Partner/Stakeholder Meeting
Baltimore County Public Schools
January 30, 2017
Bill Fitzgerald
@cs_privacy
School District Employees' Financial Data Compromised in Phishing Scam
In Texas
And Arizona
And At Least 126 More
We are only as secure as our least secure friend
The Promise of Tech
Is it Tech
OR
Is it Data
Increased Accuracy
More Depth of Insight
Greater knowledge about what works
Better support for every kid
Better support for every adult
Reduce duplication of effort
Reduce costs of learning materials
Increase the quality of learning materials
Reduce inefficiency
(not increase efficiency)
Measure
Track
Predict
Conundrum 1
Conundrum 2
Conundrum 3
How do we allow valid privacy and security concerns to inform a progressive academic program?
These questions and tensions are not unique
What happens after the wrong click?
-
Data minimization
-
Data sunsets
-
Documented access rules about who can access what
-
Audit trails
-
Avoid portable storage (from laptops to USB keys)
-
Training, training, training
-
Not on tech, but on pedagogy
-
Iterative - Start Somewhere, Figure Out What Else Is Needed
-
Breach response plan
-
Breach response training
-
Ongoing penetration testing
Good privacy practice is good pedagogy
Good privacy practice is good software design
Good privacy practice reinforces intentional, informed decisions
Good privacy practice brings a deeper understanding of the tools we use, and why we use them
Questions? Comments?
Bill Fitzgerald
bfitzgerald@commonsense.org
@cs_privacy (work)
https://www.commonsense.org/education/privacy
Baltimore County
By billfitzgerald