Security of Confidential / Personal Data – Electronic and Paper
It is critical that schools consider the safety of confidential / personal data removed from a school site (electronic and paper). Ensuring that ALL staff are aware of how to handle sensitive or personal information and their responsibilities when accessing data is vital and this section provides guidance on staff training and recommendations.
If you are considering applying this method of security to any computer devices in your school which you think may be taken off-site:
- Data encryption must not be attempted on any file servers or computer devices configured as RM Community Connect 3 or 4 workstations
- Storage devices such USB sticks are best encrypted in their entirety
- Staff laptops that hold personal data should have an encrypted ‘container’ created where all sensitive data should be stored
Existing SIMS ‘master’ PCs should not be encrypted at this stage. SITSS are considering the feasibility of encrypting the whole of the hard drive on all new SIMS ‘master’ computers. We are also;
- Investigating the possibility of encrypting existing, older SIMS ‘master’ PCs
- Backup media must be kept secure at all times.
- Warning – keep your encryption password in a safe place. Access to encrypted drives and ‘containers’ is controlled by password – should you lose it you will NOT be able to access your data!