Seclored: The Data Security News Blog

How Universities and Schools are Using Enterprise Rights Management to Keep Student Information Safe

While we often think of mainstream corporations as having the greatest risk of a security breach, schools, universities and colleges are also easy targets.  Student information, including health records, counseling notes, fingerprint data and addresses are highly sensitive.

Warwick Academy in Bermuda, established in 1662, is the oldest school in Bermuda and one of the oldest schools in the Western Hemisphere realized they needed a better way to protect student information wherever it traveled or was stored.

Whether it is fingerprint data, guidance notes, addresses, or health records, Warwick knew student information was regularly shared with multiple school employees via email. As well, Warwick Academy’s IT is outsourced to a third party. In either case, the student information could easily be emailed to the wrong person, or accessed and used maliciously by third parties.

‘While businesses are often earlier adopters of security technology, the fact is that schools such as Warwick Academy also have deeply sensitive information to protect,’ said David Horan, Principal at Warwick. ‘Our objective is to ensure that our students’ data remains safe.  Whether a hacker makes it through our firewalls or an employee accidentally sends information to the wrong person, our deployment of Seclore’s persistent, data-centric security is ensuring that student information can only be accessed by authorized users.’

Warwick is using Seclore Rights Management to apply granular, persistent usage controls to sensitive information. Whether the information is shared via email, file sharing services or a thumb drive, only an authorized user can utilize the file. Warwick is also able to control what a recipient can do with the file (view, edit, print, screen share, cut/paste, etc.) for how long, and even from which device.  Finally, with Rights Management, Warwick is able to revoke or modify usage controls even after the file has been shared.

Here are the four areas where Warwick Academy is using Seclore Rights Management:

  1. Protection of student databases: Ensuring only authorized users can access and use guidance counselor notes, information about a student’s special needs and drug issues, and health records.
  2. Protection of fingerprint data: Warwick houses and utilizes the students’ fingerprints to control access to lunch rooms, manage food allergies, and more.  This information is highly sensitive and is persistently controlled using Rights Management.
  3. Protection of internal documents from outsourced IT: Warwick is ensuring that the information stored on shared drives and local machines is fully protected from system administrators and hackers.
  4. Protection of board discussions and meeting notes: Board discussions are often shared with external advisors and can also be accessed by the outsourced IT admins. By adding persistent controls, only authorized users can access the information.  Even if a laptop of a board members is lost or stolen, the thief cannot access the Warwick files.

Persistent data-centric control is the only way to ensure information remains secure, no matter where it travels or is stored. Using Seclore Rights Management, Warwick Academy is ensuring that sensitive student and organization information can only be accessed by authorized personal, protecting the reputation of their students and the institution.

Abhijit Tannu

Abhijit Tannu is advisor and co-founder at Seclore. Abhijit is a technology architect at heart and entrepreneur by profession and has contributed to the development of innovative products and applications for enterprise security. A fitness enthusiast, you can find Abhijit trekking or hiking in his spare time.

Related Posts