Educators

0:02
[Music]
0:20
every day school districts across the
0:23
country are faced with an increased
0:25
number of data security threats and
0:27
privacy challenges the most frequently
0:30
experienced type of k-12 cyber incident
0:32
reported last year involves some type of
0:34
breach that included student or staff
0:36
data including payroll and personal
0:39
records in some cases these incidents
0:42
have led to payroll theft identity theft
0:44
and even the filing of false tax returns
0:46
over the next few minutes we'll
0:48
highlight five protection areas and some
0:50
best practices that you can implement
0:52
this school year to protect your digital
0:54
identity the digital identity of our
0:56
students and the increasing online
0:58
footprint that we all leave behind but
1:01
first as cyber attacks become more
1:02
prevalent in schools it's helpful to
1:04
have a basic understanding of our
1:06
current cyber threat landscape so over
1:10
the last year or so we've seen a great
1:12
increase in the amount of cyber attacks
1:14
that school districts are experiencing
1:16
and they're becoming increasingly more
1:17
debilitating to those school districts
1:20
the amount of ransomware being
1:22
introduced to school districts has
1:23
increased drastically and the amount of
1:26
overall cyber threats the first half of
1:29
2019 alone already surpasses what was
1:31
seen in 2018 we found that a lot of
1:35
school districts are vulnerable to a
1:37
number of different kinds of cyber
1:39
attacks given the amount of resources
1:42
they have it to throw out the problem
1:43
and the cyber criminals are realizing
1:45
that they do have deeper pockets than
1:47
the average consumer the biggest threat
1:49
school districts nationwide are seeing
1:50
are ransomware incursion into their
1:53
networks securing their environment and
1:55
requesting the district's pay ransom in
1:57
order to regain access to their systems
1:59
and to their data as well as spear
2:01
phishing attacks asking them to transfer
2:05
funds to steal money essentially from
2:08
the district
2:10
well the number one thing that school
2:12
districts can do is address the human
2:14
factor and that is to make sure that
2:17
they're doing regular and ongoing
2:18
training with their staff so that the
2:21
staff is aware of what the current cyber
2:23
threat landscape looks like the common
2:27
practices that the cyber criminals use
2:29
to try to get into systems or try to get
2:31
access to data and also to train staff
2:35
on current policies and procedures that
2:37
may be in place in the school district
2:39
around the protection of a student or
2:41
teacher or principal data also school
2:45
districts really should start to take
2:47
this cyber landscape very seriously and
2:50
if they haven't done so already they
2:52
should be looking to adopt you know
2:55
governance processes as well as policies
2:58
and procedures around their cyber
3:00
landscape and they need to audit those
3:02
on a regular basis to make sure that all
3:04
of the rules are being followed
3:09
[Music]
3:11
when accessing your email exercise
3:14
caution before clicking on a link or
3:16
opening an attachment this is one of the
3:18
most common methods that attackers use
3:20
to gain access and steal information
3:23
always consider the content of the
3:25
message if the request is out of the
3:27
ordinary or if you're not expecting the
3:29
email it could be a phishing email check
3:32
to see if the author's name matches the
3:34
email address
3:35
sometimes hackers will try to trick you
3:38
by making it look like an email comes
3:40
from someone you know hover over any
3:42
links to see if they're taking you to
3:44
where you want to go if it is a phishing
3:47
email delete it and follow your
3:49
organization's procedures for reporting
3:51
possible spam finally if you do click on
3:54
a link or open an attachment that turns
3:56
out to be malicious report it to your
3:58
district technology team immediately
4:00
failing to do so could allow an
4:02
infection to spread keeping these tips
4:05
in mind will help to keep your inbox
4:07
clean your personally identifiable
4:09
information safe and your schools
4:11
network a little more secure
4:15
[Music]
4:18
to avoid others from gaining access to
4:21
your personal files or email you should
4:22
always lock your workstation anytime
4:24
you're away from the screen for more
4:26
than a few seconds on a Windows device
4:28
simply hold down the windows key and
4:30
press the letter L on a Mac this can be
4:32
accomplished by clicking the Apple menu
4:34
icon in the upper left corner of your
4:36
screen and then selecting lock screen
4:38
you can also lock your Mac by pressing
4:40
command ctrl Q on newer versions of the
4:42
Mac operating system for older versions
4:44
of the Mac operating system press
4:46
control-shift power on a Chromebook you
4:50
can manually lock your screen by
4:51
pressing the search and L Keys or at the
4:54
bottom right select the time and click
4:56
on the padlock icon by following these
4:59
quick steps you can ensure nobody else
5:01
will gain access to your computer
5:02
keeping your personal information secure
5:08
a strong password provides essential
5:13
protection from financial fraud and
5:15
identity theft one way a hacker can
5:18
break into your system is by guessing
5:20
your password so make sure the password
5:24
you are using is strong and unique it
5:26
should contain a mixture of character
5:28
types and be at least eight characters
5:30
long
5:31
consider using a pass for you to
5:36
remember but not easy for someone else
5:38
to guess something like I wake up at
5:41
6:30 here we have an easy to remember
5:44
password with 18 characters a capital
5:48
letter three numbers two symbols and
5:51
four spaces and one final note about
5:55
passwords do not write down passwords
5:58
and leave them in an easily accessible
6:00
location if you need a place to store
6:02
passwords consider a password management
6:05
app on your smart phone
6:11
[Music]
6:13
when working with students and staff
6:15
members is sometimes necessary to share
6:18
sensitive information with other
6:19
authorized personnel how you choose to
6:21
share that information is something to
6:23
think about
6:24
always use appropriate tools when
6:26
sharing personally identifiable
6:27
information and never send sensitive
6:29
information through unencrypted email
6:31
it's always best to share PII in person
6:33
or over the phone but when you do need
6:35
to share it electronically following our
6:37
organization's policies and practices
6:39
for transmitting sensitive information
6:45
[Music]
6:47
leveraging technology in the classroom
6:49
can enhance teaching and learning as we
6:52
discover new tools and implement new
6:54
programs it's important to consider how
6:57
companies collect data and what they
6:59
plan to do with the data they gather New
7:02
York State Education law section 2 D has
7:05
specific requirements for vendors and
7:07
school districts to ensure student and
7:10
teacher data is handled appropriately do
7:13
not establish accounts for students to
7:15
access online resources without
7:18
consulting with administration we hope
7:22
you found this video informative and
7:24
while there is no guarantee that we can
7:26
stop cyber attacks from happening by
7:28
increasing our awareness and
7:29
implementing simple procedures our
7:32
digital identities and the digital
7:33
identities of our students are much more
7:35
safe for more on data security and
7:38
privacy best practices consult your
7:40
local regional information center or
7:42
your school districts technology
7:43
leadership team thanks for watching
7:53
[Music]
8:01
[Music]