Reach us at: (212) 334-6481

SAMPLE K-12 TECHNOLOGY PLAN

Don't even think about creating a technology plan before you see this!

Best Practices for Protecting Laptops & Mobile Devices

Secure Your Devices: Best Practices for Protecting Laptops, Tablets, and Mobile Devices

Have you ever wondered what would happen if a student’s or teacher’s sensitive data fell into the wrong hands? In today’s digital age, protecting this information is more important than ever. The NIST Cybersecurity Framework requires us to encrypt data both during transmission and while it’s stored. For New York schools, this means ensuring that all student data and teacher or principal Annual Professional Performance Review (APPR) data is encrypted at every stage. Today, we’ll dive into the specific encryption requirements for safeguarding these critical types of data.

Data at Rest

Data at rest refers to data stored on devices or in the cloud. To comply with encryption requirements:

Traditional Hardware

Modern operating systems on desktop computers, laptops, and servers typically encrypt hard drives automatically. The primary challenge lies in ensuring users do not save files to unencrypted boot volumes or disable encryption.

Mobile Devices

Encryption for mobile devices like Chromebooks, tablets, and cell phones has been standard since iOS 3.0 and Android 4.0. The key here is user education: ensuring encryption settings remain enabled and discouraging the sharing of devices containing sensitive data.

Cloud Services

Cloud storage must be encrypted, with access protected by multi-factor authentication (MFA). Educational agencies must ensure their contracts with service providers include data protection agreements (DPA) that mandate encryption. Data can be stored across various platforms, including:

  • Google Suite (Gmail, Google Drive, etc.)
  • Office 365 (Outlook, OneDrive, etc.)
  • EduTech Apps (Blackboard, Kahoot!, etc.)
  • Storage Solutions (Barracuda, Cohesity, etc.)
  • Social Media Platforms (Facebook, Instagram, etc.)

Data in Transit

Data in transit encompasses data moving across networks or the Internet. Encryption is required for all data movements. Agencies must select suitable encrypted communication products and ensure their use for transmitting confidential information. Examples include:

  • Parent Communication: ClassDojo, ParentSquare, Procare
  • Teacher/Staff and Student Communication: Bloomz, Remind
  • Third-Party Contractor Communication: Gmail, Outlook, Virtru, Zix Mail
  • Special Education Communication: Ed Plan, Embrace, Frontline

Unencrypted data, or data in clear text, is highly vulnerable to theft. Ensuring encryption at all stages of data movement and storage is essential to prevent unauthorized access and data breaches.

Data Protection Cheat Sheet

Data Category Encryption Requirement Key Considerations
Data at Rest Encrypted hard/flash drive, server, or cloud Ensure user compliance, disable unencrypted boot volumes, avoid turning off encryption settings
Mobile Devices Standard encryption on iOS and Android Educate users on maintaining encryption and not sharing devices
Cloud Services Encrypted storage with MFA Verify third-party encryption, include DPA in contracts, enforce least privilege access
Data in Transit Encrypted during transfer Use encrypted communication tools, ensure encryption for all data movements, both internal and over the Internet

Next Steps

Ensuring the security of student and teacher data is a complex but essential task. IKON Edutech Group specializes in providing tailored solutions to enhance data security in educational settings.

CONTACT US to learn more about how we can help you protect your data and comply with NIST Cybersecurity Framework requirements.