Welcome back to our vCloud Air Network Compliance Spotlight series, where we explain the compliance issues that affect journeys to the cloud. Previously, we’ve covered:
For this blog, the focus shifts to the Family Education Rights and Privacy Act (FERPA), a U.S. federal regulation governing how educational institutions protect student privacy.
The basic requirement of FERPA is that all personally identifiable information is properly secured. This includes grades, test scores, health information, and disciplinary reports. Sharing any student data, even to other governmental or educational institutions, requires consent.
When it comes to the cloud, there are specific governmental guidelines institutions must address:
- Security capabilities of the cloud solution. These include firewalls, patch management issues, monitoring, and response features.
- Adequate consideration of vulnerabilities. Possibilities of hacker breaches and malicious attacks should be analyzed.
- Cloud-specific detection and response. Organizational policies must be adapted for a cloud environment and updated regularly.
- Metric and benchmark standards. Relevant security metrics should be determined, and standards should be clearly defined.
Consequences for non-compliance are severe—federal funds can be withheld for violating institutions. This makes FERPA a key issue for today’s educational institutions, as they face increasing quantities of student data and also try to use technology to improve learning methods.
FERPA certified cloud solutions are a perfect match for schools’ IT departments. One success story is that of NaviSite, a vCloud Air Network Service Provider. Their recent work with Bryant University shows how schools can leverage cloud infrastructures to modernize IT and meet compliance requirements.
Starting out, the challenges were significant. Because many universities are publically owned entities, much red tape governs IT departments and their budgets in particular. Not only is cost a concern, but security is also a key part of the bureaucratic process. A cost-efficient cloud service that also complies with FERPA is a way to hit two birds with one stone.
And that’s exactly what happened. NaviSite improved uptime and simplified management, which meant reduced costs for Bryant University. This also allowed IT to work on more impactful initiatives, and reshape the school’s learning paradigm with technology. Most significantly, universities are perfectly primed to reap the advantages of Desktop as a Service (DaaS.) At the end of the day, Bryant University’s IT department is not only FERPA compliant, but is also improving student experiences.
Ready for your own success? Explore a FERPA compliant cloud solution and see what NaviSite can offer you.
To learn more about FERPA, visit the official government website.