Set the Right Expectations When Communicating with Parents
Blanton identified a few key recommendations: purchasing a secure mass notification tool, potentially developing a custom app for the district and reinstating the district’s Facebook page. But the solution wasn’t just a technical one; it was human too. “Having the resources, both human and technical, to protect student data is paramount,” Blanton says. Marshalling policies and compliant behavior became a part of the district’s mission.
First up: defining the rules. The district did reopen its Facebook account, using the strongest security settings and posting an explicit policy stating posts with personal information, abusive language and falsehoods would be removed.
Districts can also turn to their most obvious skill: education. Making sure parents know the rules of devices meant to be used at home and school and understand how to minimize their own digital footprint where their children are concerned can help them follow best practices. “We’re building good cybercitizens on top of reading, writing and arithmetic,” says Sheryl Abshire, former CTO for Calcasieu Parish Public Schools in Louisiana. “But unfortunately, a lot of the online world is not understood nor inspected by parents.”
Forgetting to update contact information is one area where parents sometimes neglect their own cybercitizen responsibilities. It opens up security vulnerabilities, both in parents missing out on crucial communication and in releasing information to people it’s not intended for. “We had a school lockdown, and a phone message went out to parents,” Abshire says. “I got a call from someone who said, ‘I don’t have a child at that school, but I’m betting there’s someone who used to have this phone number who really wants to know this information.’”
READ MORE: Learn how K–12 schools are keeping student data safe with network security tools.
Put Security Tools in Place to Mitigate Risk
Parents are only one part of the communication stream. IT teams can help secure communication — external and otherwise — with a comprehensive security system. Secure infrastructure using systems that have a strong track record sets the stage. Symantec Endpoint Protection Cloud, Cisco and Pure Storage Flashstack, G Suite for Education and Microsoft for Education have led the way in tackling infrastructure challenges. Hyperconverged infrastructure can have a role here too, bringing with it ease of use.
Solutions that deliver full-spectrum protection should combine cloud-based multiengine sandboxing, anti-virus, anti-malware, content filtering, intrusion prevention and anti-spam services. Next-generation endpoint security adds protection, particularly when students are using devices both at school and home, as home networks may offer less protection than campus connections. Instituting a regular patching cadence alongside virtual patching programs can help ensure vulnerabilities don’t reach devices.
Once secure infrastructure and IT policies are in place, districts can look at unified mass communication tools that offer an all-in-one solution that limits the number of entry points for threats. Custom apps can offer tailored benefits to districts and put security in the hands of internal teams, but they may be cost-prohibitive. Clinton Public School District opted instead to purchase ParentSquare, a unified mass communication tool that is securely hosted in the cloud by Amazon Web Services. The app will be rolled out districtwide in the fall after an aggressive campaign to educate parents and employees on its uses.
“Parents have an expectation that the school district is trustworthy,” Abshire says. “We have digital information on their children — health information, children’s progress, assessments. We have a responsibility to build that trust. Communication is one place to do that.”