Education professionals bottom of the class when it comes to security

72% of education professionals are not encrypting data on USB sticks and other portable devices, despite security being a growing concern.

  • 9 years ago Posted in

Schools, colleges and universities often hold highly-sensitive information about pupils and staff yet in many instances this is not being adequately protected, according to a new survey by iStorage. The leading specialist in portable data storage and digital encryption has found that a concerning number of education professionals are not taking adequate steps to secure sensitive data, including personal details and exam results, when on the move. A wide range of professionals including Head Teachers, Lecturers and ICT Technicians were surveyed at BETT 2015, the world’s largest education technology event.

The survey revealed that despite 96% of respondents regularly carrying portable storage devices such as USB sticks, portable hard drives, CDs and DVDs, only 28% are currently encrypting this data. In addition, over a third (39%) admitted to having lost a portable storage device that contained personal or institutional data. The majority of respondents also expressed concern and awareness of the potential damage that data loss could bring to their institution, including fines that could be implemented by the Information Commissioners Office (ICO).

“Confidential data within educational institutions can encompass a range of information including pupil and staff names, dates of birth, addresses and medical requirements,” states John Michael, CEO of iStorage. “Data security is an extremely important subject for the sector, as the loss of or unauthorised access to this type of information can potentially cause significant harm to pupils, parents or staff, not to mention reputational damage and substantial fines. It is important that every school has a data controller with a detailed knowledge of information rights that can implement ICO recommendations, as well as ensuring all staff are equipped with at least a basic knowledge.”

The ICO states that all data kept on electronic media within educational institutions should be kept secure, encrypted and logged in order to keep track of any theft or loss. Where theft or loss does occur and encryption has not been imposed, enforcement action may follow which could be a fine of up to £500,000. The ICO also stresses the need to be particularly vigilant with portable devices such as USB drives and external hard drives.

Research shows ‘game needs to be changed,’ with security innovation years behind that of the...
73% of organizations lack automated patch management, and 62% experienced incidents involving...
Quest Software has signed a definitive agreement with Clearlake Capital Group, L.P. (together with...
Dell EMC PowerProtect Cyber Recovery for AWS provides a fast, easy-to-deploy public cloud vault to...
Aqua’s cloud native application protection platform becomes the only solution that protects cloud...
54% of organisations working on a security transformation project now or in the next 12 months.
Node4 has released its Mid-Market IT Priorities Report 2021. The independent report reveals that...
Zscaler Zero Trust exchange cloud-based architecture enables superior green security capabilities...