Right about now, most kids are thinking about their chemistry homework, the next pep rally, or chiming in on their group text. The last thing on their minds as they head back to school is cybersecurity. But, it’s the one thing — if ignored — that can wreck the excitement of a brand new school year.
You’ve done a great job, parent. You’ve equipped their phones, tablets, and laptops with security software. And, you’ve beefed up safeguards on devices throughout your home. These efforts go a long way in protecting your child’s (and family’s) privacy from prying eyes. Unfortunately, when your child walks out your front door and into his or her school, new risks await.
No one knows this season better than a cybercriminal. Crooks know there are loopholes in just about every school’s network and that kids can be easy targets online. These security gaps can open kids up to phishing scams, privacy breaches, malware attacks, and device theft.
The school security conversation
Be that parent. Inquire about your school’s security protocols. The K-12 Cybersecurity Resource Center reports that 358 school breaches have taken place since January of 2016. Other reports point to an increase in hackers targeting school staff with phishing emails and seeking student social security numbers to sell on the dark web.
A few questions to consider:
- Who has physical and remote access to your student’s digital records and what are the school’s protection practices and procedures?
- How are staff members trained and are strong password protocols in place?
- What security exists on school-issued devices? What apps/software is are being used and how will those apps collect and use student data?
- What are the school’s data collection practices? Do data collection practices include encryption, secure data retention, and lawful data sharing policies?
- What is the Bring Your Own Device (BYOD) policy?
The data debate
As K-12 administrators strive to maintain secure data collection practices for students, those same principles may be dubious as kids move on to college. As reported by Digiday, one retailer may be quietly disassembling privacy best practices with a bold “pay with data” business model. The Japanese coffee chain Shiru Café offers students and faculty members of Brown University free coffee in exchange for entering personal data into an online registry. Surprisingly, the café attracts some 800 customers a day and is planning on expanding its business model to more college campuses.
The family conversation
Keep devices close. Kids break, lose, lend, and leave their tech unattended and open to theft. Discuss responsible tech ownership with your kids. Stolen devices are privacy gold mines.
Never share passwords. Kids express their loyalty to one another in different ways. One way that’s proving popular but especially unsafe nowadays is password sharing. Remind kids: It’s never okay to share passwords to devices, social networks, or school platforms. Never. Password sharing opens up your child to a number of digital risks.
Safe clicking, browsing practices. Remind kids when browsing online to watch out for phishing emails, fake news stories, streaming media sites, and pop-ups offering free downloads. A bad link can infect a computer with a virus, malware, spyware, or ransomware. Safe browsing also includes checking for “https” in the URL of websites. If the website only loads with an “http,” the website may not be enforcing encryption.
Be more of a mystery. Here is a concept your kids may or may not latch on to but challenge them to keep more of their everyday life a mystery by posting less. This includes turning off location services and trying to keep your whereabouts private when sharing online. This challenge may be fun for your child or downright impossible, but every step toward boosting privacy is progress!
Discuss the risk of public Wi-Fi. Kids are quick to jump on Wi-Fi wherever they go so they can use apps without depleting the family data plan. That habit poses a big problem. Public Wi-Fi is a magnet for hackers trying to get into your device and steal personal information. Make sure every network your child logs on to requires a password to connect. Go a step further and consider using a Virtual Private Network (VPN) for added security for your whole family.