Lock/Unlock Your Privacy

Over the past few years, I have been struggling to find the easiest solution possible to implement when it comes to security. Did you know that Texas Safe Harbor Law protects organizations who lose confidential information that is encrypted, or "locked with encryption?"


Did you know that if data is encrypted and a data breach occurs, you are not obligated to report it? This is the power of data encryption and can potentially spare the District from unnecessary litigation and expense. This is known as an encryption safe harbor. Texas defines a data breach in terms of sensitive personal information only if the data items are not encrypted (Source: Data Breach Charts, Baker-Hostetler).

Sec. 521.053.  NOTIFICATION REQUIRED FOLLOWING BREACH OF SECURITY OF COMPUTERIZED DATA.  (a)  In this section, "breach of system security" means unauthorized acquisition of computerized data that compromises the security, confidentiality, or integrity of sensitive personal information maintained by a person, including data that is encrypted if the person accessing the data has the key required to decrypt the data.

Read more about this at the end of the blog entry.

A WORKING SOLUTION THAT IS SIMPLE
So far, this is what I've come up with for schools and/or individuals to use on Windows, Macintosh and Linux computers, as well as Android devices:
  1. Encrypt email messages, take advantage of Fourmilab's web page on your own computer or server to encrypt text messages. Use secure passwords(Works on Win, Mac, Linux, Android, iOS). Use Lavabit.com as your email provider (rather than Gmail, Yahoo) since they encrypt your messages using your password.
  2. For files/folders, take advantage of Secure Space Encryptor (SSE) tool. (Works on Win, Mac, Linux, Android)
  3. Protect your passwords, KeepassX. (Works on Win, Mac, Linux, Android, iOS)
  4. Browser add-ons to install to "protect" what shreds of privacy remain:
    1. AdBlock for Firefox/Chrome - Blocks banners, pop-ups and video ads - even on Facebook and YouTube and Protects your online privacy
    2. Facebook Privacy List for Adblock Plus - Enhances AdBlock Plus.
    3. Facebook Disconnect for Chrome and Firefox - Facebook is notified whenever you visit one of the more than one million sites on the web that use Facebook Connect and has a history of leaking personally-identifiable information to third parties. This turns off data flow.
    4. Priv3 for Firefox - The Priv3 Firefox extension lets you remain logged in to the social networking sites you use and still browse the web, knowing that those third-party sites only learn where you go on the web when you want them to. All this happens transparently, without the need to maintain any filters. Priv3 is free to use for anyone.
    5. Ghostery - Ghostery looks for third-party page elements (or "trackers") on the web pages you visit and notifies you that these things are present, and which companies operate them. If you wish, choose to block the trackers they operate.
    6. Do Not Track Plus, and for fun,
    7. HTTPS Everywhere
Or, The TOR Browser Bundle.

If we rely on a simple lock/unlock scenario, here's what it might look like:

 



Lock/Unlock Your Files

  1. Start up the SSE File Encryption file on your Desktop
  2. Type in your secret password.
  3. Drop the files you want to encrypt or decrypt your files into the SSE box.



These approaches will only work on a desktop or laptop computer, not an iPad or iPhone. Android devices can get the SSE File Encryptor mobile app version.

The video tutorials are intended for use in a school district as a way of securing confidential information.

OTHER TOOLS
Please note that there are many other tools that can be used to get the job done. The ones pictured above are the easiest and most versatile I have found of those available.

Did you know that students in Grades 6-8, and by extension all educators in Texas, are expected to practice safe and appropriate online behavior, personal security guidelines, digital identity, digital etiquette, and acceptable use of technology; and understand the negative impact of inappropriate technology use, including online bullying and harassment, hacking, intentional virus setting, invasion of privacy, and piracy such as software, music, video, and other media (Source: TEKS Chapter 126; 5 C-D)?
Personal security guidelines, preventing hacking are key aspects of digital citizenship and are addressed by learning how to better safeguard confidential data. Doing so can prevent data security breaches that can be embarrassing to school Districts.

Why Secure Data?

A data security breach occurs any time there is unauthorized access to school district data, including FERPA data. Lost laptops are the main cause of data breaches.
There are many reasons why you should protect the information you use on your computer, including:
  • Ensuring that your information remains confidential and only those who should access that information, can
  • Knowing that no one has been able to change your information, so you can depend on its accuracy (information integrity)
  • Making sure that your information is available when you need it (by making back-up copies and, if appropriate, storing the back-up copies off-site)
To accomplish this, you need to secure, not only physical copies of the data (e.g. print-outs in locked file cabinets) but also encrypt digital copies of that data.

Consequences of NOT Securing Data

There can be various consequences to not securing data, such as the following:
  • Direct costs are incurred by school districts for having to notify individuals whose confidential data has been compromised, as well as notify credit agencies.
  • The cost of paying for credit protection for individuals affected.
  • The school district may suffer damage to reputation.
  • Staff may be disciplined or terminated depending on the severity of the data breach.
Laptop theft facts that make encryption of confidential data important:
    • Statistics show that as many as one in ten laptops will be stolen or lost from an organization over the lifetime of each computer.
    • 86% of security practitioners report that someone in their organization has had a laptop lost or stolen.
    • 56% report that it resulted in a data breach.
    • Encryption of data stops cyber criminals from stealing data on laptops.
    Ninety-seven percent of stolen computers are NEVER recovered. That means that confidential data could be out there indefinitely, waiting like a time-bomb to explode until someone discovers it and then uses it.

    Comments

    Popular posts from this blog

    #Chromecast Add-Ons to Play Various Video File Formats

    Free Professional Learning! Education On Air #googleedu

    10 Steps to a Blended Learning Classroom #MIEexpert #MIE #tceamie1