As quoted in:

Kontzer, Tony. “How Educational Institutions Are Failing to Adequately Protect Student Data.” RSA Conference. 28 February 2018.

Cyber criminals’ increased interest in attacking education systems imperils students’ financial futures and privacy, and gives parents a reason to question whether schools are up to the task of protecting their kids’ personal data.

As reported by education IT news site EdScoop, a recent study from consultancy EdTech Strategies indicates that the web sites of state education departments and local school districts are among the most insecure on the Internet. For example, the study found that 26 of the 50 states are not making full use of the secure “HTTPS” Internet protocol, making them more vulnerable to attacks.

“Analyses of education agency websites suggest a widespread lack of attention to issues of online security and privacy,” Douglas Levin, president of EdTech Strategies, told EdScoop.

Levin also shed some light on what he believes is one cause of the problem, noting that school districts suffer from a lack of deep security experience and understaffed (and thus overwhelmed) IT teams. And as years of writing about IT security has taught me, that generally leads to a host of unpleasant consequences, including less-than-stellar security measures.