As we continue intertwining technology with daily life, data collection has become the norm. An unintentional, and often dangerous, side-effect of the massive amount of data collection is an increase in data breaches.
The Cost of Data Loss
If you’ve been paying attention to the news in recent years, everyone from Target to Uber has suffered from attacks on data, costing companies millions. In fact, the cost of data breaches is estimated to exceed $150 million by 2020 in North America alone.
Perhaps the largest and most well-known is the 2017 breach of the financial and credit reporting agency Equifax, where over 143 million records were stolen. That’s about half of the adult population of the United States in case you were wondering. In addition to Equifax taking some massive fourth-quarter earnings hits in response, it is estimated that it will cost the company about $225 per account.
Think that is bad? The education sector fares worse. Researchers involved with a study conducted by the Ponemon Institute concluded that in the United States, the cost per compromised education record is $245--$20 more than the average cost across non-education sectors.
Data Security in Schools
A recent report from the Center for Data Innovation stated that 93 percent of teachers are using digital tools on a regular basis, leading to the need to increase school data security.
Data collection doesn’t stop at curriculum. Schools are required to store and maintain sensitive data on students and employees, including addresses, phone numbers, race, gender, and in some cases, social security numbers—all of which are dollar signs in the eyes of malicious hackers.
In 2016, the U.S. education sector was in sixth place among the total number of security breaches. In the first half of 2017, data breaches in the education sector were up 103 percent. Studies also show that education organizations have a slower reaction time (over 50 days!) in the identification and containing a breach when compared to financial and health sectors. With the increase in breaches throughout all sectors, school data security should be a top priority.
Although data collection may be used to help improve curriculum, the substantial amount of data collected increases the risk of K-12 data loss.
Data Security Responsibility
Data security in schools is an ever-increasing responsibility, but where does the responsibility lie?
The first step in increasing data security in schools is realizing that an attack can come from anywhere. There are reported cases of students launching DDoS attacks, hackers stealing or changing students test results or grades, and even disgruntled former employees deleting entire catalogs of records.
Since K-12 data security is regulated at a state and local level, the burden of security lands on districts with budgets that are already stretched thin. One possible solution would be transferring to cloud-based services, with proper oversight, can provide better K-12 data security, when compared to in-house management, due to much of the security burden falling on vendors who are better equipped to monitor and respond to such attacks.