K-12 Data Security: It’s Never Been More Important to Have a Plan

Unless you’ve been offline since the days of dial-up and connecting to the internet courtesy of a CD from America Online, you know what it’s like to turn on the news and wonder if your passwords are now in some hacker’s grubby fingers.

Yahoo!. Equifax. MySpace. Facebook. LinkedIn. MyFitnessPal. Or, to limit our scope to those discovered just in 2018: Starwood Hotels, Twitter, Quora, Facebook (again)… even Panera Bread.

Hundreds of millions of records, including usernames, passwords, email addresses, credit card data, passport information, personal data and more, intentionally stolen or accidentally leaked.

It’s bad enough when our own information is at risk. Is this going to be a big headache for me? But what about those who have entrusted their data to us? Are we doing enough to protect the data of students and employees?

Apparently not. According to the K-12 Cybersecurity Resource Center’s review of 2018, there were 122 cybersecurity incidents in 119 public K-12 education agencies in 38 states. That number is probably low, since it only includes incidents that were discovered and publicly disclosed. As of this writing there have been over 420 incidents since the beginning of 2016.

At the same time, district leaders aren’t backing away from technology. When Project Tomorrow released “The State of K-12 IT” in November, it found that 97% of district administrators view technology as important to student success — with many pointing to initiatives like flipped learning, competency-based learning and online professional development as quickly-growing trends.

Protect Data Security by Preparing Your People

Two more striking statistics from Project Tomorrow’s study: 61% of district administrators say it’s a top priority to provide teachers with professional development on protecting student data — even though only 8% of teachers say that they need that kind of professional learning.

EdTech Strategies CEO Doug Levin agrees with the district administrators. Speaking to EdWeek in November, he said that training on how to protect sensitive data is key: “Perhaps just as important as hardware and software that guards against malicious attacks is raising awareness about them and providing training to staff, students, and parents.”

In the same article, Marie Bjerede of the Consortium for School Networking concurs. “The big hitter in protecting your systems and data is to train all staff on detecting and not clicking on fraudulent phishing e-mails, and on exercising good password hygiene.”

Where to Begin?

In addition to cloud software that meets the highest security standards, it has never been more important to have a plan for K-12 data security. Frontline’s “Cybersecurity Program Getting Started Guide” pulls together resources you’ll need to build a team, examine and classify your data, perform risk assessment and gap analysis, and then take action.

Download the Cybersecurity Guide Today