Promise and Responsibility in K-12 Digital Transformation
By Gary Lackey, Director of Cybersecurity, Goose Creek CISD
Ever since the beginning of the internet, there has been an increasing growth and use of online resources. From information, research, shopping, business use, and much more, we have seen an increase. Many things continue to contribute to this growth, from the spread of internet connectivity to rural areas, decreasing cost of storage drives, increasing storage capacity, and mobile devices in more and more hands. We have all seen the giants of technology, like Google, Amazon, Apple, Microsoft, Facebook, and others, that invested heavily and saw tremendous growth over the years. These companies could be considered pioneers or visionaries of technology. They saw the benefit of both the internet and what the collection of data can tell us. As data warehousing and data mining started to grow, these companies used that to drive business and continue to grow. In education, these benefits are also visible in the possibility of cleaning information from student data to better educate our students.
Taking advantage of digital transformation allows for:
- students to interact in a more convenient way
- hands-on learning to better understand concepts
- data analytics for teachers
- tracking student progress
- quicker intervention
- possibility of remote learning
Over the years, we have seen companies that struggled with technology to lag behind those that have embraced online resources and data. However, with COVID-19, the digital divide became more pronounced and many companies that were not prepared to get onboard with online technologies were forced to close their doors, while those that were already using these technologies (or were on the edge of it) were able to take advantage of their resources to persevere and even grow with the changing environment COVID-19 brought. Likewise, COVID-19 created a sink or swim situation in education. We were forced to continue educating students remotely for an extended period. For many schools that had been reluctant to explore the benefits of technology in education had a much harder time continuing this process. On the other hand, those already exploring the benefits of digital learning onsite had many tools at their disposal to continue the push out and create a path to remote learning, although still difficult but less painful. While online courses are just a piece of the puzzle, taking advantage of gamification, robotics, data analytics and augmented/virtual reality are the next possibilities to help students learn more effectively.
On the other hand, those already exploring the benefits of digital learning onsite had many tools at their disposal to continue the push out and create a path to remote learning, although still difficult but less painful.
Our responsibility with digital transformation in K-12 relates to the data we collect and share with our students. As data collection and analytics have grown in leaps and bounds, the possibilities can cause us to overlook the dangers associated with the sharing of data with other companies. Specifically, in K-12 environments, we utilize many different applications and websites to provide learning resources to students and analyze the data to help identify improvement areas or intervention cases. We share our student data to help them and with the inherent expectation that these companies would protect our student data as we would, but that is not always the case. In fact, just the opposite, reports have shown that there is a link between third-party access and cyberattacks in 2022 and that, in education, managing third-party risks remains a growing and unmet challenge. In order to combat this, we need to do a better job of evaluating the third parties with that we work and with that we share data. One way to do this is to use a Data Privacy Agreement (or Data Sharing Agreement) with the companies we share our student data with. These agreements provide an additional check to agree on what data is collected, how it is protected, and the responsibilities of parties to notify of any data breaches. In a data rich environment, it is not only a suggestion but our responsibility, to monitor a vendor’s access and handling of sensitive data. While the data we collect can have rich information and help our kids learn, we can’t throw privacy out the window and allow a data breach to release their information, as this can have lasting consequences. Cyberattacks on school districts are on the rise because most schools do not have adequate security in place to protect the data and the fact that a child’s personally identifiable information (PII) is extremely valuable to an attacker. Most of us do not check our children’s credit scores, but if an attacker can gain access to their PII and open credit accounts in their name, we wouldn’t know about it until they were 18 years old and trying to get their first credit card or vehicle. Then you find out their credit is ruined and the difficult path you must rebuild and correct. This is only one danger of a data breach, but it should help us realize the importance of responsible data use. Our data has much to tell us about how we can teach better, how students learn, what students are at risk, and so much more, but we have to do this responsibly. This is not impossible, but it is much harder to do once you have already given your data to third-parties that are not providing adequate protection. We must evaluate our vendors before we share data and ensure they will protect the data as well. Then, and only then, can we be confident that we are safely pursuing digital transformation in education.