October was National Cyber Security Awareness Month. IT spent time in October reminding Wayne County Superintendents and Technology leaders the importance of cyber security practices and awareness. We even highlighted a few strategies to secure our data while still leveraging digital communication.
Our policy and FERPA requires that Personally Identifiable Information shall be limited to those with an academic interest in the student and “ensure the security, safety, and confidentiality” of this information (see board policy 4500 – Information Security)
The acceptable use of Technology (4500-R) also clarifies that email is not considered secure (see highlighted below). The fact it was in an image does not make it non-readable with technology that can identify text in images.
15. Data Security
Staff/contractors may have access to client student, employee, and financial information. All reasonable steps will be taken to keep data confidential and secured. Data will not be stored on unsecured laptops, transmitted over an unsecured transmission, including email, or left in unprotected office space. Data will only be used for the intent of assisting clients. Staff and contractors are required to read and sign the Acceptable Use of Technology annually.
Acceptable Use of Technology (4500-R)
Securing Email
We have two methods to share data securely:
1 – Secure Email
https://securemail.resa.net – It looks and works like an email client for limited Wayne RESA staff only.
2 – Selecting Email Sensitivity in Outlook
Outlook email includes the ability to encrypt emails with sensitive information, including personally identifiable information (PII). Below are galleries of screen captures that show where to select the desired sensitivity option for multiple devices. Use Outlook “Sensitivity” options that will encrypt the contents of the email and expire after 30 days, 7 days or 1 day to prevent it from “sitting” in the recipient’s email.
Windows 10 Outlook Client
Office 365 (web) Outlook Client
iOS (iPhone/iPad) Mobile App
