D is for Data Security – The ABC of Early Years Education
As the world continues its shift towards becoming increasingly digital, it’s never been more vital for all early years childcare providers to have steps in place that help protect devices and systems – and, ultimately, their data.
This isn’t only vital for safeguarding personal, confidential, and sensitive information – whether about staff, children, their families, or the organisation – against online criminals, but accidental damage and loss too.
It’s only in recent years that nurseries and childminders received guidance from the Government’s National Cyber Security Centre (NCSC) and were warned about the threat of cyber-attacks – including calls for a more secure approach to sharing information.
Here are some actions early years settings and their IT teams can take to help keep their data safe:
1. Use secure, complex passwords and store them safely. And where possible, use two-factor authentication.
2. Have individual logins for each authorised person – do not share accounts.
3. Ensure that any devices – and applications – used to access child data are running the latest version of supported operating system and kept up to date, in order to benefit from the most robust levels of security.
4. Lock screens when away from devices so that child data cannot be accessed inappropriately.
5. Store devices in a locked cupboard overnight to help prevent theft.
6. Use a screen filter or position the monitor away from windows and doors, to ensure screens cannot be seen by passers-by.
7. Utilise individual permissions settings to make sure that data is shared only with authorised staff.
8. Ensure up-to-date antivirus software is installed on all devices.
9. Use trusted software from leading providers to benefit from the highest levels of protection, while minimising unnecessary paper trails which put important data at risk.
10. However, if using paper trails, then make sure all data is disposed of securely using a shredder or trusted waste paper management company.
11. Finally, give all staff security induction training and provide annual refresher courses.