DATA SECURITY STANDARDS
Secure Storage Requirements
All student, family, and staff data must be stored in:
- Encrypted cloud-based systems
- Password-protected platforms with role-based access
- School-approved software and infrastructure
Prohibited storage includes personal devices, personal email accounts, unencrypted drives, or unapproved consumer applications.
Encryption Standards
Sensitive data must be encrypted:
- In transit (SSL/TLS)
- At rest (AES-level encryption)
- In backup and archival systems
Access Controls
Access is granted based on job role and need-to-know principles. Unauthorized access or use is strictly prohibited.
Staff Device Security
Staff must:
- Use school-issued or approved devices
- Enable multi-factor authentication
- Lock devices when unattended
- Avoid public Wi-Fi for sensitive tasks
- Update passwords regularly