Welcome!

Machine Learning Authors: Liz McMillan, Pat Romanski, Zakia Bouachraoui, Yeshim Deniz, Elizabeth White

Related Topics: @CloudExpo, Java IoT, Microservices Expo, Machine Learning , Agile Computing, Cloud Security

@CloudExpo: Article

Five Tips for Securing Student Data in the Cloud

... and on premises

There are a few absolutes when it comes to school. First, lunches will always be terrible. Second, your locker will be too small to fit your oversized textbooks. Finally, there's a high likelihood that some of your student data will be stored in the cloud.

This student data includes demographic information, test results, transcripts, email exchanges, grades, attendance history, contact information and more. It's a sensitive mix of detail that, if exposed, could prove damaging to the affected students and the educational institution. According to privacyrights.org, more than 1.8 million student records have been breached in the last 18 months. In one frightening incident earlier this year at the University of Tampa, a breach exposed the social security numbers, photo IDs and dates of birth of thousands of students and faculty members.

Keeping sensitive data firewalled in your on-premises data center doesn't eliminate the threat of exposure. Consider that tens of thousands of student records are breached each year because someone lost a laptop, smart phone or thumb drive containing information. Device theft is especially common in the healthcare industry.

Here are a few tips to help you secure student data in the cloud or your on-premises datacenter:

  • Backup your data - If you're storing data in the cloud, make sure you have a copy of the data stored locally or in another cloud. This won't prevent data theft or breach obviously, but it will ensure data integrity in the case of a loss.
  • Require multi-factor authentication - While not an absolute failsafe, requiring an extra step in the authentication process is a good way to keep password theft from resulting in a full scale attack. Multi-factor auth requires a user to provide something they know (a password for example) with something they have (a smart card, security token or third-party authorization via email).
  • Use FERPA as your starting point - The Family Educational Rights and Privacy Act states that any identifiable student data should be properly collected, maintained and safe from improper disclosure. This is a fairly vague policy and should be looked at as the minimum an institution should do when it comes to security.
  • Encrypt your data at rest and in transmission - FERPA actually recommends using encrypted email to transfer student data, but true data security must go a step further to cover data on disk. Think of encryption as your last line of defense; the free safeties on your high school football team that prevent a running back, who's already broken through your first and second protection layers, from getting into the end zone. Encrypted data is absolutely useless to someone with malicious intent, just as long as you follow this last tip.
  • Secure your keys - In the same way you don't store the keys to your car in the ignition, you should never keep your encryption keys on the server along with your encrypted data. Instead, keep them in a separate server on premises or in the cloud, and set up access policies that control who (or in some cases, what) can access those keys.

Securing student data means adding multiple layers of protection. If you're using the cloud, be sure to understand your provider's security policies, and ask tough questions.

Following the above guidelines can help you maintain the privacy and confidentiality of student data, but it won't solve all your problems. You're still going to be stuck with Mystery Meat Monday.

More Stories By David Tishgart

David Tishgart is a Director of Product Marketing at Cloudera, focused on the company's cloud products, strategy, and partnerships. Prior to joining Cloudera, he ran business development and marketing at Gazzang, an enterprise security software company that was eventually acquired by Cloudera. He brings nearly two decades of experience in enterprise software, hardware, and services marketing to Cloudera. He holds a bachelor's degree in journalism from the University of Texas at Austin.

CloudEXPO Stories
The Crypto community has run out of anarchists, libertarians and almost absorbed all the speculators it can handle, the next 100m users to join Crypto need a world class application to use. What will it be? Alex Mashinsky, a 7X founder & CEO of Celsius Network will discuss his view of the future of Crypto.
Docker and Kubernetes are key elements of modern cloud native deployment automations. After building your microservices, common practice is to create docker images and create YAML files to automate the deployment with Docker and Kubernetes. Writing these YAMLs, Dockerfile descriptors are really painful and error prone.Ballerina is a new cloud-native programing language which understands the architecture around it - the compiler is environment aware of microservices directly deployable into infrastructures like Docker and Kubernetes.
In his session at 20th Cloud Expo, Mike Johnston, an infrastructure engineer at Supergiant.io, will discuss how to use Kubernetes to setup a SaaS infrastructure for your business. Mike Johnston is an infrastructure engineer at Supergiant.io with over 12 years of experience designing, deploying, and maintaining server and workstation infrastructure at all scales. He has experience with brick and mortar data centers as well as cloud providers like Digital Ocean, Amazon Web Services, and Rackspace. His expertise is in automating deployment, management, and problem resolution in these environments, allowing his teams to run large transactional applications with high availability and the speed the consumer demands.
When Enterprises started adopting Hadoop-based Big Data environments over the last ten years, they were mainly on-premise deployments. Organizations would spin up and manage large Hadoop clusters, where they would funnel exabytes or petabytes of unstructured data.However, over the last few years the economics of maintaining this enormous infrastructure compared with the elastic scalability of viable cloud options has changed this equation. The growth of cloud storage, cloud-managed big data environments, and cloud data warehouses like Snowflake, Redshift, BigQuery and Azure SQL DW, have given the cloud its own gravity - pulling data from existing environments. In this presentation we will discuss this transition, describe the challenges and solutions for creating the data flows necessary to move to cloud analytics, and provide real-world use-cases and benefits obtained through adop...
Blockchain has shifted from hype to reality across many industries including Financial Services, Supply Chain, Retail, Healthcare and Government. While traditional tech and crypto organizations are generally male dominated, women have embraced blockchain technology from its inception. This is no more evident than at companies where women occupy many of the blockchain roles and leadership positions. Join this panel to hear three women in blockchain share their experience and their POV on the future of blockchain.