Posted by Kalyani M. on Oct 10, 2013
More and more schools are opting to embrace cloud services for storing student’s data, as they are cost effective, easy to use and provide streamlined services. Schools are encouraging students to use commercial cloud services for sending emails, storing and sharing documents, and for other educational purposes. By outsourcing email and data storage services, the school districts are saving a lot of money earlier spent on server, hardware, software and technical support. However, school’s use of cloud services poses significant risks to student’s privacy.
The major risk in using cloud services is that the collection of personal information by cloud service providers can be used for user profiling and online behavioral advertising. According to a survey report released by SafeGov.org, the students are forced to use the commercial cloud services, as they do not have the opportunity to grant or withhold their consent. For example, if you are a student using school provided email service and without logging off your email account you decide to browse the web to conduct research on your school project. Then without your consent the service provider collects and stores your search history and contents of your email. Later, you might even get pop-up ads related to your web search. This is just one example. Apart from this there are several instances where your other sensitive data like field trip pictures, parent –teacher email exchange, social security numbers etc can be accessed by cloud computing vendors. This is an increasing problem as more schools are embracing BYOD technology.
The schools and government customers of Google Apps are encouraged to add ad-based Google services such as search or YouTube with Google apps for educational purposes. As a result the students are driven from and ad-free to an ad-supported environment. On the other hand, Microsoft’s Bing for Schools is an ad-free and no cost version of its Bing search engine. It can be used in public and private schools across the U.S.
While use of cloud services help schools to save thousands of dollars, the data security and privacy risks presented by these services cannot be ignored. The survey report by SafeGov.org says “there are a number of areas where advertising-oriented cloud services may jeopardize the privacy of data subjects in schools, even when ad-serving is nominally disabled. Threats to student online privacy occasioned by the use of such services in the school environment include the following:
Keeping all these things in mind, the schools should make sure the data would be stored and managed by the service providers before moving to cloud services. They should demand assurance from the service providers that the information collected by them will not be used for data mining, targeted advertising or sold to third parties.
Secure sensitive student data with SpiderOak
Users sometimes find that selecting a truly protected third party cloud service can be a challenge as most “secure” services on the market have glaring security gaps that leave their sensitive data wide open to third party attacks, leaks, and hacking. One rapidly expanding cloud storage and sync service that sets itself apart from the rest of the market is SpiderOak. This service provides users with fully private cloud storage and syncing, featuring all of the benefits of the cloud along with 100% data privacy. SpiderOak is available with onsite deployment and private servers or outsourced deployment through a private and secured public cloud server, so that users and small businesses of all sorts and sizes can tailor the service to fit their needs.
SpiderOak protects sensitive user data with 256-bit AES encryption so that files and passwords stay private. Authorized accounts and network devices can store and sync sensitive data with complete privacy, because this cloud service has absolutely “zero-knowledge” of user passwords or data. And all plaintext encryption keys are exclusively stored on approved devices because SpiderOak never hosts any plaintext data. This way, even if programs like NSA’s PRISM continue to stand unchallenged, people can rest easy knowing that their data is truly protected. SpiderOak’s cross-platform private cloud services are available for users on Windows, Mac, and Linux platforms, along with Android and iOS mobile devices, allowing for full flexibility and mobile access.
Interested in SpiderOak Products?
SpiderOak carved its niche as the top choice for those most concerned with privacy.
The engineering goal was simple – devise a plan where users’ files, filenames, file types, folders, and/or any other personal information are never exposed to anyone for any reason (even under government subpoena). This describes SpiderOak’s ‘zero-knowledge’ privacy environment. SpiderOak offers amazing products like SpiderOak Hive and SpiderOak Blue to secure consumer and enterprise data. SpiderOak Hive keeps all your files in sync across your computer and mobile devices. Here the end-user has the ownership of data and is the only one with the keys to unlock and look at plaintext data. You can signup for this product at SpiderOak Blue works seamlessly in your enterprise environment. To resolve authentication it deploys a virtual appliance that resides behind your firewall and integrates with Active Directory / LDAP for single sign-on. SpiderOak Blue is compatible in Mac, Windows, Linux, iOS and Android platforms. SpiderOak Blue is now available through a limited release. We have been working with several large enterprises through the beta period and will continue towards general release. If you’re curious about the product, please send an email to firstname.lastname@example.org and we will get back to you soon.