In last week’s installment, we introduced the concept of the digital divide and the first steps you should take towards improving equitable technology access within your district; (1) providing consistent, reliable internet connectivity throughout your schools, and (2) ensuring HMTL5 compatibility across all devices through an access management platform.
In this post, we’ll discuss how to strike a successful balance between securing your users’ personally identifiable information and providing them with unimpeded access to their applications and other digital academic tools, at any time from anywhere.
Personally identifiable information (PII) is any data that can be used to identify, contact, or locate an individual, either by itself or combined with other easily accessible sources. As you know, schools collect and distribute a wealth of PII from users in order to provision accounts for academic resources, making districts an ideal target for online criminals who use the information to commit identity theft or blackmail. One of the most common ways PII is unlawfully accessed is through compromising student and even teacher accounts—an all too likely reality if you’re only requiring usernames and passwords for remote login.
So, how do we enable school districts to be nimble enough to provide technology and the associated automation at the classroom level, without risking PII exposure? From a security standpoint, districts need to control how users access data through a combination of safeguards:
Multi-factor authentication (MFA) is a method of confirming a user’s identity where two or more pieces of evidence (factors) are presented at login; typically a combination of something the user knows such as a password or answer to a security question, and something the user has such as a QR code badge or one-time use code. MFA is an effective, convenient approach for protecting user accounts, as its highly unlikely an online criminal would have access to more than one authenticating factor.
Some digital tools only need to be accessed while inside your district’s offices or schools. Location-awareness allows you restrict specific resource use to certain geographic locations you designate. This capability can also be used to add an authentication steps to resources that you do want to be accessible outside district boundaries, but with an extra layer of security.
Logging & Auditing Tools
Recording not only when individuals login, but also what particular resources they use, can provide valuable insight into what PII has been compromised in the event of an incident. Logs of administrative activity offer an equally valuable overview into what data has been viewed and/or edited by backend system users.
When it comes to protecting your staff and students’ PIII, a one-fits-all approach simply won’t cut it. In order to close the digital divide in your district rather than widen it, your security policies need to be based on based on users’ unique attributes. For further insight into balancing accessibility with security, be sure to check out our discussion with Enboard President and CTO Michael Knight.
Districts large and small depend on Enboard to make it safe, easy and efficient to affordably deliver nearly limitless digital tools and resources to students, teachers and staff in any location, on any device, with a single logon. Find out how at enboard.com.