The above snaps are from a great presentation by Tassie educator @anthonycoe on social media in the classroom focussing on engaged learning and effective communication using Socrative, Twitter, Facebook, Google and other SM.
It prompted me to think again about the classroom use of cloud storage through social and mobile services. 5 years ago most education departments, through their own IT Services, managed the risks associated with security, privacy and reliability of online data transfer and storage.
Today teachers and students can choose from a wide range of social and mobile services to enhance learning. What factors should be considered when looking at the cloud storage that these services use? How do we balance the educational opportunities with the appropriate information management controls?
The use of cloud computing is widespread and while most people don't know where their financial, insurance, health, legal or retail data is stored many would trust that the organisations with which they choose to do business follow best practice cloud computing standards and procedures.
Some initial research into cloud services commonly used in schools shows that they are probably suitable from privacy and security points of view for the kind of data commonly being transferred and stored.
These cloud computing services employ a number 'best practice' information management procedures and adhere to the European Safe Harbour privacy protection standards:
- Multi-factor authentication (at least two factor) sign on
- Encrypted storage
- Secure transmission
- Remote wipe (from mobile devices if lost)
The transfer and storage of higher risk data that is 'x-in-confidence' (legal, private medical, commercial, research...) needs deeper consideration.
At the end of the day the greatest risk to data privacy and security is probably password management - but that's another post.