Simplified K-12 cybersecurity streamlines student data access
The correct mixture of communication, IT, and protection should now be at the root of all K-12 data systems
Remember when moving from one end of a state to another often meant changing phone numbers because the new residence would be in a different area code? And, after cell phones were born, remember when relocating across the country meant ditching a cell phone company, along with the number, because the new area of the country didn’t include the same coverage?
Chances are, if you are as old as I am, these scenarios do sound familiar. For most cell phone users, however, changing cell numbers just because you relocate is a foreign concept. A cell phone number becomes part of who we are, part of our contact identity, and, if we don’t want to, we never have to change cell numbers again.
Now, let’s apply this scenario to today’s school environment and student data. Huh? I know you’re thinking this analogy might be a stretch, but stay with me, and I promise this will all make sense.
In today’s schools, nearly all aspects of student data reside on IT systems in the K-12 ecosystem. From birthdates to medical records, from assessment scores to classroom assignments and everything in between, student data are housed on some type of electronic system. And the seamless use of that data through various technologies is paramount in ensuring a stellar educational experience for students and teachers.
When teachers and administrators need to bring in student data, protect that data, and adapt to unique needs among various stakeholders who need access to the data, often the amount of time between data entry and usage is so lengthy that end-user experiences only lead to frustration. IT staff are challenged with managing data for new enrollments, teachers, substitute teachers, and administrators, including automated tasks that span both cloud-based and on-premise systems, and the end result of the entire process often trickles down to provide a negative experience to the most important cogs in this wheel: our students.
I know I’m an idealist, but I envision a scenario in which students and employees who move between schools in the same state lose no data, lose no documents, no video projects, no graded assignments. And, they are not expected to download everything from their previous school’s cloud domain before they move to their new school. Wouldn’t that be a perfect world? Students log out of one network on Friday and safely log into a different network on Monday in their new school, and all of their records are visible and secure, immediately, without additional effort on the teacher’s part to “turn on” access to new materials.
I believe this ideal situation can be a real situation, and I think the time cannot come quickly enough.
One of the reasons this type of access to data is so important is because of school choice, particularly in Kentucky, my home state. Kentucky recently signed into law House Bill 563 (HB563), called the Nonresident Pupil Enrollment Policy, sometimes referred to as the No Boundary law.
Codified into the state’s revised statute, the Kentucky General Assembly announced that as of July 2022, Kentucky school districts must allow open enrollment of nonresident pupils without any contractual agreements, permissions, or discrimination, except when enrollment capacity is reached. Essentially, Kentucky students in any district and in any county can go to another district (assuming it’s not full) and the state’s funds and federal funds follow them.
The passing of Kentucky HB563, the state’s brand new stance on open enrollment, illustrates why school districts need to implement a cybersecurity system that works seamlessly outside of one specific district—and, as in my state’s case, all districts within its borders. Any open enrollment situation is a seemingly obvious case study for the need for easy integrations that focus on minimizing any impact on learning, regardless of where a student was enrolled the year previously. And open enrollment stands as a solid illustration of the potentially negative impact that cybersecurity and, more importantly, hands-on protection tools such as user authentication can have on a student’s experience.
All learners need an individual path to flourish. If the data that follows them down their educational path isn’t comprehensive or lacks details teachers need, delays or setbacks can result. And, unfortunately, that all-too-common lack of access to needed information for a particular student is an alarming hindrance. Retaining and accessing vital student data that teachers need immediately upon a new student’s enrollment is a process that screams for standardized methods.
Educators need student data now, and really, now is sometimes not soon enough. Slow, manual, untailored and unprotected methods of accessing student information should not be the status quo for districts. Without proper tools and ease of access to student data, educators face huge delays when they receive new students, and these delays are often a result of school electronic systems that do not “talk” to one another. Kentucky has done a great job through the years in standardizing many aspects of “talking” to other districts (e.g., state-mandated student information system), but I believe Kentucky, and all other states, can do more.
The correct mixture of communication, IT, and protection should now be at the root of all K-12 data systems. Through a more seamless transition, educators can remain vigilant on individual needs or interests of students and provide an enhanced learning experience tailored to every individual. Students moving between districts would do so with one digital identity: an identity that holds much more than information–an identity that holds promises for success.
In cybersecurity, balancing vigilance with access
How K-12 IT leaders can protect schools from ransomware