Keeping the Customer’s Data Secure

Institutions of higher education (IHE) have hundreds or thousands of new customers that come through their doors every year. If they are successful, those customers are retained for a few years and become happy, economically successful alumni in the future. 

With all of the customer data (aka students) and a culture of openness, sharing, flexibility, and each person exploring their own interests, there can be a very serious threat to the confidentiality and integrity of that information. 

Some schools are so focused on providing that experience to students that they don’t have the time or resources to focus on an information security. Its critically important though that all employees learn to treat student information as the most important thing they manage on a daily basis. 

Hacking vs Leaking

Hacking remains the largest single source of data breaches in the U.S. However, something know as “data leaking” is not far behind. Data leaks are caused by unintentional actions of employees. That may be sending an email with student data in it. Saving a spreadsheet in a space with the wrong permissions. Misconfiguration of an application or database associated with one. These are examples of data leaks - situations where a hacker may not have acted to penetrate a system, but could still access data because someone has made it easily accessible outside of the secure “perimeter” set up by the institution. 

What Matters?

So, what data is important? Banking and other financial data is. Social Security numbers are. Those should be very obvious data points that give an employee pause to ensure they are being saved, sent and otherwise handled in a fully secure manner. However, it can be more than just those two big ones - FERPA regulations ensure that information regarding the student’s academic record also be private. So, before you share that information with an outside partner, a textbook company, an application you want your students to use, think - is this secure? Can I do this? If you ever want guidance, feel free to send an email to information-security@bethel.edu and we’ll do a quick assessment for you - giving you the guidance you need to keep our customer’s data safe and secure. 

What is Secure?

Google is a secure file storage location. For long term storage, we still recommend using Network Attached Storage (NAS) aka, department drives. To access those network drives off campus, please use the instructions we've provided in Learning, Teaching and Working Remotely for Students, Faculty, and Staff

To share files securely outside of the NAS or our Google environment (like with another email provider - comcast.net, yahoo.com, etc) we recommend using our secure file share system. That is accessible at secure-files.bethel.edu

For that same reason, staff and faculty and STRONGLY encouraged not to forward their Bethel email to a private account. Doing so opens the possibility up for what should have been secure information to be leaked outside of Bethel.