Thursday, October 3, 2019

October is Cyber-Security Month

FOR ALL STAFF
Technology staff is often asked about the actions we take to keep all of our systems and data safe in today’s ever-changing technology environment. While the technology department has a variety of different systems, firewalls, and security alerting and controls in place to keep our environment safe, research shows that users of these systems are just as important in keeping online systems and data safe. School data and systems are often targeted because of the large amounts of information schools are required to keep on their students.

To help keep our systems and data safe, please remember the following guidelines when working with district technology, online systems, and data:
  1. Do not share your passwords with anyone else and do not post/write them down near your computer or your desk or your computer as someone can easily find your post-it note, sheet of paper, or saved Google/Microsoft document. Please know that technology staff will NOT ask you for your password.
  2. Use strong passwords that include upper and lower case letters, numbers, and special characters and are 12 characters long at a minimum. 
  3. Do not include personal information and common words in your passwords.
  4. Be diligent in watching for phishing email scams where users are trying to get information from you such as usernames, passwords, banking information, social security numbers, etc. If you are ever unsure, please submit the information to us through a technology ticket. 
  5. Be aware of who you are sharing Google documents with. Staff Google accounts are all letters such as tweather@wbsd-schools.org and student accounts include three numbers such as hardejoh000@wbsd-schools.org. 
  6. When any Personally Identifiable Information (PII) such as student names, address, testing data, special education status, etc. is in a Google doc the information should only be shared with specific people and not shared with whole sites and/or with anyone with the link. Anyone with the link also includes students. 
  7. Staff should not be inputting student information or having students input information into online systems that are not set up by the district. If you have questions on this please reach out. The district is in the process of revising this process and more information will be shared in the future. 
In the next edition of The Highlighter, watch for more information on what you can do to help keep our systems and students safe, password requirements, and staff trainings around cybersecurity and data privacy. As always, if you are unsure if an email is a phishing attempt, have questions about cybersecurity and data privacy, etc. please submit a technology ticket and someone will respond.