One of the main concerns is building up a picture of school data, i.e. how it is collected, how it is used and how it is shared and stored. This task can be extremely time consuming so, to help complete it, schools should talk to other staff members to ensure they are not just aware of what data they have and where it is, but also look at software solutions that can do the job in half the time, whilst evidencing the updates and changes required.
Already supporting schools as they manage their technology, NetSupport’s IT Asset Management solution (NetSupport DNA) now also includes tools to help them meet their GDPR requirements at no extra cost.
Discover information you hold
To know whether data has been lost and to be able to report it within the stipulated 72 hours’ timeframe, schools must first have a clear picture of its location. Using NetSupport DNA’s file discovery, a school data manager can quickly scan all or selected network PCs and identify all file types that may contain confidential information about students. Using the remote control features, technicians can also quickly access a PC or laptop on the network to remove or move any files that should not be there.
To help schools reduce the amount of data they store, a Data Retention Policy can be set to delete data over 365 days old (default mode). The policy can be scheduled to run automatically at any time, on any day or at any interval.
The data included in a retention policy includes:
- Internet metering
- Application metering
- Login sessions
- Power on/off sessions
- USB device use
- Print cost data
- Software distribution
- eSafety data
- Triggered keywords
- Screen recordings
You can back up all data before the policy runs and send an email to notify staff when the process is about to start.
Prevent data breaches
To help prevent data breaches, NetSupport DNA’s endpoint security and alerting features will automatically notify you when any number of changes occurs across the school network – from antivirus protection not working and security alerts of failed login attempts from a teacher’s machine to portable storage devices trying to access the network.
It will also help you evidence when a data breach has been logged by a member of staff but the data has remained safe. For example, if a teacher left a USB stick with sensitive information on it in a classroom by mistake, NetSupport DNA would show if the USB stick was activated.
NetSupport DNA can also control memory stick usage by allowing full access, block all access, allow read-only access or prevent applications being run from an unknown memory stick. Alternatively, individual memory sticks can be authorised in NetSupport DNA – for the current day, a week or indefinitely – and the use of sticks in the school can then also be limited to only those authorised.