Independent and Private Schools Address Unique Cybersecurity Threats


The more than 30,000 private and independent K–12 schools in the U.S. vary widely in size and budget. While some use government programs such as E-rate to fund technology, they predominantly rely on tuition and donations from alumni, nonprofit organizations, foundations and corporations.

RELATED: Schools can use E-rate funds to boost cybersecurity.

Some independent and private schools can afford only one staff member to manage IT and educational technology for the whole school. Others, with deeper pockets, may have ample funds to hire a big IT team and deploy state-of-the-art technology and cybersecurity, says Ashley Cross, senior director of education and content at the Association of Technology Leaders in Independent Schools (ATLIS).

Independent and private schools face unique cybersecurity challenges because if their data is breached, they can suffer reputational damage, which could affect future enrollment, she says.

“Independent schools retain student records, but they also stay in touch with alumni for community building and donor relations,” Cross says. “So, they have to think about the lifetime records of constituents, which is a very different challenge than for public schools.”

Furthermore, independent schools with international students also have to adhere to other countries’ data privacy laws, such as the European Union’s General Data Protection Regulation, she says.

Private School Takes a Comprehensive Approach to Cybersecurity

Valerio, a cybersecurity architect and ethical hacker, does consulting work with private, independent and public schools to assess their cybersecurity posture. One big issue he sees is a lack of IT training.

Schools install data center hardware, but some don’t invest in professional development to ensure IT administrators know how to maintain the equipment. Some schools do not regularly install the latest firmware or software patches. He recommends that they do, but when he checks with them months later, many still haven’t done so.

LEARN MORE: How automated patch management supports K–12 cybersecurity.

“The problem is, when they get hacked, it’s too late,” he says.

At Westminster Christian School, Valerio practices what he preaches. He gets the budget he needs from the CFO and invests in security training and tools to develop the processes and procedures needed to protect the school’s IT infrastructure and data.


Source link

Scroll to Top