To begin, let's get the ugly out of the way about what is legal for student access - see my man Wes Fryer's wiki on Unmasking Digital Truth to learn more about CIPA, FERPA, COPPA, and other legal issues. Then let's start with these security basics:
- Make passwords a minimum of 8 characters and mix letters, numbers, case, and special characters.
- Change your password at least once a month.
- Enable Advanced Sign-In Security for your Google account for a secondary layer of protection.
- Log out of your account every time you step away - if you can't remember if you logged out at school or work use the Google remote log out feature to be sure.
- Most important - TEACH these steps to your students and follow up to be sure they are doing it! It is evidence of high technical literacy and we have to teach them these skills.
Now that we have what you can do, let's see what Google is doing in addition to the offerings shared above. The video below from Google reviews everything from physical security of Google data centers with 24/7 guards to the absolute demolition of old hard drives. It is well worth a few minutes. Furthermore, Dan Rowinski from ReadWriteWeb shared this gem of an article this week on all things Google and security. Lastly the Google Apps security page expressly lays out that your data is owned by you and Google employees will never access it unless you grant them access. Also, your data is yours to own, manage, and take with you freely if you leave the Google realm. Watch the video and let this happen in our schools.