Tips to keep students’ data protected while using WebEx
With the move to remote instruction, instructors should be aware of resources and best practices for teaching online while keeping student data secure and complying with the Family Educational Rights and Privacy Act, known as FERPA.
Because instructors are charged with the protection of student data, they should also be equipped with the skills and knowledge to avoid unwanted participants in their classroom settings, such as cybercriminals or online trolls. Reports of “Zoom-bombing” and increased phishing attacks should prompt users to be careful with the tools Purdue instructors are now using and how they’re communicating with students about grades, class activities and more.
WebEx is the University-sponsored teleconferencing program. It is secure, but it is not intended to be used to display or discuss controlled or restricted data, such as health data. To avoid mishandling restricted data, follow these tips:
- Do not share files or data protected by FERPA via WebEx. Instead, use Blackboard or Brightspace.
- Do not share a link to a teleconference on a publicly available social media post. Provide the link directly to attendees within your Blackboard or Brightspace course environment.
- Require a password or meeting code to join meetings. To find out how, visit https://help.webex.com/en-us/so30qz/Required-Password-Enforcement-for-Webex-Meetings-Events-and-Training-Sessions.
- Create dedicated meetings, instead of using your personal room, when discussing topics related to student data to ensure those present are authorized to be included. To learn how to integrate WebEx into Blackboard or Brightspace courses, visit https://help.webex.com/en-us/ngd7brv/The-Cisco-Webex-Education-Connector-for-Teachers.
- Know how to identify, remove or block participants. To find out how, visit https://help.webex.com/en-us/WBX80006/How-Do-I-Restrict-Access-to-Cisco-Webex-Meetings-Online.
- Lock the meeting after all the attendees have joined. To learn how, visit https://help.webex.com/en-us/zcvgyc/Webex-Teams-Lock-or-Unlock-Your-Meeting.
- Do not record class. If you need to record your lectures, use one of the tools recommended by Purdue Innovative Learning. To see your options, visit https://www.purdue.edu/innovativelearning/supporting-instruction/instructional-technology/.
ITaP recommends using WebEx, Blackboard and Brightspace for instructing, submitting assignments, office hours and any other activity related to class and assignments. Using teleconferencing tools not supported by Purdue, or using email to communicate FERPA-protected data, is discouraged and potentially a security risk.
Instructors may choose use other tools for instruction and feedback because of student needs or personal preference, but they need to consider the same recommendations that apply to WebEx when choosing to use a non-supported tool. More information: visit Purdue’s GoldAnswers knowledge base, www.purdue.edu/goldanswers, and type 1286244 into the SEARCH box.
For those using Zoom as part of their instruction, these additional security measures should be taken, provided by Krannert School of Management IT:
- Turn off participants
- Change display names
- Mute everyone by default
- Turn off cameras
- Encourage one device per person
NOTE: On March 30, the FBI released a warning regarding the use of Zoom teleconferencing along with guidelines for securing Zoom meetings. In addition to the guidelines suggested by the FBI, instructors using Zoom should also create waiting rooms for attendees and disable file sharing.
Issues or questions with WebEx can be directed to ITaP by emailing itap@purdue.edu or calling 765-494-4000. If you have questions about other web conferencing tools used in your area, consult your campus unit's IT staff.
If instructors are concerned that an activity may require student disclosure, there are strict rules about how to obtain student consent. Instructors should consult with the Office of Legal Counsel legalcounsel@purdue.edu to learn more about this option.
Last updated: April 3, 2020