Posted on 29 January 2021

Data Privacy Day 2021: 5 steps to protecting privacy in schools and academies

Contact us

Schools and academies handle an incredible amount of personal data. Whether it’s student names and addresses, photos, medical information or data on teachers and governors – keeping all of this information safe is imperative.

Data Privacy Day is a great time for you to review the security measures you have in place. We’ve put together a list of 5 considerations to help you do just that:

1. Long and strong passwords

By using hard to guess passwords and implementing good password hygiene, you can help to protect data privacy. Infuse have put together a guide of how to create a strong password here! An additional measure academies could also use is implementing multi-factor authentication on their devices, this ensures an extra layer of protection if passwords are compromised and safeguards against hackers.

2. Encryption of personal data

Data encryption is the process of translating data into code so hackers can’t view or access your information, tools like Microsoft BitLocker make this easy. It’s an ideal safeguarding measure to keep your private data safe. With more of us working remotely, it is harder for organisations to keep track of how data is being accessed and stored. Employers should also encourage their staff to use secure Wi-Fi networks to access data to prevent cyber-criminals viewing information and potentially infecting devices with malware.

3. Limiting access to personal information

By only granting staff access privileges who require access, this also helps towards protecting your data. If all employees have the same level of access, it  makes it easier for hackers to infiltrate your systems and makes you more susceptible to user error. By implementing role-based access you can ensure that only authorised staff have access to sensitive information.

4. Storage devices

USBs and other removable storage devices such as SD cards require serious consideration. Whilst they can be great for extra storage, they can also easily fall into the wrong hands and be accessed by unauthorised users. If you must use these to store personal information, we recommend ensuring that they are fully encrypted and password protected to keep your data safe.

5. Erasing data off old tech

Whether it’s an old hard drive or laptop, correctly disposing of old devices and hardware is imperative when it comes to protecting your data. Simply deleting files isn’t enough, hackers are growing more sophisticated in their approach and can easily retrieve passwords and other personal information that is usually stored on devices. Schools and academies should have their own data disposal policies in place, if you’re unsure, it’s always best to check with your IT department before scrapping your old device to ensure all data has been deleted and can’t be retrieved.

Did you know…

Infuse offer security audits and services tailored specifically for schools and  academies. We take an in-depth look at your systems, processes and current security strategy to provide you with the latest advice adhering to government guidelines and regulations. For more information click here or get in touch at [email protected] and a member of our team will be in touch!