Question 2: Do you have a procedure for when people leave?
Account security requires that when people leave the district, their accounts are deactivated. Imagine my surprise when I was a superintendent and received an e-mail from an internal account for a person who had retired more than five years earlier

Question 3: Does each employee have access to only what they need?
Account security should ensure users have access to what they need and no more, even though it is easier to not have to restrict resources. Even IT staff should have accounts that don’t provide root or core access.

Question 4: Do you provide proper training at all levels?
One last thing is to ensure training about the user’s role in safeguarding resources is routine. Asking staff or students to review cybersecurity measures once a year is not often enough.

The information for this post was taken from an article by Steve Baule in eSchool News, follow this link for the complete article and more details.