Getting computer security right in a school is much trickier than doing so in a business. How much money can you spend? How much time can you devote to the problem? Should you have a regime in which you enforce, or merely guide? How do you win the cooperation of parents, principals and students? Security expert David Booth discusses the principles of information security for schools.

[As seen in the June 2014 edition of our magazine]

1. Understand Your Risk

Identify your most sensitive information and mark documents containing this data clearly as “confidential” or similar. Decide who is responsible for managing the risk. Work out how much risk you face and how much risk you want to take. Allocate security responsibilities clearly to other staff and ensure staff understand the importance of working securely.