The media is often flooded with stories about data breaches and hacked accounts. Knowing that your personal information may be available on the 'dark web' is a frightening prospect.
For school board members, the responsibility of maintaining sensitive district and student information can weigh heavy. School boards are accountable for ensuring that the information related to students and the school district stays secure and protected from accidental or intentional sensitive data exposure.
Personal information, large financial transactions, and other confidential and sensitive information can make school districts lucrative targets for sensitive data exposure.
K12.com's sensitive data exposure shows that school systems are susceptible to bad cybersecurity practices that can put student and school information at great risk.
Local school boards are just as prone to sensitive data exposure, just like K12.com recently experienced. There is much to learn from this experience to educate school boards on how to make proactive decisions to mitigate the risk of data breaches and cyberattacks.
Setting aside the funds for cybersecurity, establishing more robust policies, and training employees and board members in cybersecurity practices can all help in mitigating cyber risks.
The cloud puts non-public information at risk of being viewed by outside individuals or organizations. These breaches in data can be unintentional, or be a result from weaknesses of the applications that are used to access the cloud or other ineffective cybersecurity procedures.
If your school board passes around a hard copy of sensitive data to each board member and someone takes that hard copy home with them, the potential scenarios of how the information could be exposed is limitless; and, more importantly, that information is then untrackable. Sensitive data exposure is fairly easy when there are physical copies of information that may have been left and forgotten in a public setting. It does not take a skilled hacker or cybercriminal for someone to swipe a hard copy of a sensitive document off of a desk.
Even downloading and maintaining documents on a harddrive can open up the school board to sensitive data exposure. Files on the harddrive of any device are still susceptible to malicious hackers who can infiltrate the device's system.
BoardDocs, a Diligent brand, is a cloud-based school board management software. Unlike many cloud-based services, BoardDocs boasts physically secure servers (that are video monitored) and 256-bit encryption, the strongest level of encryption currently available. These elements ensure privacy and security for your board's most confidential and sensitive data.
BoardDocs' software encrypts all data, features automatic archiving in the 'Library' function, and has a daily backup service to help mitigate risks related to sensitive data loss or exposure. Additionally, users can access 24/7 technical support, free of charge. These features and functions are important to BoardDocs as it helps support an efficient, effective, and successful school board. Ensuring that your board's information is protected and secure means that your board has more time and energy to spend on other important governance issues.
Leveraging board management software helps school boards mitigate the risks for sensitive data exposure or loss. BoardDocs' security and features support and promote cybersecurity procedures that protect the sensitive information of your district and your students. Maintaining secure and encrypted digital records, strong recovery methods, and a secure cloud network encourage a culture of strong cybersecurity practices.
For school board members, the responsibility of maintaining sensitive district and student information can weigh heavy. School boards are accountable for ensuring that the information related to students and the school district stays secure and protected from accidental or intentional sensitive data exposure.
Sensitive Data Exposure on K12.com
K12.com is an online education platform where recently the personal information of millions of students was exposed. A K12.com database that contained nearly 7 million student records was left open, and any person with a connection to the internet could access it. The issue affected K12.com's Anywhere Learning System (A+LS), which is utilized by more than 1,100 school districts in the United States. The exposed information from student records included:- Primary personal e-mail address
- Full name
- Gender
- Age
- Birthdate
- School name
- Authentication keys for accessing ALS accounts and presentations
- Other internal data
Personal information, large financial transactions, and other confidential and sensitive information can make school districts lucrative targets for sensitive data exposure.
K12.com's sensitive data exposure shows that school systems are susceptible to bad cybersecurity practices that can put student and school information at great risk.
Local school boards are just as prone to sensitive data exposure, just like K12.com recently experienced. There is much to learn from this experience to educate school boards on how to make proactive decisions to mitigate the risk of data breaches and cyberattacks.
Bad Cybersecurity Practices That Increase the Risk of Sensitive Data Exposure
-
Not having a solid defense regarding the school district's sensitive data.
Setting aside the funds for cybersecurity, establishing more robust policies, and training employees and board members in cybersecurity practices can all help in mitigating cyber risks.
-
Maintaining data on 'the cloud.'
The cloud puts non-public information at risk of being viewed by outside individuals or organizations. These breaches in data can be unintentional, or be a result from weaknesses of the applications that are used to access the cloud or other ineffective cybersecurity procedures.
-
Not having a recovery plan for sensitive data.
-
Operating with paper documents.
If your school board passes around a hard copy of sensitive data to each board member and someone takes that hard copy home with them, the potential scenarios of how the information could be exposed is limitless; and, more importantly, that information is then untrackable. Sensitive data exposure is fairly easy when there are physical copies of information that may have been left and forgotten in a public setting. It does not take a skilled hacker or cybercriminal for someone to swipe a hard copy of a sensitive document off of a desk.
Even downloading and maintaining documents on a harddrive can open up the school board to sensitive data exposure. Files on the harddrive of any device are still susceptible to malicious hackers who can infiltrate the device's system.
-
Using e-mail for school board business.
Board Management Software That Reduces Risk for Sensitive Data Exposure
When school boards are utilizing board management software, it is imperative that they look at the features and capabilities of the software in terms of securing sensitive data. The software should promote and support strong cybersecurity practices to protect sensitive data related to the public school district and its students.BoardDocs, a Diligent brand, is a cloud-based school board management software. Unlike many cloud-based services, BoardDocs boasts physically secure servers (that are video monitored) and 256-bit encryption, the strongest level of encryption currently available. These elements ensure privacy and security for your board's most confidential and sensitive data.
BoardDocs' software encrypts all data, features automatic archiving in the 'Library' function, and has a daily backup service to help mitigate risks related to sensitive data loss or exposure. Additionally, users can access 24/7 technical support, free of charge. These features and functions are important to BoardDocs as it helps support an efficient, effective, and successful school board. Ensuring that your board's information is protected and secure means that your board has more time and energy to spend on other important governance issues.
Leveraging board management software helps school boards mitigate the risks for sensitive data exposure or loss. BoardDocs' security and features support and promote cybersecurity procedures that protect the sensitive information of your district and your students. Maintaining secure and encrypted digital records, strong recovery methods, and a secure cloud network encourage a culture of strong cybersecurity practices.