How To Protect Sensitive Data
Return - https://go.mgpd.org/htps
A Quick Activity Before We Start
Share a portrait of your identity using your personal or work email address. Start your portrait here, then share what you come up with in the digital bulletin board (Padlet) below.
Options for Independent Learners
I. Stats on Portable Storage Options and Encryption
II. Cost of Data Breaches in 2022-2023
III. Districts Affected and Texas Safe Harbor
IV. Encryption Tools
V. Explore Tools
VI. Scenarios and Table Talks Available
Resources and Information
Protecting Student Information
National/State Efforts
Google's K-12 Cybersecurity Guide
Safeguard Your Data
Secure Passwords
Multi-Factor Authentication
Authenticator Apps
Encryption: Text and File
Sending Files to Others
Backup Your Data
Recover Lost Data
Make Your Data Unrecoverable
Safeguarding Your Internet Browsing
Online Courses to Deepen Your Understanding
Protecting Student information
You may already know that there are several state and national efforts to protect confidential student information. That's critical due to the cyber threats schools and organizations face today.
The Texas Education Agency is working to provide funding for anti-malicious activities. That is, the Texas Legislature approved funding to provide cybersecurity resources to schools through the K-12 Cybersecurity Initiative.
Secure Our World. Learn how to protect your family. K-12 Cybersecurity resources are also available.
Texas School Safety Center. This website offers cyberthreat workshops via Zoom. Sessions on cyber threats and school safety are available to school district personnel.
SchoolSafety.gov. This federal government website offers cyber safety considerations for K-12 schools and districts. It highlights resources for stopping phishing and ransomware, as well as other threats.
Cybersecurity for Students via NICCS. For high school students, explore what classes to take. Also explore CyberSecurityEducation and CyberDegrees.
Office of Educational Technology. See this list of resources for K-12 school districts and higher education institutions.
Google's K-12 Cybersecurity Guide
Google's guide highlights these problems...
100 million phishing attempts blocked by Gmail daily
300,000 unsafe websites identified by Google
46% of ransomware attacks are harder to stop due to sophistication
38% of organizations expect to be targeted (source)
...and offers solutions and suggestions:
Using secure authentication to protect sensitive information
Strong passwords and two-step verification (or multi-factor authentication), passkeys, and password managers
Put in place zero trust principles to restrict access to those who need it
Update and upgrade systems (including Chromebooks)
Rely on real-time alert and monitoring systems for devices on the school network
Protect against inappropriate account logins, file sharing, phishing, malware, and other threats
Provide training to teachers, staff, and students
"Not only have these attacks disrupted school operations, but they also have impacted students, their families, teachers, and administrators.
Sensitive personal information – including, student grades, medical records, documented home issues, behavioral information, and financial information – of students and employees were stolen and publicly disclosed.
Additionally, sensitive information about school security systems was leaked online as a result of these attacks."
(source)
Safeguard Your Data
End-to-end encryption make your messages…unintelligible…to snoops and interlopers. [They] can’t access what you’re saying—and neither can the company that offers the platform. People who once thought they had nothing to hide may realize that era is now over (source).
By taking the time to carefully communicate with staff and students the importance of protecting private data, you can minimize the threat of breaches and unauthorized access (source).
It's not hard to safeguard your data, even when it's in plain sight. You simply need to learn to encrypt files or folders using free software. You can then put those encrypted files/folders in cloud storage, USB external hard drives for backup purposes. It all starts with secure passwords you can remember or save in a password manager.
Ready to Encrypt Your Data?
Secure Passwords Are Important
Multi-Factor Authentication
Multi-factor authentication includes at least two of the following:
Something you have — A physical item you have, such as a cell phone or a card.
Something you know — Something you know, such as a password, PIN, personal information like mother's maiden name, etc.
Something you are — Biometric data, such as fingerprint, retina scan, etc.
Authenticator Apps for Your Smartphone
Secure Your Digital Files with encryption
Did you know that if data is encrypted and a data breach occurs, you are not obligated to report it? This is the power of data encryption and can potentially spare you and your employer from unnecessary litigation and expense. This is known as an encryption safe harbor.
Texas defines a data breach in terms of sensitive personal information only if the data items are not encrypted (Source: Data Breach Charts, Baker-Hostetler).
The concept of “Safe Harbor” refers to specific actions that an individual or an organization can take to show a good-faith effort in complying with the law. This good-faith effort provides a “Safe Harbor” against prosecution under the law (source).
A Process To Follow
Connect with your email recipient (the person you are writing to). Decide on what file/folder encryption tool you will both be relying on to send protected content. Some options that work well: Secure Space Encryptor (SSE), 7zip, or FileLock. Decide how you are going to verify receipt of the encrypted file attachment.
Send the top secret password you will be encrypting via a secure messaging tool, such as Signal. Avoid sending it via email since your email message is a postcard (anyone can read it) unless it is encrypted. Verify receipt.
Encrypt your file attachment, such as a Word, Excel, or other document using your preferred option (e.g. FileLock, SSE).
In the body of your email message, keep it simple and attach the encrypted file (filename.enc).
Send message to your email recipient, then verify receipt.
A) Text Encryption
You can use a variety of text encryption solutions. These are ideal for text/email messages you might send on your smartphone, as well as via a computer.
Tool #1: Paranoia Text Encryption
iOS | Android | Windows | Mac | Web version
Tool #2: Browser-based Text Encryption
Activity: Share a Secret Message
Step 1: Encrypt Your Secret Message (use password below)
TCEA24ConventionRocks!1#!
B) File Encryption
Encrypting files with AES-256 can be done with a variety of tools. Here are a few you can use that are free. A few tools include:
7zip for Windows - This is a zip/7zip compression program that combines multiple files into one. Think of it as putting a folder of files into ONE file that is compressed for space and encrypted for security. Other, less bare-bones option include Zipware and/or PeaZIP.
Keka Zip for Macs - This is the same thing as 7zip but for Mac computers.
Paranoia's Secure Space Encryptor (SSE) - Here is (what I think) is the best cross-platform encryption tool available. It works on the most platforms (e.g. Android, Mac, Windows). One of the features is that it can take a folder of files and encrypt them all into ONE file.
FileLock.org - A browser-based solution that works well for Chromebooks. Encrypt individual files via your web browser.
Sending Files to Others
Need to send important, sensitive tax documents to your accountant? What about confidential information to a parent? Maybe, an NWEA Map Parent Report? Emailing sensitive data as an attachment via Gmail or Outlook won't get the job done. Let's look at three possible solutions.
Option #1: Secure Email w/ Proton
(Available for individuals or organizations)
Need to share sensitive document with a family member or another person? Use a solution like Proton's mail or secure cloud storage (Proton Drive) to share files in a secure manner.
Option #2: Bitwarden Send
(Available for individuals or organizations)
Need to send a critical document to a parent or colleague but don't want to put them through the trouble of learning how to decrypt or encrypt content? Read walkthrough. Get text sharing for free, add files for $10 a year. See pricing.
Option #3: OneHub for Orgs
Need to share sensitive document with others as an enterprise solution? OneHub, a self-hosted or cloud-hosted solution, is customized for clients. Works with MS Office documents, PDFs, Google Docs, etc.
Option #4: Secure FTP for Orgs
Are you a school district or organization needing to send, or make available to a solution partner, automatically generated files (e.g. comma-delimited or CSV)? You may need a secure FTP solution. This involves creating an encrypted conduit.
Through this encrypted conduit, unencrypted files will be transferred from a server or your computer on a nightly basis. Possible solutions include (but are not limited to): MOVEIt – Provides FTP and PGP support, AutoMate, SFTP Plus, and/or GoAnywhere Secure FTP. There are other options, such as business VPNs. Sign up for an online course to learn more.
Disclaimer: This is one video tutorial of several available. Be sure to evaluate solutions shared to find the best one for your environment.
Backup Your Data
The percentage of computer owners backing up once a day or more often is 6% in 2018,” reports BackBlaze. Other statistics from the Harris Poll, conducted each year for the last eleven years:
About People
- 20% of folks NEVER back up (31% for folks 65 and older)
- 20% of folks make backups monthly
- 25% of folks back up on annual basis
Other Stats
- 76% have deleted something by accident.
- 62% have lost data at some point.
- 51% have had an internal or external hard drive crash.
- 52% have lost access to their data.
- 61% had a security incident (with 25% of those happening within the last year).
Making backups can be hard because it requires a small level of technical expertise and it can take time. You have to first know how to back up. Check out questions to the right.
Do you use a USB flash drive?
Do you back up to the cloud? Even with plenty of cloud solutions (e.g. Dropbox, Google Drive, OneDrive), most don’t back up.
How do you save documents to your hard drive?
How do you secure/encrypt your data?
What To Remember
Encrypt data before putting it in the cloud, OR put your data in an encrypted online space, such as:
Proton Drive. An alternative email, calendar, and cloud storage solution. Also offers VPN and Password Manager.
The GoodCloud. An alternative cloud storage solution and office suite.
CryptPad. An alternative cloud storage solution and office suite.
Cryptomator. Use this to encrypt your Google/Microsoft cloud storage.
From ransomware to simply human error, it's easy to lose data. That's why it's important to make regular data backups. Most people don't know how, so they tend to rely on cloud storage or nothing.
USB External Drive
One way to avoid that is to get a USB external drive (2 terabytes is plenty. USB external drives last three to five years on average, so you may want to invest in one every three years to backup your data). You can use free tools to automate backups.
Free Automated Backup Solution
File Manager Alternative(s)
Take advantage of these tools, and spend the time to learn how to backup your files.
Recovering Lost Data
Accidentally deleted something on Chromebook or Google Drive? Check your trash. It's going to linger for 30 days unless you empty your trash can. But what about Windows or Mac devices? Here are a few solutions you can turn to in a pinch.
This free, open source, Windows only software offers recovery of deleted information on your local storage drives. The website claims the following:
"It finds all of the deleted files on your hard drive, flash drive or SD card and allows you to recover them. Undeletion works best if performed as soon as possible after file deletion. When you delete a file, the data is not lost - but new files being written to the hard drive may overwrite your data permanently, making recovery impossible."
This Windows only software offers recovery of deleted information on your local storage drives. The website claims the following:
"Recuva recovers files from your Windows computer, recycle bin, digital camera card, or MP3 player! Recuva can recover pictures, music, documents, videos, emails or any other file type you’ve lost. And it can recover from any rewriteable media you have: memory cards, external hard drives, USB sticks and more! Unlike most file recovery tools, Recuva can recover files from damaged or newly formatted drives. Greater flexibility means greater chance of recovery."
This free, open source, Mac only software offers recovery of deleted information on your local storage drives. The website claims the following:
"EaseUS Mac Undelete is the most reliable Mac undelete software, it automatically scans your hard disk to recover deleted files in a fast and secure way. Features claimed include: Quickly & completely recover deleted, formatted, inaccessible and lost data; Recover videos, photos, music, documents, emails, archives etc. from Mac hard drives and most storage devices; Preview lets you enjoy data recovery in advance."
This Windows, Mac, Android and iOS software offers recovery of deleted information. The website claims the following:
"Recover any file or folder or reconstruct 400+ file types with multiple recovery methods. Connect your storage device & recover data in minutes. Disk Drill supports iOS and Android recovery as well." Watch video.
Make Your Data Unrecoverable
As nice as it is to be able to recover your lost data, there are times you want that data to be unrecoverable. To make data unrecoverable, consider using one of these free, no-cost solutions. Instead of dragging data to your trash can or recycle bin on your computer, do one of these things:
- Shred the data
- Wipe the data
How do you shred or wipe data? Use one of these no-cost tools.
WipeFile deletes files and folders secure and fast. To do this, WipeFile overwrites the information completely, so there is no way to restore the files or reconstruct the file content.
WipeFile supports 14 different wipe methods, e.g. two US Navy standards, the standard of the US Department of Defense, US Air Force and the NATO.
Freeraser, a new trash bin for your Windows desktop that lets you securely and definitively delete your private files. Freeraser has three deleting modes: Fast, Forced, and Ultimate.
These modes range from lowest to highest level of security, with each requiring a proportional amount of time.
When your computer is getting full, BleachBit quickly frees disk space. With BleachBit you can free cache, delete cookies, clear Internet history, shred temporary files, delete logs, and discard junk you didn't know was there. Designed for Linux and Windows systems, it wipes clean thousands of applications including Firefox, Adobe Flash, Google Chrome, Opera, and more.
Beyond simply deleting files, BleachBit includes advanced features such as shredding files to prevent recovery, wiping free disk space to hide traces of files deleted by other applications, and vacuuming Firefox to make it faster. Better than free, BleachBit is open source.
Safeguarding Your Internet Browsing
Forty-nine percent of employees use their personal computers for work. Forty-two percent of work from home employees do not have antivirus protection installed.
Most school district firewalls and software can protect your school purchased device. But what about your personal devices? Fail to safeguard them, you endanger critical confidential data available via work.
Only twenty-two percent use “enterprise-grade passwords” (source). This is in spite of the fact you can get free services like Bitwarden to assist you in password management. All these factors can make the cyber threat worse.
Protect yourself from tracking ads with one of these solutions. Malware also may use ads as delivery vehicles. While some ads are inoffensive, others are not. Use ad blockers and anti-tracking extensions to safeguard your browsing. Try any two of the following:
Ghostery. Hate it when you see Facebook advertising matching results from a Google search? Use Ghostery extension to block tracking. You can also avail yourself of their private browser and search tools.
AdblockPlus. Block annoying tracking ads with AdblockPlus. This can help prevent website launched malware from infecting your device. You can also prevent pop-ups, video ads, flash banners, and more.
Disconnect. Another anti-tracking extension you can use adopt for use. This can block unwanted tracking, as well as mask your IP address when using public Wi-Fi.
uBlock Origin. Another ad-blocking tool you can choose to use.
Bitwarden. Get a Bitwarden account (free for individuals and available for businesses and schools). Then, use the Bitwarden browser extension to store logins and access them from your phone.
Mullvad VPN and browser. Check out this multi-device, cross-platform virtual private network and web browser (Firefox based). It comes with a browser extension to better protect your internet connections. You can sign up by month (a few dollars), and renew as needed. The author is a subscriber.
Learn More
Deepen your knowledge of useful cybersecurity that prepares you to safeguard your own devices. Then, learn more about network security.
Introductory Level for Educators
You will learn about why it is important to secure data, how to encrypt it, how to protect your passwords, and the best ways to secure your data and device(s) as well as what you put in the cloud. This course provides the basics you need as a technology professional, as well as those needed to ensure the safe transmission of files and data across the web.
Technical Support Staff
In this online, self-paced course, you will explore this important aspect of using computers and digital networks. In your role as an educator and/or campus technology support, you have access to data and systems that others may target, so it’s important that you understand the threats and risks to data. You will learn about tools used to secure systems and how to avoid attempts to trick you.
