Student Privacy Who has access to your student data? Brainstorm 2019

Slides:



Advertisements
Similar presentations
How to protect yourself, your computer, and others on the internet
Advertisements

Welcome to the Computer Lab!. Welcome to the Computer Lab!
Safeguarding Data to Ensure Effective Data Use Paige Kowalski |Director| State Policy & Advocacy July 2014.
KHS iPad Day iHomeroom Wednesday, August 20, 2014.
Outcomes By the end of this session, participants will be able to:
Fullerton Joint Union High School District 9 th Annual Parent Leaders Welcome Back Meeting August 22, 2014 Google Apps for Education Information 1.
Tracking, Privacy, You & The 21 st Century When you talk online the internet listens.
RFC6520 defines SSL Heartbeats - What are they? 1. SSL Heartbeats are used to keep a connection alive without the need to constantly renegotiate the SSL.
Information Security 2013 Roadshow. Roadshow Outline  Why We Care About Information Security  Safe Computing Recognize a Secure Web Site (HTTPS) How.
Protecting your Family From the dark places on the Internet Going beyond the standard PC Filter, and dealing with the multiple devices that access the.
Welcome to Home Access Center (e-HAC) Our information lives will be better served when we are free to get to our information from wherever we are with.
9/10/2015 What’s New? Edline at Valley View!! Joyce Potempa Technology Department presentation to Building Support Staff February 2, 2010 Institute Day.
School Year.  Discuss User Agreement  Acceptable Use  Personal Responsibility  Network Etiquette  Understand Importance of Password Protection,
Information Security 2013 Roadshow. Roadshow Outline  Why We Care About Information Security  Safe Computing Recognize a Secure Web Site (HTTPS) How.
Parent Middle School Technology Meeting WEDNESDAY, 9/9/2015.
Technology Overview Kim Davis Coordinator of Technology Support Services.
Internet Safety & Security Tips for Parents Dorothy Grant Elementary School, April 2015.
Session # 1 Technology Liberty’s Parent University.
FERPA Basics From the University of Northern Iowa and Office of the Registrar.
Data Breach: How to Get Your Campus on the Front Page of the Chronicle?
Company LOGO Welcome to Home Access Center (e-HAC) Socorro Independent School District Rojas Rd El Paso, Texas Our information.
Infinite Campus Student Portal and App How to check your grades, assignments, and records using Infinite Campus.
St Bernadette RC Primary School WELCOME.
Beth Thomas Great Falls Public Schools. Describe and explain legalities and concerns of Internet Safety and “Terms of Use” Share possible solutions and.
ASBO Annual Conference Ocean City May WiFi Username: asbo WiFi Password: asbo2016.
CABARRUS COUNTY SCHOOLS INSTRUCTIONAL SCHOOL TECHNOLOGY.
Leitch Elementary School
BCSD Computer Resources for Students
Yazoo City Municipal School District Technology Department
Information Technology Acceptable Use An Overview
Technology and You!.
Free and Easy Ways to Start Securing Our Online Privacy
Data Collection and Reporting
17-18 Willmar Public Schools
SEAS Parent Technology Night
Online password manager By: Anthony diveronica
THES Digital Resources
How are Chromebooks used in the Classroom?
Google Apps for Creative Collaboration
BCSD Computer Resources for Students
Look at Me Now, Look at Me Now, I’m Leaving Paper!
Chromebooks and Cloud Computing
Education – Partnership – Solutions
Preserving your privacy
Technology: The mission of Ascension Parish School Board is “Every Child Successful in an Ever changing world.” Our world is almost completely reliant.
Cloud Connect Seamlessly
PSJA AUTOMATION WORKFLOW AND LESSONS LEARNED
Free Download of Microsoft SQL Server Farrokh Alemi, Ph.D.
Local AD, Azure AD, & Google Suite User Management
CHROMEBOOKs Are not Magic Teachers Are!
Tools & Tips for keeping your kids safe online
Richland 1 professional development
Digital Jackson Parent Night
21st Century Learning Spaces
Data Security and Privacy
SharePoint Online Authentication Patterns
Google Apps for Education
Managing and Monitoring Screen Time
One account for all your learning needs
Google Apps for Education
Please answer the poll below as you enter
Online Safety: Rights and Responsibilities
Data Security Awareness
Student Driven Digital Portfolios Introduction for Parents
What does that have to do with me?
Mokena School District 159 Strategic Plan Goal Update
FitnessGram® 2015 Student Information System (SIS) Extract Import Training for Georgia School Year.
Google Certification Module 2
Kickboard Introduction for Families
Protecting Student Data
Presentation transcript:

Student Privacy Who has access to your student data? Brainstorm 2019 https://goo.gl/nixYRs

Technology Coordinator since 2013 at the Sioux Center CSD About Me Technology Coordinator since 2013 at the Sioux Center CSD Previously taught MS and HS math and computer courses Previously worked as a DBA and MES Programmer Contact Info: brady.woudstra@scwarriors.org Slides URL: https://goo.gl/nixYRs

Averaging 50 new students per year for the last 5 years About Sioux Center CSD 1400 students 3 Tech Staff Averaging 50 new students per year for the last 5 years 1:1 with Chromebooks - TK-8th Grade, 10-12th Grade 1:1 with PCs - 9th Grade Just passed a bond for a new High School opening in Summer 2021 Slides URL: https://goo.gl/nixYRs

Why should we care about student data privacy? Privacy Pledges Agenda Why should we care about student data privacy? Privacy Pledges Data Loss Exposure Types Apps Using School Credentials Reports from G-Suite and Azure AD Helpful Tools Slides URL: https://goo.gl/nixYRs

The Wild Wild West for Apps and Privacy Can we get ahead of the curve? Should be care? What does FERPA or PPRA say? What does COPPA say? Slides URL: https://goo.gl/nixYRs

What are the risks? FTC: “Many school forms require personal and, sometimes, sensitive information. Find out how your child’s information is collected, used, stored, and thrown away. Your child’s personal information is protected by law. Asking schools and other organizations to safeguard your child’s information can help minimize your child’s risk of identity theft.” FERPA: Parent’s have a right to opt-out of 3rd party sharing that isn’t ‘Directory’ information. Javelin Research: More than 1 million minors were victims of identity theft in 2017. Open the links and talk about them Slides URL: https://goo.gl/nixYRs

Identify Theft of our Students & Families Personally Identifiable Data What are the risks? Identify Theft of our Students & Families Personally Identifiable Data Academic Data Health Data Ads and Usage Tracking (Longitudinal Data) Compare with healthcare industry Examples on academic data Examples on health data - health monitors Slides URL: https://goo.gl/nixYRs

Resources and Examples Common Sense Media Report College Board Data - $0.45/name Palo Alto HS - Infinite Campus breach CPAP Machine Denial (Ars Technica) NRP Health Data Compare with healthcare industry Examples on academic data Examples on health data - health monitors Slides URL: https://goo.gl/nixYRs

Alphabet (Google) Revenues - 86% from advertisements Compare with healthcare industry Examples on academic data Examples on health data - health monitors Slides URL: https://goo.gl/nixYRs

Existing Board Policies 409.1 - Media use by Staff 505.2 - Academic Records for Students 505.4 - Use of Directory Information 605.9 - Web Publishing Slides URL: https://goo.gl/nixYRs

Student Privacy Pledges Kid Safe Seal - https://www.kidsafeseal.com Other Resources: https://ferpasherpa.org/ https://studentprivacy.ed.gov/ https://privacy.a4l.org https://www.projunicorn.org/ Open the links and talk about them Not legally binding Slides URL: https://goo.gl/nixYRs

Who should deal with this? Who is reading the Terms of Service and EULA? Curriculum Directors Principals Tech Staff Always balancing CONVENIENCE and PRIVACY Slides URL: https://goo.gl/nixYRs

Our District Digital Data Loss Basic Exposure Types Low Probability Local Data Center Medium Probability Hosted Services (SIS, Accounting) High Probability Student Credentials Staff Credentials Apps Sell our Data Our datacenter holds backups of our old JMC and SUI software. IC has a lot of student/staff data. Including some SSN numbers. SUI has ALL our current and past staff member data. We use single sign-on which exposes us to some risk. Slides URL: https://goo.gl/nixYRs

Some of Our District’s Apps Google Services Microsoft Services IXL Study Island MobyMax Learning.com (EasyTech) A-Z Reading/RazKids Glogster WeVideo EpicBooks Infinite Campus NWEA MAPs SeeSaw Renaissance Learning (STAR and AR) Rosetta Stone EDUTyping SpheroEDU Summit Learning Cengage Aplia Canvas Destiny rSchoolToday Clever

Total Applications Using School Credentials Google Access (Android and Web Apps) API Access to Google Services/Data Gmail - 16 apps Drive - 118 apps Calendar - 8 apps Contacts - 41 apps Admin - 9 apps Apps Scripts - 34 apps Slides URL: https://goo.gl/nixYRs

Viewing OAuth Apps - G-Suite https://admin.google.com/scwarriors.org/AdminHome?hl=en#Reports:subtab=security https://admin.google.com/scwarriors.org/AdminHome?fral=1#SecuritySetting s:flyout=oauth2scopemanagement https://admin.google.com/scwarriors.org/AdminHome?fral=1#Oauth2ScopeM anagement:subtab=installed https://support.google.com/a/answer/2537800?hl=en https://support.google.com/accounts/answer/3466521?hl=en Slides URL: https://goo.gl/nixYRs

Viewing OAuth Apps - Azure AD https://portal.azure.com/#blade/Microsoft_AAD_IAM/StartboardApplicationsMenuBlade/AllApps/menuId/ https://portal.azure.com/#blade/Microsoft_AAD_IAM/StartboardApplications MenuBlade/Audit/menuId/ https://docs.microsoft.com/en-us/azure/active-directory/develop/quickstart- v1-remove-azure-ad-app Slides URL: https://goo.gl/nixYRs

Blocking Extensions & OAuth in G-Suite Chrome for Enterprise ADMX Packages Also available for macOS & Linux Admin Console Extensions API Access - KB Article Also has info for Mac & Linux Slides URL: https://goo.gl/nixYRs

Bark for Schools - https://www.bark.us/ IXL - www.ixl.com Examples Bark for Schools - https://www.bark.us/ IXL - www.ixl.com Assistant Devices - Alexa (Echo), Google Home, Siri, etc. Slides URL: https://goo.gl/nixYRs

Recommendation A - Ain’t Nobody Got Time for That #0 - Create a process for new software requests! Tech, Curriculum Director, Principal… #1 - If it involves student data, is it connected to a privacy pledge? #2 - Get parental approval

Recommendation B #0 - Create a process for new software requests! Tech, Curriculum Director, Principal… #1 - Assign SOMEONE to read EULA & ToS and approve all new software. #2 - Only enter first names into non-OAuth enabled sites that require usernames and passwords #3 - Get parent approval.

Recommendation C #0 - Create a process! Requests go Tech, Curriculum Director, Principal... #1 - Have multiple people read EULA & ToS (possibly your school lawyer). #2 - Confirm what information about a student is collected (assume it will be shared or sold). #3 - Get parental approval.

Recommendation C - Continued #4 - Student accounts should only contain First Name and Last Initial along with a Graduation Year or Birth Year or another random number. bradyw293@example.com #5 - Only enter first names into non-OAuth enabled sites that require usernames and passwords. #6 - Differentiate between tools that require a log on and tools that don’t. #7 - Free isn’t free. If it’s worth using, it’s worth paying for.

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com. Inc. All rights reserved.