Skip to Content

Cybersecurity & Standards, Equity in Civic Technology, Privacy & Data

Cybersecurity Best Practices Can Help School Staff Safeguard Student Data

This training module is part of a series of trainings from CDT on student privacy protection. Check out our first training module here, or view our full training catalogue on Thinkific here.

Teachers and administrators in schools and districts often have access to substantial amounts of sensitive data about students and their families. Consequently, they play an important part in protecting students by ensuring that their data stays safe and sound. However, school staff and faculty don’t always have the cybersecurity knowledge they need to take on the role of data protectors, which puts students at risk. 

For instance, when administrators click on links in phishing emails, they can accidentally introduce malware that can shut down school systems or expose student data, leading to loss of instructional time, theft of students’s identities, and loss of trust between schools and communities, among other harms. Incidents like these can be harmful to students, disrupt school operations, and eat up school resources.

Fortunately, cybersecurity is not a new field, and school staff can follow some basic cybersecurity best practices that will help them safeguard students. To help teachers and administrators get up to speed with these steps, CDT has written a Cybersecurity 101 training directed at staff working in the K-12 space. The training aims to provide actionable advice that teachers can use day-to-day. 

For instance, spotting phishing emails gets easier if users know what they are looking for. Attackers will often try to impart a sense of urgency in phishing emails to pressure the target into acting on the email before they have a chance to realize that something doesn’t seem quite right. If school staff are aware of these red flags, they can respond to an urgent or pushy email by taking a moment to review, or calling the sender to make sure the email is legitimate.

The training also discusses best practices for things like keeping accounts secure (multi-factor authentication can help protect accounts even if the password is stolen), protecting virtual meetings from disruption (waiting rooms and passwords can help keep students safe), keeping systems safe (keeping software up to date ensures users always have the latest security improvements), and more.

We believe that when teachers and staff have basic cybersecurity knowledge to safely manage the data and technology they use, they are better equipped to protect students and the school community at large. This training is the first in a series that will help K-12 practitioners build up that knowledge base, leading to better protections for students and schools.

The materials are available in an interactive online training module*, which features downloadable slides, narrated audio recordings, review quizzes to test comprehension, and additional resources. The training is also available as a standalone video, slide deck, and review worksheet.

Practitioner training is an essential part of responsible technology and data use, now more than ever. In light of today’s turbulent educational context, an understanding of these privacy protection principles will ensure that algorithmic systems are leveraged safely and responsibly.

*Note: The interactive training module is hosted by Thinkific, and is compatible with Chrome, Firefox, Safari, and Microsoft Edge. Users of Internet Explorer or other browsers can access the same material through our video and slides content, included below.

Button module: