Cygilant Blog

Education Security: 5 Simple Ways to Protect Education Records

Posted by Vijay Basani on Aug 6, 2015

Because we feel, with good reason, that children are special, we tend to forget that the technology used to teach them, keep their records, count attendance, and send out grades is anything but.

Edtech, as it’s called, is as vulnerable as any other technology. Because education is an increasingly profitable sector, the data it produces—from K–12 through university graduate programs—is susceptible to the same forces as the rest of world. In particular, you see the same corner-cutting on the part of developers and the hacking by criminal gangs and nation states.

The most recent instance of this vulnerability? Impero Education Pro.

Here are five simple tools and actions you can take to improve security surrounding education records.

  1. Use secure products. It’s not just the students who use a lot of different digital tools. There are also the teachers, the administrators and the parents. Whenever you decide to use an app or a website, first determine whether or not the company that makes it has strong privacy and data security practices. If they don’t, don’t use them. It’s just not worth it.

  1. Consult the Student Privacy Pledge. When evaluating companies and their products, consult the privacy pledge page. The pledge, created and maintained by the Future of Privacy Forum and the Software & Information Industry Association, has been signed by a host of digital tool creators. It provides a list of companies who have promised in plain view to keep education data, and the people it’s attached to, safe.

  1. Use the security controls. Most software, apps and websites (especially those targeted to K–12 users) will feature security and content controls. Understand how they work and employ them. Omitting such controls can violate the Family Educational Rights and Privacy Act, as well as the Children’s Online Privacy Protection Act, which most educational developers are careful not to do.

  1. Access and review student records. Individual schools and school districts are obliged to make their student data available for parental review. Make sure that you review the digital tools your students use and the contracts with school districts that the manufacturers have signed. You can, among other things, determine how stringent their privacy provisions are.  

  1. Implement standard security measures. Every sensible corporation in the country has—if they are taking security as seriously as they should, given the skyrocketing hacking rate—implemented a list of security measures. Every school, university, school district and educational or research institution, should do the same. Appoint a security point person. Inculcate a security-based culture and strong security processes in your institution. Survey your vulnerabilities, rank your risks and share that ranking across the institution.

As a principal, president, or district CTO, you will likely require help in instituting a security system that will keep your students and their data safe. This is where EiQ’s education solutions can help, providing 24x7 securing monitoring, guidance, log management, and continuous assessment to help rank and eliminate threats to keep students safe. EiQ also provides support when navigating the network of federal and state privacy laws that contain auditing and reporting mandates. EiQ will help ensure compliance of the whole network in seconds to alleviate some of the many challenges facing educational institutions today.

Top photo credit: bikeriderlondon/Shutterstock

Tags: Education, Privacy, Managed Security Services

Most Recent Posts

Subscribe to Email Updates