Blog: Tips & Tricks
5 Best Practices for Data Security in Higher Education
Data security—if the thought keeps you awake at night, you’re not alone. It was cited as the top issue at Educause 2018. This makes sense, as there are ever-evolving ways that data can be mishandled. If you work with student and university data, it’s more important than ever to have clear policies and processes for data security, to implement them effectively across all responsible parties, and to update them frequently.
Every institution has its own procedures, but here are five best practices gleaned from working with more than 1,700 institutions that you can use to improve data security on campus.
It can be challenging to interpret the data protection regulations outlined by federal and state laws and ensure that they align with the processes you might already have in place. Make sure you or someone on your team is responsible for thoroughly understanding these regulations, keeping current with any new laws, and disseminating this information to anyone who needs to be aware of it.
Know what you have.
Keep an inventory of data and how it is used. This could include intellectual property, student information, and employee data. By identifying the kind of data you’re working with, you will be able to develop a comprehensive and proactive plan to protect each category of data.
Train staff and users.
Examine your institution’s policies and verify your staff has been trained on procedures and best practices, and discuss different scenarios that may arise. Make sure staff know the proper procedures to follow for releasing information, verifying identity and other security practices. And be sure they know who to contact with any questions or problems.
Assess third-party vendors.
Third-party vendors are your institution’s partners in effectively using data on inform improvements on campus. Your partner should be a company that you can trust, with a proven track record of successfully delivering solutions and a dedicated and knowledgeable support team. Selecting the right partner means that you don’t need to worry about whether the data they can access is at risk.
Spread the word.
Driving institutional improvements and assessing your university’s progress towards these goals is a major team effort, involving students, faculty, university leadership, and legislators. It’s crucial to provide clear information about what data is being used, how it is being used, and most importantly, why. If stakeholders understand the value of your work and how it advances your institution’s mission, they will be more likely to take an active role in supporting your data security policies.
When it comes to data security, every person makes a difference. Interested in learning more about data security? Check out the Educause data privacy resource page.