Cybersecurity Best Practices In Nonprofit Charter Schools
By Matthew Eshleman, CTO, Community IT Innovators.
Cybersecurity in nonprofit charter schools is different from the mid-sized nonprofit IT networks that Community IT typically supports. Here are a few cybersecurity best practices for nonprofit charter schools that can help you keep your technology both accessible and safe.
- Students need easy access; make the access too difficult and participation will drop in ways fundamentally different from an employee-employer relationship.
- There is an incentive to simplify account access due to volume. But this can mean security suffers – a “standard” login or initial password is easily exploited.
- Students, parents, teachers, and administrators all need various levels of secure access to related accounts. Do not let convenience overrule privacy concerns.
- In addition to “generic” opportunistic financial hacking, guard against non-financial threats from without and within the online environment, such as sexual predators and classroom bullies.
- Online education presents additional challenges to novice users, whether students, parents, or staff – plan to offer extra help-desk support.
- Have a clear process in place for reviewing and approving new apps. It’s likely that needs will change during the semester, so allow teachers to request and manage applications and websites that are specific to their class. This will avoid insecure or poorly designed apps being installed, and reduce cybersecurity risks.
- Budget for loss and theft of devices, and understand that long-term budget planning can conflict with politics or suffer from frequent changes in decision makers.