Publication Date
7-7-2026
Abstract
K-12 educational institutions face an ongoing challenge in protecting endpoints when budgets and staffing prevent the implementation of standard security best practices. Technology directors routinely make difficult decisions about administrative rights, software controls, and security tooling, but they lack frameworks designed for the constraints and priorities specific to educational environments. This paper develops a security architecture decision framework tailored for K-12 endpoint protection. The framework integrates five weighting dimensions to help technology directors evaluate competing architectural choices. These dimensions include educational impact, security risk reduction, resource requirements, compliance obligations, and operational feasibility. The framework creates structured documentation that helps decision-makers communicate trade- offs to stakeholders and preserve institutional knowledge despite staff turnover. The paper addresses endpoint protection decisions around administrative rights, application controls, antivirus and security tooling, and monitoring implementation. The framework differs from enterprise security methodologies by incorporat- ing educational considerations, such as instructional impact, alongside traditional security metrics. The paper demonstrates framework application through realistic scenarios common in K- 12 environments, including setting admin rights policies, vetting software requests, and selecting security monitoring tools. These scenarios illustrate how the framework helps technology directors make defensible choices, explain trade-offs to administrators and boards, and build security roadmaps aligned with available resources. The paper concludes with implementation guidance for K-12 technology directors and discusses framework limitations and areas for future research.
Included in
Information Security Commons, Management Information Systems Commons, Technology and Innovation Commons