Safeguarding Students’ Personal Data In WiFi-Friendly Schools
This guest blog post is a part of our cyberSAFE blog series focusing on back-to-school security, privacy and identity topics. It comes from Alok Kapur, Chief Marketing & Customer Officer at PRIVATE WiFi, a personal VPN product that protects individuals while using laptops and other mobile devices on wireless Internet connections. An expert in the mobile security space, you can connect with him on Twitter and read his recent articles on PRIVATE WiFi’s Official Blog.
The Federal Communications Commission will spend $2 billion to give wireless access to 10 million kids, but are we short-changing our students’ collective cyber-safety rights?
After all, having students on open WiFi networks at school means that data is susceptible to attacks. And what happens to a teacher’s productivity if one student brings a virus from home onto the school’s wireless network? Has the FCC put a plan in place to encrypt student data and class assignments? Perhaps most worrisome is that WPA2 encryption is the only solution that is really viable right now, since nearly all the other standards can be broken into – but is the FCC explaining this or simply doling out the cash without further security advice?
Another worrisome issue is that the natural progression to the FCC’s funding will be the rise of bring-your-own-device (BYOD) policies for students. But unless students are encrypting their data with a VPN like PRIVATE WiFi, updating antivirus software, and using a firewall, BYOD trends are as risky as leaving their assigned lockers wide open – anyone can see their sensitive, personal details. No student would ever agree to openly reveal their online data, after all, but few students probably understand the privacy risks of WiFi.
And according to an Education Week article, the fallout from childhood identity theft might not be known for years. That’s cause for concern given the volume and scope of accidental data breaches in K-12 systems.
Indeed, the same article cites one case among many involving a school contractor who accidentally exposed the names, addresses, dates of birth, and full Social Security numbers of more than 18,000 Nashville Public Schools students; the sensitive information was available online for more than two months.
To avoid data security conflicts, wouldn’t it be better for school districts to maintain student wireless networks that are separate from teacher/administrator networks? If those involved in higher education (many of whom hold advanced degrees) can’t safeguard students’ most sensitive information, how can children in BYOD and WiFi-friendly school environments possibly stand a chance of protecting themselves? Let us know what you think on Twitter and Facebook, and be sure to check out our Tumblr for the latest industry news stories.