A data breach by the Texas Association of School Boards (TASB) offers a cautionary tale about how K-12 school districts and their vendors should communicate the (bad) news to stakeholders.
Posts in category Privacy
There Can Be No Privacy without Security
If there is an Achilles’ heel to a future of robust personalized learning for all K-12 students, it is the uneven attention to the cybersecurity risks facing school information technology assets and data. In this post, I offer emerging lessons about real and perceived information security issues facing schools from the data underlying the K-12 Cyber Incident Map.
In the News: How Google Took Over the Classroom
Companies are exploiting the education space for sales and public good will, and parents and educators should be questioning how those in the public sector are carrying the branding and marketing of private companies.
Three Lessons from the Google Docs Phishing Scam: K-12 Education Edition
Earlier this week, an unknown person or persons launched a short-lived, but clever cyber attack against Google Docs’ users. While apparently not targeted toward schools, it very quickly found its way to K-12 classrooms nationwide, resulting in alarm and confusion. Based on my investigation of the exploit, here are the three lessons I believe those of us in K-12 education should take from this incident.
Introducing the K-12 Cyber Incident Map
Today, I am pleased to introduce and launch the “K-12 Cyber Incident Map.” It is a visualization of cybersecurity-related incidents reported about U.S. K-12 public schools and districts from 2016 to the present. Painstakingly assembled from public reports, it was created to begin to build a data-based awareness of the scope and variety of digital security and privacy threats facing K-12 public schools and districts, as well as to shed a light on the need for uniform standards for disclosing cyber incidents affecting schools, students, and educators.
The Next Social Contract for Public Education Needs New Terms of Service
It is time to reboot the social contract for public education in a digital age. At the same time, we must remain clear-eyed and recognize the ways in which technology also introduces new issues and potential threats. What we need are terms of service that provide every student and their family assurances that their interests remain at the fore.
In the News: On Digital Security Audits of School Districts
Select state government audits of school district IT security procedures find a concerning state of affairs. State departments of education should adopt and promulgate digital security expectations and best practices for schools, provide technical assistance and resources to districts to support implementation, and conduct regular audits to ensure compliance.
Three Questions for Every School District About Their Student Data Security Practices
Every school district should be able to answer three very simple questions about their IT and student data security practices.
A Real and Present Student Data Privacy Threat
According to an alarming new study, school districts are routinely sharing individual student data about discipline with colleges as part of the admissions process, and colleges are in turn using that data to deny admissions to students. With no empirical evidence to support the practice, a lack of written policy, and demonstrable harm to students, this practice must cease.
