Technology & Innovation - Issue 12

get complacent over its requirements and see it as just an annual checkbox activity – yet compliance is an ongoing effort. Staff knowledge must be refreshed regularly, because the tech landscape changes far faster than school policies do. Who’smanaging your personal devices? Some schools might opt for bring-your-own-device (BYOD) schemes to increase tech access. However, while attractive financially, introducing personal devices into the mix can introduce new risks and management headaches. The devices in question may run outdated software, have unsafe apps installed and lack content controls. Their visibility and access will also likely be more difficult to manage, compared to devices procured and owned by the school. A better alternative is the ‘parent-funded, school- managed’ (PFSM) model. Families purchase devices like iPads, but schools manage them centrally, throughMobile Device Management (MDM). This way, settings are kept consistent, apps are secure and harmful content can be blocked. Lost or stolen devices can be wiped remotely. PFSM also works outside the classroom. Schools maintain control of devices during lessons, before ceding that control to parents after hours, who then get to set their own preferred limits. Trust is the key to making this work, with parents needing clear communication on what data schools plan manage, how it will be used and what level of control parents will retain once the school day ends. Breaking the silos Good data protection is as much about teamwork as it is about having the right tools. Too often, IT, compliance and teaching departments will work in isolation, meaning that key security decisions canmade in ignorance of classroomneeds. By the same token, certain forms of lesson planning may overlook important technical and compliance realities. When budgets are split, that divide can deepen. IT may fight to stretch its meagre funds, while teaching teams focus on buying more devices. This can result in short-term fixes, inconsistent coverage and use of unreliable tech in the classroom. Schools instead need shared planning and pooled budgets. That way, refresh cycles, security measures and curriculum goals can all be aligned. This will ensure that compliance demands don’t come as nasty surprises in the middle of a term, but are instead treated as needs that are planned for well in advance. Breaking down silos will help to ensure that the technology used in your school works reliably every day, so that lessons don’t grind to a halt. Practical data protection steps Improving data protection needn’t mean ripping up your existing systems and starting all over again. What really makes a difference are small, yet consistent habits that become part of everyday school life. One of the most effective can be to make GDPR and device security training a permanent fixture of staff development, rather than a one-off to be quickly forgotten. By weaving it into ongoing professional development, schools can make sure that their staff’s knowledge stays current, and that individual colleagues feel confident in applying it. Regular audits are just as important. These don’t have to be daunting, large-scale reviews; even simple checks can highlight issues before they grow into serious problems. This can cover everything from checks for outdated operating systems, to poor security hygiene (like leaving device passwords written on Post-it notes). Catching these small slip-ups early will prevent bigger breaches later. Parents also need to be part of the conversation. When introducing a new whole-school device programme, explaining clearly to parents how the security measures will work, and how they can help to manage devices at home will help to build vital trust and support. Making the grade Finally, the most effective step of all is collaboration . When IT, compliance, and teaching teams work together, they can anticipate any growing issues before they disrupt lessons. Data protection in schools is about more than ticking a compliance box, or avoiding unwanted attention from the regulators. The focus must be onmaking sure that pupils can learn safely, and that teachers can teach without fear of disruption. Secure, well-managed devices will build trust among parents, and give staff confidence that lessons will run smoothly. No educator wants to receive a failing grade – but if schools plan ahead, share responsibility and embrace models like PFSM, ‘security’ can stop being a burden and instead become a valuable enabler for teaching. ABOUT THE AUTHOR Mat Pullen is director for education at the Apple device management and security specialist Jamf ( jamf.com ) and a former secondary school teacher 57 A D M I N I S T R AT I O N teachwire.net