Data Privacy & Security Service
Issue 11
WHAT DO CYBER PROFESSIONALS TEACH CHILDREN ABOUT SECURITY
Authored by Amy Burnis, Senior Manager of Marketing Communications at CyberArk, the global leader in privi- leged account security (continued )
· Responsibility : A laptop with an Internet connection provides a lot of power to an individual. It can be used for great projects or mal- ice. As the saying goes, “With great power comes great responsibility.” This is a foundational concept—a philosophy—we all strive to be responsible citizens, adults, parents, etc. I suppose the goal is to teach children to consider the options they have in any given situation. Encourage them to ask questions to more fully understand the consequences of their actions and the identities of those with whom they interact. It’s important to remind them not to be so trusting as people are not always who they appear to be online. Interestingly, in most states in the U.S., teenagers have to take driver’s education often either privately or at school as they learn how to drive. They practice driving many hours with adults before they take an exam. With technology, we just hand it over. Increasingly, at a younger age. Food for thought. COMPTROLLER’S CORNER Employees did not comply with the District’s acceptable use policy. Controls over the collection, transmission and storage of personal, private and sensitive infor- mation (PPSI) have not been developed. Employees and staff were not provided formal Cybersecurity awareness training, which could com- promise District assets and security. Recommendations to address these issues were provided. The auditors recommended the district implement the following measures: Review and monitor employee computer use to ensure compliance with the District’s Acceptable use policy Inventory, classify and develop controls over PPSI maintained and collected by the District. (The DPSS Inventory Tool can address this type of issue) Ensure employees receive formal IT cybersecurity training on an on-going basis that reflects current risks identified by the IT community. The Florida Union Free School District was audited last November 2017. The key findings of the report focused on data privacy and security issues, including the following items:
Digital Debrief– Interview with the New York State Office of the Comptroller
An interview was held with Randy Partridge, Chief of the Applied Technology Unit in the Division of Local School Accountability with the NYS Office of the Comptroller. Mr. Partridge assists regional offices across the state with information technology audits. He also explains how to navigate the website for the Office of the NYS Comptroller. Direct Link : https://ensemble.lhric.org/Watch/NYS_Office_of_Comptroller
Please use this link to access the full Report of Examination for the Florida School District: http://www.osc.state.ny.us/localgov/audits/ schools/2017/florida.pdf
Additional Resources
The National Cyberwatch Center designed an Information Security curricula to support the growth of cybersecurity ed- ucation nationally. Use this link to view their curriculum guide and access addi- tional resources: https://www.nationalcyberwatch.org/programs-resources/ curriculum/
5 Tips to Protect PII in Schools
1. Understand that Privacy is Ongoing 2. Develop Basic Data Governance Best Practices 3. Identify What PII Is and Know the Exceptions 4. Lay the Groundwork for Compliance with Teachers 5. Build Policies Around Digital Citizenship
To read the full article from click this link .
4
Made with FlippingBook - Online Brochure Maker