Hi - Hope everyone had a good Christmas.
Saw this in the news the other day
Yorkshire post
Had a slight panic as we have software on staff laptops with pupil data in leaving the school premises. The server backup is also in my home filing cupboard! What do anyone else do to protect data?
As long as data isn't accessible easily ... eg. staff have to logon locally to access the material on the laptop ... then it should be ok... it is protected.
As for data on memory sticks... well the only thing we can do is password protect and encrypt them but who does that!
I guess the server backup is probably password protected!?
No server backup not password protected I use ntbackup!ops:
I've just been looking at backupassist as an option
Even if you do have to log on locally to the laptop, the data itself is still unprotected, so if the laptop was stolen, all someone would have to do is to remove the hard drive and plug it into a SATA/IDE to USB converter, and if the docs etc are not password protected themselves, bullseye!Originally Posted by kiran
So what do we do then? The software we have on one staff laptop is an accessment excel based program with pupil upn and date of birth details, so will password protecting and encrypting suffice?
I doubt it, our local authority recently banned all USB stick and CD media, and all removable storage media. A complete security review. I feel this is just a taste of things to come.
I agree. The survey was commissioned by RM no doubt with a view to centralise services and completely lock machines down under the guise of bsf. The recent data security scares have been good for outsourcing companies and managed services.
Which is rather perverse as one of the scares involved DVLA data lost by a foreign outsourced subcontractor (American not Indian).
Actually, thinking about the possibilities of laptops being stolen in schools, it would be advantageous to have encryption for any that contain any personal details. Something as simple as enabling EFS would be better than nothing.
Ideally, all personal info should be centralised and only accessible via password protected and encrypted channels. However, this is unlikely in a school due to a) cost b) extra time required to use such a system in an already very busy day and c) no-one on the teaching staff would see the advantage so would go mad over the changes.
Ah yes, the pearson testing centre with all theory test results. The database which i am on.Which is rather perverse as one of the scares involved DVLA data lost by a foreign outsourced subcontractor (American not Indian).
They also conduct the tests for the CompTIA exams such as the N+ and A+ and other IT industry reconised qualificationsi believe.
Localzuk - You also forgetting, the teaching staff have enough trouble remembering one password at present, dont give them any more to think about.
Yeah, that's true also. For such an encryption system to be in place, it would have to be completely seemless - and that sort of system is going to cost money.
And banning USB keys would be a nightmare - considering how unstable offline files seems to be (randomly stopping working on random machines, randomly downloading the entire DFS tree rather than just the share requested etc...).
Personally, I think implementing VPN access to school networks would be a good idea. You can then ensure that the connecting machines are only the ones you allow, ensure that everything is encrypted etc... But again, that would be a major job. It would require a lot of work at the LEA and RBC levels and would require better internet connections for many schools amongst other equipment.
There are currently 1 users browsing this thread. (0 members and 1 guests)
Posting Permissions
LinkBack URL
About LinkBacks
Reply With Quote