The summer is officially over, and children are back to school! Whether you are at work or left home alone, you are probably feeling a mixture of relief and sadness. Even though you always keep them in mind, your precious bundles of joy are now away from you for the most of the day.
Children spend more time in front of the little screens than ever. We are sure that you’ve given them plenty of pieces of advice on how to stay safe in both the real world and the online one. You most likely already have full control over their digital life and have installed parental control software on their connected devices. However, sometimes the children are not the only ones who need some cybersecurity education, the school employees may need some guidance too. Even if you are one of the lucky parents who send their children to schools that ban the use of smartphones on learning grounds, there are a few questions concerning the safety of your children that you should raise next time you speak with the school administration.
What information do schools keep on your children and who has access to it?
The school system stores a lot of information about your children. It often includes standard directory information such as names, addresses, and phone numbers as well as more sensitive data such as SSN and DOB. All information is generally protected by the federal Family Educational Rights and Privacy Act (FERPA). However, many educational institutions sometimes grant access to such information to school employees who do not need it but can take advantage of it. It’s always worth asking the question!
What happens if the school becomes a target of a ransomware attack?
Educational institutions are targets of hacker attacks all the time. Sometimes the attackers request a ransom. Asking what would the procedure be if your children personal details get stolen is a must. Knowing more about what does the school do to prevent such attacks is also a good question. Educational entities are often underfunded and do not have the resources to take good care of their students’ cybersecurity needs. Knowing more about such procedures must be on your checklist every time you choose a school.
How often do children and school employees change passwords?
Following the right procedures for password maintenance is a must for educational entities that store such sensitive information and must be implemented on both students and employees. The last thing you want is for hackers to steal the identity of innocent children and ruin their lives before they even have a chance to defend themselves. SSNs generally never change so the information taken now might be used 5-10 years from now when the children become adults. Best practices say that passwords should never be reused and they must be changed every three months.
What data is kept after students and employees leave the school?
Educational entities are supposed to deactivate the accounts of former students and employees. However, this is not always the case as it is known that some accounts are often overlooked and left active for years. The IT departments either do it by mistake or do the students/employees a favor so they can continue taking advantage of the educational benefits – as you know some services, including Apple Music, provide discounts through educational email verification. Such unmonitored accounts could sometimes be used by hackers to get into the internal systems of educational institutions.
What steps does your school administration do to prevent school cyberbullying?
The fight against cyberbullying, access to inappropriate websites, online predators and dangerous games such as the Blue Whale Challenge starts at school – proper cybersecurity education would help both students and employees. Students will know how to not only protect themselves but also report inappropriate behavior, and pedagogues will increase their knowledge in spotting disturbing actions. This is questions that need to be discussed on a regular basis as technology trends change all the time and staying up-to-date is not an easy task, especially in underfunded and underperforming schools.
For some of the questions, there is not a right answer, nor a wrong one. However, raising the topics is vital as it will encourage educational institutions to always be on top of their game, and will give you the peace of mind you need.
The post Five school cybersecurity questions you should ask on your next parent-teacher conference appeared first on Panda Security Mediacenter.