Ensuring Data Security for Students and Educators: Protecting Confidential Information
In the Palmdale School District, computer security has evolved from a simple setup with a few programs to prevent outside interference. This transformation is largely due to the efforts of Christine Jones, the Coordinator of Educational Technology.
Previously, security was primarily technical. Now, under Jones' leadership, the district has implemented multifactor authentication (MFA) to make access more challenging but ensure data safety. MFA can be done through various means, including YubiKey, devices, or mobile devices like phones or iPads.
Jones' role extends beyond technology, as she combines technical solutions with district-wide policy implementation and training to maintain data privacy. This approach is crucial in an era where data breaches, such as ransomware attacks, have been a concern in schools for several years. The Palmdale School District experienced such an incident in 2016-2017.
To address these concerns, the district has reviewed the National Data Privacy Agreement (NDPA) and California IT and Education (CITE) for improving data privacy practices. Jones has also made significant efforts to improve cybersecurity after the ransomware attack.
One of her initiatives is the creation of a curated list of "Approved" resources on the district website. To earn this designation, digital resources must have current data privacy agreements (DPAs) in place with the district, have appropriate fully ad-free content for students, and are not connected to social media, blogs, or any other type of social sharing. The list is updated monthly as DPAs are updated, with new resources being added and current resources being removed if they fail to adhere to district guidelines.
Moreover, the district recognizes the importance of staff engagement in learning about data security. Gamifying cybersecurity training is being considered as a method to increase engagement.
Effective data privacy practices also include implementing strong data security policies, using encryption and secure authentication methods, regularly updating software and systems, providing training and awareness programs, and conducting audits and compliance checks to ensure adherence to laws like FERPA (Family Educational Rights and Privacy Act) in the US. The district collaborates with IT and cybersecurity experts to design and enforce technical safeguards tailored to their needs.
Educators inspired by such a role should adopt comprehensive technical, administrative, and educational strategies to protect data privacy effectively. Christine Jones' work serves as a model for other educational institutions seeking to enhance their data privacy practices. In 2025, she was recognised for her efforts with the Innovative Leader Awards.
