Among the frequent targets of cyberattacks are schools and universities. In the wake of such attacks, New York State regulators are taking action to protect personally identifiable information (PII) that schools collect and maintain. The regulations (which were adopted in January) require schools and their vendors to implement strong programs for data security and privacy. Measures include adding a Parent’s Bill of Rights in every contract with businesses that receive PII, and requiring schools to provide data security awareness training to employees. Schools are encouraged to contact qualified legal council for assistance.
- Although data breaches can effect any business, it’s an unfortunate fact that government entities, such as universities, are frequent targets.
- As a single example, students in the Pittsburgh Unified School district of California were victims of a ransomware episode which targeted the school’s servers.
- An ed-tech company, Naviance, also bears witness that the malicious attacks also target school vendors.