It Takes Two to Keep Student Data Safe

It Takes Two to Keep Student Data Safe

Technology isn’t leaving anytime soon – that’s a fact. With job markets desperate for digital skills and teachers desperate for support, devices have a place in today’s education system. The trouble is, schools are adopting technology at an accelerating rate while the concern of cybersecurity lags behind. It’s an issue that schools are starting to take seriously, but it takes two to keep student data safe.

In education, student needs should always come first. It’s important for students to develop digital literacy, but it’s even more important to protect their privacy. Technology will always collect information, but it’s what companies do with that information that should concern educators. With more tech in the classroom comes more student data vulnerable to commercialization.

What schools need to look out for are companies that sell student data to advertisers. Advertisers use this data to create individual advertising profiles for more effective advertising in the future. The more information an advertiser collects, the more they can tailor their messaging to be more effective to each individual. It’s a sickening notion to think students are being exploited, but it’s an unfortunate reality.

What can schools do to protect student data?

First and foremost, schools should partner with edtech companies that care about students. From pedagogy to platform and privacy, your tech partners need to put students first. Ask for a copy of the company’s privacy policy and make sure it looks something like this. If an edtech company values the best interests of students, they will not sell data to advertisers.

Another way to protect students is to use different devices in the classroom. Though it may be a seamless option, putting all of your school’s digital eggs into one tech basket can be damaging to students and their privacy. When a student becomes too familiar with a company’s products, they may become uncomfortable using other technology, creating brand loyal customers at a young age. It gives tech companies an opportunity to collect student data at every possible juncture.

There are resources available for parents to protect student data as well. The Parent Coalition for Student Privacy was founded in 2014 after the legal battle with former student data company, inBloom. The coalition formed with the concern that parents were ill-equipped to protect their children’s privacy. The Parent Coalition for Student Privacy offers information and resources for parents who have had a hard time tackling the complicated topic of student privacy.

How does Sprig protect student data?

Using regulatory requirements and ISO cybersecurity standards, all Sprig software and platform services are held to stringent requirements to keep student data safe and privacy assured. Student privacy is critical and as such, Sprig does not sell or market any student data to third parties.

To further reinforce the importance of privacy, Sprig has teamed up with TwelveDot Security as its development partner. TwelveDot develops all of Sprig’s platforms using only the latest digital security measures and requirements. For the last eight years, TwelveDot has been a global leader in cybersecurity, assessing and protecting organizations from data breaches and cyber attacks.

The fact is, there is only one way to fight the sale of information: with information itself. Staying informed is the only way to protect student data and the onus is on caregivers and educators to learn with students in mind.

Caregivers and educators need to work together to protect student data inside and outside of the classroom and educate themselves so that they can understand the technology their children use. It takes two to keep student data safe, make sure your education partners are in it for the right reasons.

For more information about a holistic approach to assessment or holistic education, send us an email at letstalk@spriglearning.com.

More from the Sprig Blog

It Takes Two to Keep Student Data Safe

It Takes Two to Keep Student Data Safe

Technology isn't leaving anytime soon – that's a fact. With job markets desperate for digital skills and teachers desperate for support, devices have a place in today's education system. The trouble is, schools are adopting technology at an accelerating rate while the...

Student Data Privacy – What Makes Sprig So Secure?

Student Data Privacy – What Makes Sprig So Secure?

Protecting student data is a top priority for school districts and schools, and with the upswing of new edtech products on the market, it can be hard to qualify which tools offer the kind of protection that you and your students need. While some edtech companies may believe that following cybersecurity best practices adds extra complications to an already lengthy development cycle, Sprig Learning is fortunate enough to have security built into each and every product by design.

That added piece of mind is thanks to our co-founder, Faud Khan. Faud is an international leader in cybersecurity with over 23 years of experience in the field, and he is known for his work with the International Organization for Standardization (ISO), as well as his work with the International Electrotechnical Commission (IEC).

So who better to share what makes the Sprig Learning Platform so secure than Faud himself! Keep reading to hear exactly what it is that makes our education platform so secure, and what you should look for when choosing an edtech partner.

Here’s a word from Faud:

With Sprig Learning, we had an opportunity to create an edtech product that was not only going to benefit the market from a holistic learning perspective, but one that provides enhanced privacy and security within the school ecosystem.

Cybersecurity is top-of-mind for most people, including us. As parents ourselves, we wanted to reassure our students, their parents, and their educators that we did everything in our power to identify and mitigate any risks to our online platform – as well as how we operate our company. I want to take this opportunity to share with you exactly what it is that makes Sprig Learning so secure. Allow me to dive into a little cybersecurity speak to help explain our process:

We take data security seriously.

So serious, in fact, that we have reviewed all of the possible ways in which our platform could be compromised. Every single one of them. Using a functional specification for our product development allows us to keep track of every component, identify potential risks, and methodically address each and every one. For a company that’s less than a year old, that is a pretty big accomplishment.

The functional specification makes it easier for us to complete both a Threat and Risk Assessment, as well as a Privacy Impact Assessment – two key components in creating and maintaining a secure platform. To be brief, completing a Threat and Risk Assessment allows us to identify any potential weaknesses in our digital properties, and address each one to reduce any risk. The Privacy Impact Assessment, on the other hand, helps us to identify and record any components of our system related to personal or student data that may be at risk – then develop a plan to manage and mitigate those risks.

These assessments and documentation cycles have allowed us to establish a Software Development Lifecycle that reduces the overall attack surface of our platform. We test ourselves and our platform. Constantly. Maintaining a secure platform doesn’t end once development is wrapped up. We aggressively monitor our servers for any sign of risk, and our multi-layered system ensures that if our web server were ever to become compromised, our student data remains safe. In fact, we even try to compromise our own platform with regular penetration testing in order to ensure that we did not make any mistakes in our code or in our server.

Our Promise to You.

As you can see from a security and privacy perspective, we have gone above and beyond the typical edtech standards. Our engineering team is strong in these disciplines, which helps us to grow and continuously develop our security and privacy controls as our business evolves. That is a commitment to all of the members of the Sprig Learning Team, and our promise to you – the Sprig Community. Should you have any more questions about our approach to security and privacy, please reach out to us at security@spriglearning.com.

Yours,

Faud Khan
Co-Founder and CTO Sprig Learning

For more information about a holistic approach to assessment or holistic education, send us an email at letstalk@spriglearning.com.

More from the Sprig Blog