Skip to main content
CNYRIC 
Click for LinkedIn Click for Instagram Click for Twitter
 
Click here to go to homepage

Data Privacy & Information Security

Jason Clark
Model School Coordinator
JLClark@cnyric.org
315-362-2682
Steven J. Tryon
Project Manager
stryon@cnyric.org
315-433-2280

Data Privacy & Security Service

As data security laws evolve to protect against the ever changing threat landscape, school districts must have appropriate resources, policies, and practices to securely manage sensitive data. The CNYRIC’s Data Privacy and Security Service (DPSS) is designed to help districts meet these demands.   Participating districts will have access to leadership resources, the RICone software inventory system, facilitated communication with district Data Privacy Officers, guiding templates for policies and procedures, a training curriculum, and regular forums to learn about everything from NYSED news to the latest industry trends in data security.  The DPSS core service has the ultimate goal of helping districts protect critical data, while ensuring compliance with NYS Education Law 2-D and the Parents Bill of Rights.

The DPSS CoSer Includes

RICone Inventory Tool

This application enables districts to compile a list of their software inventory as well as linking to third-party vendor’s software privacy policies and notices, thus enabling districts to comply with the provisions of the New York State Parents’ Bill of Rights. Over 800 products are currently included in the database, and districts may submit requests for additional products.

Digital Digests & Archived Digests

Quarterly newsletter on the topic of data privacy and security with current information, effective strategies, best practices, and leadership resources.

D3—Digital Digest Debrief

The D3 is a comprehensive webinar on a featured topic from the Digital Digest.

Digital Blasts

Timely information as it occurs to keep districts informed of the latest developments in the field.

Information Security Online PD for Teachers 

Web-based security awareness training that follows a structured outline, including a formal assessment and printable certificate of completion. Materials are made available through the RICone initiative. 
 

User Group Forums 

Regular forums for district data security personnel to meet and learn from security professionals, hear about the latest security/compliance news from NYSED, and share best practices around cyber security. 

Policy & Procedure

Proper planning starts with proper direction and guiding documents. Districts will be provided best practice documents and templates to help support their data security planning; including documentation for: Information Security Policy, Internet Access & Security Policy, Privacy Policy, Incident Response Policy, Breach & Security Failure Notification Policy, Risk Management Plan, Disaster Recovery Plan, and Parent Bill of Rights.

kids using technology

Training, Network Assessment & Testing Services.

Participation in the core DPSS service is required. These services are available for an additional fee.
KnowBe4 Security Awareness Training

KnowBe4 is an integrated platform for security awareness training combined with simulated phishing attacks.  The service integrates baseline testing using mock attacks, followed by engaging, interactive, web-based training, and continuous assessment through simulated phishing, vishing and smishing attacks to build a more resilient and secure organization.  The service provides a library of security awareness training content; including interactive modules, videos, games, posters, and newsletters.  Pricing is per employee/per year, and for the greatest success, should include all district employees.  Support for creating email campaigns, report generation, and initial setup is provided.

knowbe4 logo
Security Assessment & Testing

The Security Assessment & Testing service allows districts to work with third party IT companies to build a customized security program.  Services include risk assessments, cybersecurity training, awareness campaigns, incident response and tabletop planning, internal/external network penetration testing, policy development and review, wireless network testing, network architecture reviews, and more.  Services can be customized to meet district needs.  Please note, we are currently vetting vendors and obtaining contracts for these services so some services may not be immediately available.  Please contact me for more information.

*Price is variable based on level of service

CNYRIC
Phone: 315.433.8300
Visit: 6075 E. Molloy Rd. | Syracuse, NY 13211
Mail: P.O. Box 4866 | Syracuse, NY 13221
AICPA SOC