Giving students a Chromebook, tablet or other digital device to take home lets them continue their learning online once the school day ends. But turning the traditional classroom into a 24/7 learning environment, where students learn partly online using a blended or flipped classroom model, creates challenges for school IT leaders tasked with safeguarding student privacy and information.

The flipped classroom model has turned the traditional classroom “into one without walls,” writes Alan Joch for EdTech Magazine. According to Sophia.org, 78 percent of teachers now use a flipped learning model of some kind. But every connection point to a school’s network or cloud-based education service is a potential security vulnerability.

To combat these potential vulnerabilities, Joch writes that K-12 leaders should consider investing in a “security as a service” solution, which offers “a practical way to access the latest security applications and expertise, all for a predictable monthly fee.” These solutions typically include central consoles for monitoring the latest security threats — as well as tools for setting up virtual LANs and encrypting sensitive data.

Trusted Learning Environment Seal

According to the Consortium for School Networking (CoSN), schools must have concrete policies in place to protect student data, and they must communicate those practices clearly to parents in order to earn their trust. In partnership with AASA, the School Superintendents Association, the Association of School Business Officials International (ASBO) and ASCD, CoSN has developed a new program that recognizes school systems for implementing student data privacy measures that meet high standards around five core areas: leadership, classroom, data security, business and professional development.

To meet these standards, CoSN recommends that school districts perform regular audits of their data security practices and publicly share the results of these efforts. They also should establish purchasing procedures that make sure their ed tech vendors are safeguarding student information. Schools meeting these requirements will be able to display the Trusted Learning Environment (TLE) Seal, signifying their commitment to protecting student privacy.

Keeping Software Updated

Another key aspect of keeping student data secure is making sure all devices have the latest software updates applied, says Amy McLaughlin, director of IT operations for the Oregon Department of Education.

“Old, unpatched systems are more vulnerable to security risks,” McLaughlin says. “And having the ability to shut down a device that is lost is also important. Make sure your students and teachers know who to contact if their device is lost, so you can remotely shut it down so somebody else isn’t using that device and its credentials to gain access to your network.”

Using a mobile device management solution allows school IT staff to push out updates to student devices from a central console and shut them down remotely, making it much easier to manage security. With Chromebooks, IT staff can do this through the Chrome management console.

User Education Is Most Important

According to McLaughlin, the most important aspect of data security is user education — and student privacy should begin with teaching students what it means to connect to a network and have a username and password. “I think the training and the education should come before the technology,” she says. “When we give students a username and password, we should be telling them to keep this information private and to change their password regularly. I’ve seen instances where teachers hand out a username and password to every child in the classroom, and every child’s password is the same — or it’s easy to guess based on the construct.” McLaughlin notes that students and teachers should also know that “when they walk away from a device, they need to lock their system so somebody else can’t access it using their credentials.”

McLaughlin concludes: “A lot of the things that schools should be doing are very simple. The technology part of data privacy and security is easy; it’s the human element that is most challenging. The earlier students can learn good digital citizenship and management, the better.”

Learn about more ways to ensure your students’ data is always kept safe and secure here.