A recent report found that 37 percent of district-level administrator respondents are not concerned about data breaches. An alarming 43 percent of respondents either are not monitoring for potential violations of government data privacy regulations—such as FERPA, COPPA, and CIPA—or do not know if their district is. Further, 60 percent reported being confident in the security of their district’s cloud environments, but 50 percent said they either do not have a cloud security system in place or do not know if they do.
The report findings suggest that cloud data security is not a high priority for school districts. But, if data privacy is one of the top priorities on your list, data security must also be a priority. Your data no longer only lives in your on-premises servers, hard drives, and school-managed devices. It also lives in the cloud and can be accessed from anywhere, at any time. You must ensure your students and staff are handling their data in ways that will not publicly expose it.
It takes a village to have a strong cybersecurity posture. Administrators, teachers, staff, and students all need to shift their mindset to help keep your data safe and maintain privacy.
4 Ways You Can Improve Your District’s Approach
Administrators—for the most part—under-informed about what it takes to protect your district’s online documents and resources. As you and your team are planning improvements to the way your district approaches cybersecurity and data privacy, here are a few things to consider:
- Cybersecurity Audit: Take a look at the current cybersecurity approach your team is taking. Which systems are in the cloud? Which are on-site? Once you know where systems are located, implement tactics to protect them. Multi-factor authentication, data loss prevention, and external sharing standards are great places to start when securing your cloud data.
- Educate the educators: Educate your administrative staff, teachers, and students about the cloud. They may not know the steps that need to be taken to protect data. Further, there are people who don’t know which systems are hosted in the cloud or on-site, or how the differences between the two can impact data privacy and security. Having everyone on the same page can help your team make big strides.
- Awareness Training: Your staff, teachers, and students are the first line of defense in cybersecurity. At minimum, keep up with cybersecurity awareness training for staff. Integrate cybersecurity education into school curriculum to help educate students on proper cyber hygiene.
- Rethink Your Resources: Your school district has likely adopted many edtech SaaS applications to help facilitate learning and collaboration since the start of the pandemic. But, have you devoted the resources to securing them? As with your on-site networks and servers, you need resources built specifically to secure data in the cloud.
Based on the report results, more resources must be allocated to cybersecurity. Districts have turned to cyber insurance, but insurance is not a panacea.
Insurance does help, but it’s up to you and all district IT administrators to be proactive in improving how your district’s data is secured.
Older approaches to cybersecurity worked when access only occurred inside school buildings. Your technology team had visibility of the activity taking place on school networks and on locally stored data. However, this isn’t the way school districts operate anymore. More activity is taking place outside of your network and in the cloud where you have less visibility.
As pandemic restrictions begin to ease, your technology team must be forward-thinking in your cybersecurity approach. More learning activity will move to the cloud and cyberattacks will continue to originate there. It’s important for your cybersecurity approach to adapt as well. Doing so will help keep your data safe and protect the privacy of your students and staff.
- K-12 cybersecurity vendors: Is the threat already in your house? - December 6, 2022
- 3 ways to bring teacher PD into the 21st century - December 5, 2022
- Research points to a widening academic divide - December 5, 2022