Search
Member Login

It's Everyone’s Lift - How Leadership Can Help

by Edward Snow and Annette Smith, DPI

By design, schools are meant to be nurturing safe and secure places where staff members are always looking out for the well-being of each and every child.  Principals, administrators, teachers, aides, custodians, bus drivers all play a role in a student's physical safety.

The virtual world has expanded our safety and security boundaries beyond the walls of our school buildings. In the same way, we physically lookout for a student’s safety, we must also protect our students in the virtual world.  The responsibility for a student's virtual safety is everyone's responsibility.

The Problem:
Student demographic data holds real value in the darker corners of the Internet.  Student data can be bought and sold for a host of reasons, most commonly identity theft and credit fraud.Bad actors are more than happy to use the data until the student turns 18 and discovers their personally identifiable information (PII) has been used by someone else.

How everyone plays a role
If you have an email account you likely have access to and utilize student data.  What might seem harmless or insignificant can actually contribute to data exposure.  Bad actors are masters at tricking people into giving away credentials and using algorithms to assemble bits and pieces of publicly available PII into full student data profiles.  Every time we share any student personally identifiable information, regardless of purpose or intent, we run the risk of putting that student in harm’s way.

Some solutions:
Mindset: Think of data as safe and secure in your student information system, behind the locked door of a log-in screen.  And everyone who needs access to it has a key.  When were move data from the security of the student information system (SIS) we lose control of who will share it where. Always keep data in secured and encrypted systems and only allow access to those who need it to do their work.

Creating student lists: Lists are pulled from information systems for a wide variety of reasons. Leadership can positively impact student data privacy by transitioning away from circulated lists and guiding those requests back to the user to look up as needed. Less work for all and far more secure.

Remind your teachers: Do not upload roster data to the latest tech tool. Work with leadership to properly review the company and verify a data use agreement is in place, even for free tools.

Know who and how you are sharing information: Don’t share student information unless you have to and do not share sensitive personal data.Take steps to restrict reproduction or resharing of the data.

Educate yourself, staff and student son best practices.This is a leader's single most important effort to model.  Bad actors succeed via volume. Every administrator, staff member and student is a target to be tricked. Every document shared can wind up in the wrong hands.

At the end of the day, personally identifiable information is needed to make virtual education work.  That same PII that is useful to vendors and online services, in the hands of bad actors can cause harm to our students.  Leading, working collaboratively and keeping staff and students educated on do’s, don’ts, and current trends is the best way to combat cyber and dataloss.  No single one of us can do this alone, the internet is far too vast. When we are unified and thoughtful about how we utilize data we minimize the surface area and give the bad actors less to work with.  It is not up to one of us it is up to all of us.

Resources:
The Wisconsin Department of Public Instruction CyberSecurity Page

 

Read more at:

Elementary Edition - Secondary Edition - District Level Edition