Like Moths to a Flame: Unsecured Networks,Tech-Savvy Students,and District Policy

Abstract

School systems collect and maintain increasingly significant amounts of data and information on students, faculty, and staff and have a duty of care to ensure that sensitive information remains secure. Therefore, sitting and/or aspiring school leaders need to develop at least a basic understanding of data privacy and information security considerations. In this case, students discover a way to log in to internal district information systems and gain access to sensitive school and district data and information. School and district leaders are faced with the challenge of how to respond to such an information security breach and how to discipline the students. This case should cause sitting and/or aspiring school leaders to think deeply about and examine technology policies, information security protocols, as well as related school discipline policies.

Keywords

information security policy technology legal issues discipline

Get full access to this article

View all access options for this article.

References

Consortium for School Networking. (2013). Rethinking acceptable use policies to enable digital learning: A guide for school districts. https://www.cosn.org/sites/default/files/pdf/Revised%20AUP%20March%202013_final.pdf

Consortium for School Networking. (2017). 2017 Cybersecurity rubric. https://cosn.org/sites/default/files/2017%20Cybersecurity%20rubric.pdf

Consortium for School Networking. (2018). K-12 IT Leadership Survey report. https://cosn.org/sites/default/files/final%20IT%20Leadership%202018.pdf

Consortium for School Networking. (n.d.). District security self-assessment checklist. https://www.k12blueprint.com/sites/default/files/Self-Assessment-Checklist.pdf

Council of the Great City Schools. (2017). Cyber-security in today’s K-12 environment. https://www.cgcs.org/cms/lib/DC00001581/Centricity/domain/35/publication%20docs/CGCS%20Cyber-Security%20Report%20FINAL.pdf

Education Networks of America. (2016). Education network security in a hyperconnected world. https://www.ena.com/resources/education-network-security-hyperconnected-world/

Levin

(2018). K-12 cybersecurity 2018 year in review—Part III: Cyber incidents. https://k12cybersecure.com/year-in-review/2018-incidents/

Levin

(n.d.). K-12 cyber incident map. https://k12cybersecure.com/map/

National Conference of State Legislatures. (2018). Security breach notification laws. http://www.ncsl.org/research/telecommunications-and-information-technology/security-breach-notification-laws.aspx

10.

National Institute of Standards and Technology. (2018). Framework for improving critical infrastructure cybersecurity. https://www.nist.gov/cyberframework

11.

U.S. Department of Education. (n.d.-a). Data breach response training kit. Protecting Student Privacy. https://studentprivacy.ed.gov/resources/data-breach-response-training-kit

12.

U.S. Department of Education. (n.d.-b). Security best practices. Protecting Student Privacy. https://studentprivacy.ed.gov/topic/security-best-practices

13.

Von Solms

Van Niekerk

(2013). From information security to cyber security. Computers & Security, 38, 97–102.