Ensuring comprehensive data security for schools and students is a delicate balance during the best of times, and life during this pandemic is most certainly not the best of times. Students returning to classrooms this fall will likely do so within a hybrid model of in-class and at home learning, staggered schedules, and limited resource availability. It is important to help students continue to learn, but it is critical to keep them safe.\nEvery academic institution is different, and they all have slightly different security needs. But each one must also find the proper balance between allowing access to data and applications and keeping students\u2019 data and personal information secure and protected. Security protocols are inherently designed to keep people out; and education is based on providing access to all sorts of data.\n\u201cHow do you make sure data is safe and secure? And at the same time in your efforts to stop hackers and bad players, you have to make sure you don\u2019t block data access,\u201d says Debra Ruh, CEO of Ruh Global. \u201cThere\u2019s that fine balance\u2014stay safe, but do not compromise [individuals\u2019] ability to access their data.\u201d\nAnd it\u2019s not just preventing data breaches or keeping student files safe and secure. It\u2019s also a legal imperative with regards to students\u2019 personal data. The Family Educational Rights and Privacy Act (FERPA) prohibits sharing that data with third parties without the expressed written permission from parents.\nThere are also several state laws governing student data. In 2017 alone, 36 states introduced 95 bills and approved 31 new laws regulating student data protection.\nAnd ensuring student data security is certainly no \u201cfire and forget\u201d situation. Maintaining continued data security is an ongoing process in which all must be involved. IT leaders can look to technology vendors and partners for support in developing strategy and simplifying deployment. From the academic perspective, students, teachers, administrators, and parents must all play a role in ensuring both the security and access to student data. And security policies must be developed and enforced with privacy and accessibility intertwined.\n\u201cSchools have to look at this like everyone else\u2014they have to create policies that include the three prongs: security, privacy, and accessibility,\u201d says Ruh. \u201cAnd they need to be constantly testing and looking at them. They also need to use all the resources, often available right in front of them.\u201d\u00a0\u00a0\u00a0\nSecurity, privacy, and accessibility are also not the responsibility of a single individual or team. \u201cIt impacts every part of the organization. To say, \u2018This is IT\u2019s job,\u2019 is na\u00efve. It\u2019s everybody\u2019s job,\u201d she says. \u201cThe entire organization has to be aware and has to be involved in creating policy. Then they have to go back and revise those policies to ensure they still work and they have to include security, privacy, and accessibility.\u201d\nNow more than ever, student data security will continue to evolve\u2014driven by where and how students are learning; the state of threat landscape; and the changing requirements of schools, students, and teachers.