March 18, 2020
Educating Students and Staff on Remote Data Privacy Practices
It’s likely that your campus is currently empty, and students are now finishing their semester online. And your staff is probably working remotely. As an IT administrator, you’ve made a lot of decisions and solved a lot of problems in the past few days. But with all the challenges of the last week, stressing privacy and security to your staff and students may not have made your to-do list.
While data privacy is top of your mind, your now-remote students and employees are new to the game. Because your education institution will undergo audits for PII in the future, it’s imperative that everyone associated with your school follows all policies and regulations. With all the current challenges and unexpected costs, your higher education institution does not need to get fined for privacy issues.
Communicating Privacy Tips to Students and Staff
Your students and staff are currently wading through a mountain of information and worries, so you need to carefully craft your message about privacy.
Here are five tips to help you get your message about the importance of privacy across to students and staff:
- Be clear and direct. Your first line of communication should be an official email outlining your policy. Give clear guidance on how to handle sensitive data while working remotely—and, just as importantly—what not to do. Keep this email simple and scannable.
- Use social media. Your students and staff are turning to social media for information about what to expect in the coming weeks as well as official information from your university. Create several social media posts for each channel—Facebook, Twitter, and Instagram—for your social media manager to post
- Get creative. You want your students and staff to pay attention to your message and social posts, so have some fun to catch their attention. Create a few funny videos about privacy. Or design a meme (or four).The more interesting and attention catching your posts are, the more likely it is that your students and staff with share with their friends, which mean more students will see your messages—and they may even garner publicity from potential students.
- Remind early and often. Remote learning and working is likely going to be the new normal for the foreseeable future. And you’ll need to continue repeating the privacy message in the coming weeks. As the new normal becomes the everyday standard for many people, they may revert to old habits and become lax about privacy.
- Provide next steps for questions or concerns. Your students and staff may have questions about how to handle a specific situation or a concern about how a fellow student or employee is handling sensitive data. Tell them who contact for help, and provide contact information. Think about the best channel for support—an email, live chat, or phone number. Preferably, offer all three.
What Your Staff and Students Need to Know about Data Privacy
We know that you’re overwhelmed with all the tasks involved with moving your entire campus online in a matter of days, so we’ve created a short set of instructions as a starting point for you to share with your students and staff.
- Use a VPN for university-related tasks. Because all university-related information must be secure, use a Virtual Private Network every time you log in to your university email, server, or website. This service keeps all the information private and secure. [Include specific information about how to access the VPN you want used.]
- Do not log in to unsecure networks, such as those offered by coffee shops or at family members’ homes. While we recommend staying home, we know that you may need to leave your home. If you choose to go out, do not access any university-related information over a public internet connection. You should also not send information over an internet connection that’s accessible by other people, such as connections at the homes of family members or friends.
- Limit backups of devices. Every time you back up your phone or computer, you create another version of the data. While you should be backing up occasionally, in case you need to recover the data, each backup means more data to protect.
- Use strong and unique passwords. Make sure that all your university-related passwords include letters, numbers, and special characters. We also recommend using both lower- and upper-case letters. If you are using the same password for other accounts, now is a good time to create a unique password.
- Do not click on any unknown links or download files from unknown sources. Criminals often try to capitalize on crises, and it’s likely you will receive emails or files from scammers. Often, fake or phishing emails mimic real companies and the types of emails you are likely to receive. If you are unsure, contact the sender before clicking or downloading.
By taking the time to carefully communicate with your students and staff, you can prevent hours on the back end dealing with privacy or regulations issues. The time spent communicating will more than pay off in the end.
With many changes and new processes being developed in the weeks ahead, your students and staff are likely going to be overloaded with information. Be sure to regularly remind employees of privacy processes. As processes and needs change, be sure to consider privacy at every decision point along the way. By keeping your students’ and staff’s data private with increased remote learning, your institution can avoid data privacy risks issues during this period of change.
Spirion’s software can discover and classify data in the entire estate, including every endpoint from laptops to structured and unstructured data to the cloud–even when your employees are working remotely or traveling. Click here to learn more.