Among the reasons many K–12 schools have made Chromebooks their tech of choice for remote and hybrid learning is the protection they provide against cyberattacks. Because most of their operations are based in the cloud and are easily controlled by system administrators, the devices are widely seen as highly secure.

Still, K–12 IT professionals say, the standard security perks that come with most Chromebooks aren’t enough on their own to prevent bad actors from accessing private data — or to keep students from visiting dangerous websites.

“To really lock down any device, you have to look at your management practices,” says Keith Bockwoldt, CIO at Hinsdale Township High School District 86 in Hinsdale, Ill.

Chromebooks include some security tools that only work if they’ve been manually activated, he explains. “Zoombombing,” for example, can be a threat no matter what devices students use.

Here’s a closer look at the key security features that set Chromebooks apart from many of their peers, and some additional insight from Bockwoldt about how to make them work.