Learn From Other's Experience

Directions

Pick ONE video to watch.
Watch the video.
In the chat, share the link to the video you watched. Then, share your thoughts about the situation. How would YOU have handled it differently?

Doug Levin has been tracking the publicly disclosed K–12 incidents on a color-coded map on his website, edtechstrategies.com. His sources include media reports, DataBreaches.net and the Privacy Rights Clearinghouse.

Some cyber incidents at U.S. K–12 schools that Levin has tracked include

phishing attacks that procure personal data;
ransomware attacks;
denial-of-service attacks;
“other unauthorized disclosures, breaches or hacks” that disclose personal information; and
other cyber incidents that have caused school disruptions or closures. (Source: THE Journal)

Reflect - What's YOUR Cybersafety & CyberSecurity Response Plan?

Below, please find a variety of scenarios that detail actual events that took place in K-12 schools or districts.

Share YOUR response to a scenario. Your 3-5 minute response may take the form of a short video presentation (short! 3 minutes max).

Note: Instead of speaking into the camera, you can also make your own screencast and upload it. Supported video formats include MP4, MOV and WEBM video formats. Maximum file size is 250MB.

Turn In Your Response

Safeguarding Sensitive Data

A sample presentation addressing a scenario. Feel free to add your own twist.

Scenarios for Assignment

Respond to one of the scenarios below via Flipgrid or view a news story appropriate for K-12 education.

Scenario #1: Teacher Password

A teacher has written down his login information to the new student information system on a sticky note and put it on his desk. While he is gone, a couple of students discover the note. They then use the teacher’s login to access the system after hours and change students’ grades. Additionally, since the teacher used the same password on other internal systems, the students were also able to access other systems with sensitive employee data, including Social Security numbers and other private information.

Did You Know?

Passwords are growing increasingly complex and difficult to make secure. Encourage users to develop secure passwords they can remember. Also, use a password keeper (e.g. Keepass, LastPass, Dashlane). Learn more here.

Scenario #2 - External Drive

“John,” began Liz, the PEIMS Data Clerk at the high school. Tears started to stream down her face. “I saved some work out of iTCCS to take home and analyze last night onto my USB drive. This morning, when I went to pick up my coffee from Starbucks, I think it fell out of my purse while I was paying. I can’t find it and I’ve looked everywhere.”

Liz paused then said, “I had the entire freshman class’ data on in an encrypted file. What do I do?”

Did You Know?

USB drives are an interesting attack vector. Better to encrypt any data before you place it on a USB drive. Also, be aware of picking up "stranger" USB drives. Learn more here.

Scenario #3 - Emailed File

When Melodie, an elementary school principal, opened her email on her phone, she saw that Jake had sent her the Excel spreadsheet with student names, IDs, addresses and much more for her campus. She quickly opened the file in her phone’s Excel viewer. She ignored that a copy of the file was saved somewhere on her phone. Satisfied she had received the correct information, she forwarded the email with attachment to her secretary to begin processing for the mail merge to send custom flyers to parents.

Learn more about recent phishing scams involving IRS and Schools

Did You Know?

A company, KnowB4, provides phishing protection for schools. Other companies provide Google Suites and Microsoft Office 365 protection. Learn more here.

Scenario #4 - Open workstation

Mark, a Middle School counselor, has been working all morning on several spreadsheets, combining assessment data and student personally information to facilitate some informational and intervention reports. He is called to the principal’s office for a discipline concern.

To ensure that everything stays just the way it is on his computer, he walks away without logging out or locking his screen. A few minutes later, the school secretary encourages two students to wait in Mark’s office for his return. The two students notice the open screen and begin to smile.

Did You Know?

Want to lock your computer? On Windows, press the WindowsFlag key (left side of your keyboard) AND the "L" key on your keyboard. On Mac, press simultaneously press the following keys: Control + Shift + Eject. Learn more here.

Scenario #5 - Paper

“I just need a quick print-out so I have something I can reference in my hand,” Jill exclaimed. As Darlene printed out the report from iTCCS, she promised to put the document in Dropbox so Jill could get to it more easily. Jill dropped the sheaf of papers into her briefcase and ran out the door.

“Maybe,” she thought to herself, “I’ll have time to stop at HEB on the way home tonight, get a good night’s sleep so I’ll be fresh for this data presentation tomorrow morning.” She looked at her briefcase, carefully locking it in the trunk and casually throwing a blanket on top of it, just in case.

Source: Insurance Information Institute, 2017

Did You Know?

Are you wondering about an easy way to encrypt data in cloud storage locations like Dropbox, OneDrive, and Google Drive? There are a variety of solutions. Also, some prefer to store all confidential data in an encrypted cloud space (OneHub). Learn more here.

Google Sites

Report abuse