Common Core has been the “issue” in education and has been part of the vetting process as we move forward in this presidential election. We’ve posted a link to the candidate’s score on a “report card,” based on where they stand on this issue.
Within that report card, candidates are also graded on how well they’ve addressed other concerns like, student privacy. This is an issue that most of the candidates have not talked about.
Since we have direct access to the candidates, we are encouraging everyone to start questioning the candidates about the student data privacy issue. Ask about closing the loophole now in the FERPA law that allows personal information on your child to be shared without your knowledge or consent. What would they do to re-instate parental rights over their child’s data?
It’s important to note that the U.S. Department of Education is under extreme criticism for their own lack of security on student, parent and family data.
Why aren’t the candidates talking about this? Why aren’t they addressing this important issue? Maybe it’s time to TAKE THIS ISSUE TO THE CANDIDATES.
Read more about that scathing review:
U.S. DEPARTMENT OF EDUCATION: INFORMATION SECURITY REVIEW
TAKEAWAYS:
• The Department of Education (DoEd) has at least 139 million unique social security numbers in its Central Processing System (CPS).
• Reminiscent of OPM’s dangerous behavior, DoEd is not heeding repeat warnings from the Inspector General (IG) that their information systems are vulnerable to security threats.
o In the IG’s latest report, there were 6 repeat findings and 10 repeat recommendations.
o The Department scored NEGATIVE 14% on the OMB CyberSprint for total users using strong authentication
o The Department received an “F” on the FITARA scorecard
• The Department maintains 184 information systems.
o 120 are managed by outside contractors
o 29 are valued by the Office of Management and Budget (OMB) as “high asset”
• The National Student Loan Database (NSLD) houses significant loan borrower information. There are 97,000 accounts/users with access to this significant data yet only 5,000, less than 20%, have undergone a background check to establish security clearance.
o The IG penetrated DoEd systems completely undetected by both the CIO or contractor
• The Department needs significant improvement in four key security areas:
o Continuous monitoring
o Configuration management
o Incident response and reporting
o Remote access management