance. Learn more about how these tools create engaging and structured classrooms that mitigate distractions and provide consistent learning.

The post Tips to keep your classroom secure with Microsoft Teams appeared first on Microsoft Education Blog.