You're sold on meeting management software. Perhaps you sit on another board that is doing amazing things with it. Or you've read the data on the vast improvements it can bring. But your school board shows little interest. To persuade them, you must assume the role of educator. As the teacher of the school board, the best strategy is to link meeting management software to security and transparency.
Hackers see the resulting security vulnerabilities as a golden opportunity. International ransomware rings adore US school districts as targets, as they meet their two main qualifications: Corrupted data could drastically disrupt essential services, and the district could access the average $52,000 ransom that they demand. ISIS even broke into 800 US school websites to air recruiting videos to the young audiences that they reach.
These threats demand every board member's attention. There are precedents for holding each individual board member financially liable for a data breach, and a tightening of the screws is probably right around the corner; since the exposure of privacy compromises by Facebook and Cambridge Analytica, future laws are apt to go to greater lengths to protect privacy by whatever means necessary.
Most school board members know neither the enormity of the threat nor the steps they must take to eliminate their greatest security vulnerabilities. Most regularly conduct business in ways that position their board information as low-hanging fruit for opportunistic hackers. For instance, 61% of respondents to a 2017 National School Boards Association (NSBA) survey of 428 school board members nationwide said that they use personal email accounts to discuss board business. The extent of their ignorance comes as no surprise, as only 12% of respondents had received mandatory cybersecurity training. As their teacher, your curriculum should highlight five key points:
The solution is to remove human error from the equation by using meeting management software with role-based authorizations. It consistently keeps different versions of documents accessible to audiences in different roles.
In fact, most school boards have not prioritized the securing of board communications at all. A full 31% of NSBA survey respondents reported that their board had not had a security audit of board communications, while 51% responded that they didn't know if they had had such an audit.
Again, not knowing the facts leads school boards to take on unacceptable levels of risk. We've seen that 61% of board members regularly or occasionally use personal email accounts to communicate about board business. Using network-provided email accounts (a routine practice of 79% of survey respondents) creates a false sense of security. Because email is part of the district system, a phisher who can penetrate an email can thereby access not only the information in that email, but all of the contents of the district's hard drive.
If using email still seems inviting, the list of states that define group emails as violations of open meeting laws is growing. If a majority of the board is privy to the content, it constitutes a rolling quorum. If a string of replies could be construed as 'deliberations,' the emails violate the mandate that such conversations take place only at public, in-person meetings.
Present practices reflect negligence arising from ignorance. Thirteen percent of NSBA survey respondents store board materials on a file-hosting site. Only 42% store board materials on a board portal with adequate security. Sixteen percent of survey respondents believe file-sharing site storage actually decreases risk and 22% believe such storage has no effect on document security.
You will get so much more done in such a civilized manner that the public will not dread finding a three-ring circus at your meetings. They might actually want to show up and contribute. If your board is content with the stalwart plodders who participate in a spirit of martyrdom, they have no idea what is possible when a broader swath of the public has a sense of ownership and enthusiasm.
With meeting management software, your board can lay all of its cards on the table. Not only is the agenda in a far more visible spot online, but the extensive repository of legislation, minutes, maps and memoranda of understanding (MOUs) that must be accessible to meet open-records laws are delivered to researchers on a silver platter. Gone are the dusty binders stored in a basement; the same software that manages meetings can put them all in an online archive. Best of all, the archive is fully searchable by keyword across all files in all formats. Now that's transparency!
A welcoming online presence boosts inclusion as well. Some people can't get out to walk by the meeting notice that is posted in front of the library. They can now find it from the comfort of their own home. If they can't attend the meeting, they can get more than the minutes afterward; meeting management software allows the board to film its meetings and to post the footage on its public portal.
By teaching school board members about how a meeting management system can boost both security and transparency, you can build a compelling case that it's time to increase board effectiveness with this powerful tool. At the same time, you will create an informed user group that is less likely to make insider mistakes, a danger even greater than that posed by nefarious characters from the outside (Cliff). Ignorance may be bliss, but the best school boards are singing a new tune: 'Knowledge is power.'
Security
The school board accesses FERPA- and HIPAA-protected information all the time, as members must be fully informed on the most highly sensitive matters. Yet board members may well have technological know-how inferior to a teenager's, and the computer systems they use are hardly foolproof.Hackers see the resulting security vulnerabilities as a golden opportunity. International ransomware rings adore US school districts as targets, as they meet their two main qualifications: Corrupted data could drastically disrupt essential services, and the district could access the average $52,000 ransom that they demand. ISIS even broke into 800 US school websites to air recruiting videos to the young audiences that they reach.
These threats demand every board member's attention. There are precedents for holding each individual board member financially liable for a data breach, and a tightening of the screws is probably right around the corner; since the exposure of privacy compromises by Facebook and Cambridge Analytica, future laws are apt to go to greater lengths to protect privacy by whatever means necessary.
Most school board members know neither the enormity of the threat nor the steps they must take to eliminate their greatest security vulnerabilities. Most regularly conduct business in ways that position their board information as low-hanging fruit for opportunistic hackers. For instance, 61% of respondents to a 2017 National School Boards Association (NSBA) survey of 428 school board members nationwide said that they use personal email accounts to discuss board business. The extent of their ignorance comes as no surprise, as only 12% of respondents had received mandatory cybersecurity training. As their teacher, your curriculum should highlight five key points:
-
Board documents must be reliably segregated from public documents.
The solution is to remove human error from the equation by using meeting management software with role-based authorizations. It consistently keeps different versions of documents accessible to audiences in different roles.
-
Paperless communications are safer.
In fact, most school boards have not prioritized the securing of board communications at all. A full 31% of NSBA survey respondents reported that their board had not had a security audit of board communications, while 51% responded that they didn't know if they had had such an audit.
-
Email invites hacking and phishing.
Again, not knowing the facts leads school boards to take on unacceptable levels of risk. We've seen that 61% of board members regularly or occasionally use personal email accounts to communicate about board business. Using network-provided email accounts (a routine practice of 79% of survey respondents) creates a false sense of security. Because email is part of the district system, a phisher who can penetrate an email can thereby access not only the information in that email, but all of the contents of the district's hard drive.
If using email still seems inviting, the list of states that define group emails as violations of open meeting laws is growing. If a majority of the board is privy to the content, it constitutes a rolling quorum. If a string of replies could be construed as 'deliberations,' the emails violate the mandate that such conversations take place only at public, in-person meetings.
-
File-sharing sites and unsecured district websites put data within easy reach of cybercriminals.
Present practices reflect negligence arising from ignorance. Thirteen percent of NSBA survey respondents store board materials on a file-hosting site. Only 42% store board materials on a board portal with adequate security. Sixteen percent of survey respondents believe file-sharing site storage actually decreases risk and 22% believe such storage has no effect on document security.
-
Downloading board documents amplifies risk.
Transparency
Once the board understands that a meeting management system protects the district from cybercriminals, your work may well be done. If not, showing how such a system can maximize public transparency should seal the deal. Such a system makes meetings more inviting, welcomes inspection of district business and facilitates unconventional formats to elicit public participation.-
Better meetings.
You will get so much more done in such a civilized manner that the public will not dread finding a three-ring circus at your meetings. They might actually want to show up and contribute. If your board is content with the stalwart plodders who participate in a spirit of martyrdom, they have no idea what is possible when a broader swath of the public has a sense of ownership and enthusiasm.
-
Spirit of openness.
With meeting management software, your board can lay all of its cards on the table. Not only is the agenda in a far more visible spot online, but the extensive repository of legislation, minutes, maps and memoranda of understanding (MOUs) that must be accessible to meet open-records laws are delivered to researchers on a silver platter. Gone are the dusty binders stored in a basement; the same software that manages meetings can put them all in an online archive. Best of all, the archive is fully searchable by keyword across all files in all formats. Now that's transparency!
A welcoming online presence boosts inclusion as well. Some people can't get out to walk by the meeting notice that is posted in front of the library. They can now find it from the comfort of their own home. If they can't attend the meeting, they can get more than the minutes afterward; meeting management software allows the board to film its meetings and to post the footage on its public portal.
-
New communication formats.
By teaching school board members about how a meeting management system can boost both security and transparency, you can build a compelling case that it's time to increase board effectiveness with this powerful tool. At the same time, you will create an informed user group that is less likely to make insider mistakes, a danger even greater than that posed by nefarious characters from the outside (Cliff). Ignorance may be bliss, but the best school boards are singing a new tune: 'Knowledge is power.'
