Over the past few years, I have been struggling to find the easiest solution possible to implement when it comes to security. Did you know that Texas Safe Harbor Law protects organizations who lose confidential information that is encrypted, or “locked with encryption?”
Read more about this at the end of the blog entry.
A WORKING SOLUTION THAT IS SIMPLE
So far, this is what I’ve come up with for schools and/or individuals to use on Windows, Macintosh and Linux computers, as well as Android devices:
- Encrypt email messages, take advantage of Fourmilab’s web page on your own computer or server to encrypt text messages. Use secure passwords. (Works on Win, Mac, Linux, Android, iOS). Use Lavabit.com as your email provider (rather than Gmail, Yahoo) since they encrypt your messages using your password.
- For files/folders, take advantage of Secure Space Encryptor (SSE) tool. (Works on Win, Mac, Linux, Android)
- Protect your passwords, KeepassX. (Works on Win, Mac, Linux, Android, iOS)
- Browser add-ons to install to “protect” what shreds of privacy remain:
- AdBlock for Firefox/Chrome – Blocks banners, pop-ups and video ads – even on Facebook and YouTube and Protects your online privacy
- Facebook is notified whenever you visit one of the more than one million sites on the web that use Facebook Connect and has a history of leaking personally-identifiable information to third parties. This turns off data flow.
- Priv3 for Firefox – The Priv3 Firefox extension lets you remain logged in to the social networking sites you use and still browse the web, knowing that those third-party sites only learn where you go on the web when you want them to. All this happens transparently, without the need to maintain any filters. Priv3 is free to use for anyone.
- Ghostery – Ghostery looks for third-party page elements (or “trackers”) on the web pages you visit and notifies you that these things are present, and which companies operate them. If you wish, choose to block the trackers they operate.
- Do Not Track Plus, and for fun,
- HTTPS Everywhere
If we rely on a simple lock/unlock scenario, here’s what it might look like:
|Lock/Unlock Your Files
The video tutorials are intended for use in a school district as a way of securing confidential information.
Please note that there are many other tools that can be used to get the job done. The ones pictured above are the easiest and most versatile I have found of those available.
Did you know that students in Grades 6-8, and by extension all educators in Texas, are expected to practice safe and appropriate online behavior, personal security guidelines, digital identity, digital etiquette, and acceptable use of technology; and understand the negative impact of inappropriate technology use, including online bullying and harassment, hacking, intentional virus setting, invasion of privacy, and piracy such as software, music, video, and other media (Source: TEKS Chapter 126; 5 C-D)?
Personal security guidelines, preventing hacking are key aspects of digital citizenship and are addressed by learning how to better safeguard confidential data. Doing so can prevent data security breaches that can be embarrassing to school Districts.
Why Secure Data?
A data security breach occurs any time there is unauthorized access to school district data, including FERPA data. Lost laptops are the main cause of data breaches.
- Ensuring that your information remains confidential and only those who should access that information, can
- Knowing that no one has been able to change your information, so you can depend on its accuracy (information integrity)
- Making sure that your information is available when you need it (by making back-up copies and, if appropriate, storing the back-up copies off-site)
To accomplish this, you need to secure, not only physical copies of the data (e.g. print-outs in locked file cabinets) but also encrypt digital copies of that data.
Consequences of NOT Securing Data
- Direct costs are incurred by school districts for having to notify individuals whose confidential data has been compromised, as well as notify credit agencies.
- The cost of paying for credit protection for individuals affected.
- The school district may suffer damage to reputation.
- Staff may be disciplined or terminated depending on the severity of the data breach.
- Statistics show that as many as one in ten laptops will be stolen or lost from an organization over the lifetime of each computer.
- 86% of security practitioners report that someone in their organization has had a laptop lost or stolen.
- 56% report that it resulted in a data breach.
- Encryption of data stops cyber criminals from stealing data on laptops.