Higher ed prepares for the Internet of Things
A campus washing machine should send students a text when their clothes are done, and it can. Thanks to a concept called the Internet of Things, anything—really, anything—can and will be hooked up to a network.
A simple bathroom scale in an athlete’s dorm room can connect to Wi-Fi and transmit weight, body fat percentage, the room’s air quality and other information to a network that can be monitored by sports trainers.
While little pockets of IoT are springing up in higher ed—both in the form of institution- and student-owned devices—campuswide installations are predicted to be a few years away. That’s not an excuse for sitting back and waiting for smart coffee makers to pop up in every residence hall, however.
Enough bandwidth needs to be purchased. Data storage and usage policies, including around security, need to be developed. Processes for managing more expansive networks need to be defined.
The potential of IoT could touch every aspect of campus life. Student traffic patterns could be tracked by networked wearables such as Fitbits, mobile phones and maybe even the next generation of access cards.
Should a large number students cut through grass to get to a building, for example, campus facilities leaders can use that information to consider building a new sidewalk, says Travis Seekins, associate vice president of student technology at Hardin-Simmons University in Abilene, Texas.
The best way to be ready for this worldwide phenomenon is to start planning and preparing as thoroughly as possible … now.
Prepare for an uncertain future
There is still a great deal of uncertainty about the amount of devices that will be networked on any given campus.
“The scary part is we don’t know the volume of IoT devices that will be coming, and there is a potential deluge we may not be prepared for,” says Seekins. “Development happens so quickly, I fear higher ed’s ability to keep up with data and make useful information secure.”
But while institutions must attract and accommodate students, the desire to bring a device on campus and hook it up to Wi-Fi must be carefully weighed against security, says Seekins.
Also uncertain is what students will want to bring with them in any coming years, he says. “At what point do you potentially compromise security to provide a service that students feel they must have?”
IoT devices already on campus today
- HVAC controls
- Smart washing machines
- Sprinkler controls
- Door locks
- Sustainable trash cans
- Temperature alerts for biology lab freezers
- Robots for distance education
- Supply inventory tracking
- Parking sensors
The intimidating thing about these unknown devices is many of them may be flashy and attractive to students—such as smart shirts that measure heart rate and blood pressure for athletes—but many products may be cheaply made without the proper security built in.
“We have to take what we have learned about BYOD in terms of tracking and monitoring—basically, we have to scale that thinking and hope it works,” says Seekins.
Beef up security controls
From MIT to Carnegie Mellon, large research institutions see IoT as an opportunity to explore and experiment. The CyLab at Carnegie Mellon, one of the largest university-based cybersecurity research centers in the U.S., prioritizes IoT security in particular.
“This is an opportunity to take on a problem up front,” says Vyas Sekar, a CyLab faculty member. “We can proactively inform how to build secure and private IoT infrastructure before it’s here.”
Areas of concern range from physical security—attackers could hack into traffic lights, potentially causing major car accidents—to data. A priority will be protecting personal information kept on campus cards that students now use for everything from entering residence halls to paying tuition.
How exactly to fortify these networks is a question Carnegie Mellon’s CyLab is tackling. But researchers hope to develop the security parameters before IoT technology infiltrates every area of campus.
“Identifying the specific risks and making it easy for IT staff to configure safety policies for hardware, software and the network are what needs to be the focus now,” says Sekar.
Boost your bandwidth big-time
A large amount of IoT devices require major bandwidth. When Oral Roberts University in Tulsa, Oklahoma, bought Garmin wearable watches for all online students and Fitbits for freshmen, campus leaders also had to revamp their network to make all the tech work properly.
Before the 2014-15 school year, students and other users had complained regularly about poor wireless access in dorms and the inability to access grades on mobile devices.
“Any campus is made up of businesses, from dorm rooms to dining halls,” says Michael Matthews, CIO for ORU. “Students expect seamless wireless performance in places of business—and on campus as well.”
To deliver that seamless performance, the university upgraded the switches on its wireless network and modified its configurations. The number of access points was bumped up to 1,100, which are strategically placed indoors, outdoors and even on buses carrying athletic teams.
Data can now be collected more easily from the Fitbits and imported into the student information system. Health faculty have access to the information to ensure freshmen are meeting the institution’s 10,000 steps a day fitness requirement.
“IoT allows data to be auto-integrated into our system of record,” says Matthews. “We can see all of the information we need on students in one place.”
ORU officials decided it would be too invasive to analyze some of the other information, such as sleeping patterns and calories burned in a day, that Fitbits can collect. Yet the university will still have to develop new policies each time a new type of device comes online.
Institutions need to define exactly which student devices are allowed on a network—and decide issues like whether individual departments could install artificial intelligence technology on their own versus having a central IT handle it and if the institution should purchase cybersecurity insurance.
“The promise of IoT is that things can get done better, faster and cheaper,” says Mike Abbiatti, vice president for educational technologies for the Western Interstate Commission for Higher Education cooperative. “But to make that happen, high-level decision-making needs to be done collaboratively, and policies clearly stated.”
Prioritize network performance
That collaboration needs to happen among all of the different groups of decision makers on campus, says Abbiatti. “IoT cannot be siloed. It is not a technology issue that can simply be handed to the CIO to solve.”
The data collection side means that there are legal and financial facets of IoT, requiring policy and decision-making by the college president and CFO. And procurement chiefs, for example, should have input in institution-owned IoT-enabled machine purchases.
“The departments actually working with the technology should be part of the conversations before the equipment shows up,” says David Allen, director for enterprise systems for Pacific Lutheran University in Tacoma, Washington. “We want to be proactive from a support standpoint.”
Pacific Lutheran has IoT-enabled smart HVAC equipment, smart card readers and door sensors that count the number of people who enter the library.
“We have supported BYOD for nearly 20 years, and at least for the management side of serving the student, IoT is simply an extension of that,” says Allen. For example, if a student brings a smart coffee maker, it could be identified on the network as belonging to that student.
But other issues can be a bit more complicated. “We have to decide to which network segments specific devices should connect,” says Allen. “Different university systems reside on different segments for security and protection purposes and we need to keep student devices off of segments where critical functions reside.”
Do as little custom configuration of the network as possible, even if that means some devices will not be able to connect, says Greg Briggs, Pacific Lutheran’s network manager. “Custom configurations make your network more difficult to manage, keep secure and operate at maximum speed.”
For example, the connection standards of a Nintendo DS mean it cannot join the university’s modern Wi-Fi system. Other students would experience a serious performance slowdown if network standards were lowered to accommodate students wanting to use the device.
“We just have to draw some lines from a service standpoint,” says Allen. “We are not going to change all of our configurations if it’s going to cause problems for other devices.”
And those service policies need to be communicated to students, who need to understand that all requests cannot be granted. Student rights need to be considered from a privacy standpoint as well.
“There is an ethical question around tracking student devices around campus,” says Allen. “It would be cool to analyze web traffic in a classroom to get a sense of level of classroom participation, but that may cross ethical boundaries.”
As Travis Seekins points out, higher ed must plan comprehensively for IoT, lest those with malicious intent take advantage of confidential data on underprotected networks. “We need to resign ourselves that it’s coming,” he says. “Let’s be good stewards of the technology and make sure it is used appropriately and beneficially.”
Kylie Lacey is associate editor of UB.