Protecting Student Information
National/State Efforts
Google's K-12 Cybersecurity Guide
Safeguard Your Data
Secure Passwords
Multi-Factor Authentication
Authenticator Apps
Encryption: Text and File
Sending Files to Others
Backup Your Data
Recover Lost Data
Make Your Data Unrecoverable
Safeguarding Your Internet Browsing
Online Courses to Deepen Your Understanding
The Texas Education Agency is working to provide funding for anti-malicious activities. That is, the Texas Legislature approved funding to provide cybersecurity resources to schools through the K-12 Cybersecurity Initiative.
Secure Our World. Learn how to protect your family. K-12 Cybersecurity resources are also available.
Texas School Safety Center. This website offers cyberthreat workshops via Zoom. Sessions on cyber threats and school safety are available to school district personnel.
SchoolSafety.gov. This federal government website offers cyber safety considerations for K-12 schools and districts. It highlights resources for stopping phishing and ransomware, as well as other threats.
Cybersecurity for Students via NICCS. For high school students, explore what classes to take. Also explore CyberSecurityEducation and CyberDegrees.
Office of Educational Technology. See this list of resources for K-12 school districts and higher education institutions.
Google's guide highlights these problems...
100 million phishing attempts blocked by Gmail daily
300,000 unsafe websites identified by Google
46% of ransomware attacks are harder to stop due to sophistication
38% of organizations expect to be targeted (source)
...and offers solutions and suggestions:
Using secure authentication to protect sensitive information
Strong passwords and two-step verification (or multi-factor authentication), passkeys, and password managers
Put in place zero trust principles to restrict access to those who need it
Update and upgrade systems (including Chromebooks)
Rely on real-time alert and monitoring systems for devices on the school network
Protect against inappropriate account logins, file sharing, phishing, malware, and other threats
Provide training to teachers, staff, and students
"Not only have these attacks disrupted school operations, but they also have impacted students, their families, teachers, and administrators.
Sensitive personal information – including, student grades, medical records, documented home issues, behavioral information, and financial information – of students and employees were stolen and publicly disclosed.
Additionally, sensitive information about school security systems was leaked online as a result of these attacks."
(source)
End-to-end encryption make your messages…unintelligible…to snoops and interlopers. [They] can’t access what you’re saying—and neither can the company that offers the platform. People who once thought they had nothing to hide may realize that era is now over (source).
By taking the time to carefully communicate with staff and students the importance of protecting private data, you can minimize the threat of breaches and unauthorized access (source).
Multi-factor authentication includes at least two of the following:
Something you have — A physical item you have, such as a cell phone or a card.
Something you know — Something you know, such as a password, PIN, personal information like mother's maiden name, etc.
Something you are — Biometric data, such as fingerprint, retina scan, etc.
Connect with your email recipient (the person you are writing to). Decide on what file/folder encryption tool you will both be relying on to send protected content. Some options that work well: Secure Space Encryptor (SSE), 7zip, or FileLock. Decide how you are going to verify receipt of the encrypted file attachment.
Send the top secret password you will be encrypting via a secure messaging tool, such as Signal. Avoid sending it via email since your email message is a postcard (anyone can read it) unless it is encrypted. Verify receipt.
Encrypt your file attachment, such as a Word, Excel, or other document using your preferred option (e.g. FileLock, SSE).
In the body of your email message, keep it simple and attach the encrypted file (filename.enc).
Send message to your email recipient, then verify receipt.
iOS | Android | Windows | Mac | Web version
Step 1: Encrypt Your Secret Message (use password below)
TCEA24ConventionRocks!1#!
7zip for Windows - This is a zip/7zip compression program that combines multiple files into one. Think of it as putting a folder of files into ONE file that is compressed for space and encrypted for security. Other, less bare-bones option include Zipware and/or PeaZIP.
Keka Zip for Macs - This is the same thing as 7zip but for Mac computers.
Paranoia's Secure Space Encryptor (SSE) - Here is (what I think) is the best cross-platform encryption tool available. It works on the most platforms (e.g. Android, Mac, Windows). One of the features is that it can take a folder of files and encrypt them all into ONE file.
FileLock.org - A browser-based solution that works well for Chromebooks. Encrypt individual files via your web browser.
(Available for individuals or organizations)
(Available for individuals or organizations)
Through this encrypted conduit, unencrypted files will be transferred from a server or your computer on a nightly basis. Possible solutions include (but are not limited to): MOVEIt – Provides FTP and PGP support, AutoMate, SFTP Plus, and/or GoAnywhere Secure FTP. There are other options, such as business VPNs. Sign up for an online course to learn more.
Disclaimer: This is one video tutorial of several available. Be sure to evaluate solutions shared to find the best one for your environment.
Encrypt data before putting it in the cloud, OR put your data in an encrypted online space, such as:
Proton Drive. An alternative email, calendar, and cloud storage solution. Also offers VPN and Password Manager.
The GoodCloud. An alternative cloud storage solution and office suite.
CryptPad. An alternative cloud storage solution and office suite.
Cryptomator. Use this to encrypt your Google/Microsoft cloud storage.
This free, open source, Windows only software offers recovery of deleted information on your local storage drives. The website claims the following:
"It finds all of the deleted files on your hard drive, flash drive or SD card and allows you to recover them. Undeletion works best if performed as soon as possible after file deletion. When you delete a file, the data is not lost - but new files being written to the hard drive may overwrite your data permanently, making recovery impossible."
This Windows only software offers recovery of deleted information on your local storage drives. The website claims the following:
"Recuva recovers files from your Windows computer, recycle bin, digital camera card, or MP3 player! Recuva can recover pictures, music, documents, videos, emails or any other file type you’ve lost. And it can recover from any rewriteable media you have: memory cards, external hard drives, USB sticks and more! Unlike most file recovery tools, Recuva can recover files from damaged or newly formatted drives. Greater flexibility means greater chance of recovery."
This free, open source, Mac only software offers recovery of deleted information on your local storage drives. The website claims the following:
"EaseUS Mac Undelete is the most reliable Mac undelete software, it automatically scans your hard disk to recover deleted files in a fast and secure way. Features claimed include: Quickly & completely recover deleted, formatted, inaccessible and lost data; Recover videos, photos, music, documents, emails, archives etc. from Mac hard drives and most storage devices; Preview lets you enjoy data recovery in advance."
This Windows, Mac, Android and iOS software offers recovery of deleted information. The website claims the following:
"Recover any file or folder or reconstruct 400+ file types with multiple recovery methods. Connect your storage device & recover data in minutes. Disk Drill supports iOS and Android recovery as well." Watch video.
WipeFile deletes files and folders secure and fast. To do this, WipeFile overwrites the information completely, so there is no way to restore the files or reconstruct the file content.
WipeFile supports 14 different wipe methods, e.g. two US Navy standards, the standard of the US Department of Defense, US Air Force and the NATO.
Freeraser, a new trash bin for your Windows desktop that lets you securely and definitively delete your private files. Freeraser has three deleting modes: Fast, Forced, and Ultimate.
These modes range from lowest to highest level of security, with each requiring a proportional amount of time.
When your computer is getting full, BleachBit quickly frees disk space. With BleachBit you can free cache, delete cookies, clear Internet history, shred temporary files, delete logs, and discard junk you didn't know was there. Designed for Linux and Windows systems, it wipes clean thousands of applications including Firefox, Adobe Flash, Google Chrome, Opera, and more.
Beyond simply deleting files, BleachBit includes advanced features such as shredding files to prevent recovery, wiping free disk space to hide traces of files deleted by other applications, and vacuuming Firefox to make it faster. Better than free, BleachBit is open source.
Most school district firewalls and software can protect your school purchased device. But what about your personal devices? Fail to safeguard them, you endanger critical confidential data available via work.
Only twenty-two percent use “enterprise-grade passwords” (source). This is in spite of the fact you can get free services like Bitwarden to assist you in password management. All these factors can make the cyber threat worse.
Protect yourself from tracking ads with one of these solutions. Malware also may use ads as delivery vehicles. While some ads are inoffensive, others are not. Use ad blockers and anti-tracking extensions to safeguard your browsing. Try any two of the following:
Ghostery. Hate it when you see Facebook advertising matching results from a Google search? Use Ghostery extension to block tracking. You can also avail yourself of their private browser and search tools.
AdblockPlus. Block annoying tracking ads with AdblockPlus. This can help prevent website launched malware from infecting your device. You can also prevent pop-ups, video ads, flash banners, and more.
Disconnect. Another anti-tracking extension you can use adopt for use. This can block unwanted tracking, as well as mask your IP address when using public Wi-Fi.
uBlock Origin. Another ad-blocking tool you can choose to use.
Bitwarden. Get a Bitwarden account (free for individuals and available for businesses and schools). Then, use the Bitwarden browser extension to store logins and access them from your phone.
Mullvad VPN and browser. Check out this multi-device, cross-platform virtual private network and web browser (Firefox based). It comes with a browser extension to better protect your internet connections. You can sign up by month (a few dollars), and renew as needed. The author is a subscriber.
You will learn about why it is important to secure data, how to encrypt it, how to protect your passwords, and the best ways to secure your data and device(s) as well as what you put in the cloud. This course provides the basics you need as a technology professional, as well as those needed to ensure the safe transmission of files and data across the web.
In this online, self-paced course, you will explore this important aspect of using computers and digital networks. In your role as an educator and/or campus technology support, you have access to data and systems that others may target, so it’s important that you understand the threats and risks to data. You will learn about tools used to secure systems and how to avoid attempts to trick you.