School systems should follow data protection guidelines

September 19, 2012

The start of the school year calls for new beginnings, which is why many administrations have introduced cloud computing into their infrastructures. Although the cloud provides a source for data storage and protection, a new report shows that not every school is following the proper security measures.

According to a survey of 400 schools conducted by United Kingdom's Information Commissioner's Office (ICO), one in five establishments admitted that its email system is not secure, reported Ed Exec. Although the majority of institutions have a "generally good" awareness of data protection laws, it is important for administrators to follow security guidelines to protect confidential student information, and to avoid incurring a hefty fine. To educate school officials on this issue, the ICO released a report on regulatory compliance.

Password protection
Ninety-five percent of schools across nine areas in the UK admitted that they offer some information to students and their parents on how personal data is handled, which is one of the recommended steps to take, according to ICO.

Despite the effort to inform people on the use of private knowledge, many are still not implementing the proper password protections. According to the report, one third of respondents admitted that they do not employ strong passwords and do not change security codes on a regular basis. To avoid possible breaches, experts strongly urge the use of complex keys that combine both letters and numbers. Hackers will input simple codes like "abc123" or "password1" first in an attempt to bypass software and firewalls, according to Business Insider.

Steps toward security
The ICO said that in order for schools to comply with the Data Protection Act, organizations should not disclose personal information or images without the consent of a pupil and his or her parents.

Educational institutions should invest in protective software to keep data safe from hackers or unauthorized users, and draft policies that list the ways to properly handle the cloud. IT departments should also be trained to handle possible data breaches and monitor employee activities to ensure that cloud guidelines are being followed.

In order to modernize computer systems, many school systems are housing data to cut costs and keep data safe, but as the number of attacks increases, school systems should do more to ensure email and network security.

-McAfee Cloud Security