Keeping sensitive data and student information secure is a top priority
Student data is a hot topic these days, and as the new school year kicks off, educators and school leaders are examining their data storage and data security practices to ensure that sensitive student information remains private and secured.
Most school information security approaches are multi-layered and come together from different angles to offer protection from a variety of threats.
Schools deal with sensitive and private student information—information that is necessary to connect students with the right resources and opportunities. As the new school year begins, a quick data security refresher can help educators use, and protect, sensitive student information.
(Next page: Five data protection policies)
Data protection is both a local and federal concern.
Speaking at the Common Sense Media Privacy Zone Conference on Feb. 24, U.S. Secretary of Education Arne Duncan said keeping student data secure and using it for its intended purposes are top priorities.
Deena Coffman, CEO at IDT 911 Consulting, outlined five data protection considerations and actions for the new school year.
1. Children are not immune to identity theft due to a lapse in data security. Parents often assume that because a child is a minor, there is no need to monitor that child’s Social Security number. Once a person’s Social Security number is exposed, they are exposed to identity theft for the rest of their life, Coffman said, noting that it’s easy to locate a person’s name, address, and date of birth to use in conjunction with the Social Security number.
2. Administrators and teachers should be educated about data security risks, and schools should set policies that keep data secure. For instance, IT staff can take inventory of school networks and clean out data stores.
3. Actively search computer networks. “The trouble is that you’ve got this old computer with sensitive data on it, it’s been forgotten, and you upgrade it and bring it back to life and it’s exposed to the internet, and all of a sudden, student information is online,” Coffman said. “Make sure you dispose of the information.”
4. Think before you dispose. People often throw out computers, hard drives, and network copiers—or worse, they sell them on eBay without wiping the data. Network copiers are a silent data security threat, because images of copied items are stored on hard drives. That data is often overlooked when the copier is thrown out or sold. “Data storage devices have to be handled as such,” Coffman said.
5. Take data security threats seriously. It’s easy to assume that your policies and practices are top-notch, but in reality, the most secure student information is safeguarded by those who take security risks seriously.