GDPR – that necessary evil is making everyone think more about information security.  Did you know there are some tools you may already have available to you that will help your school comply? It might simply be a case of configuring them for use and making staff aware how and when to use them.

A great example of this is Office 365. This supports encryption via a service called ‘Digital Rights Management’.  DRM is an Office 365 component, and once enabled it is possible to:

  • Encrypt/restrict access to outgoing emails and attachments. This can be done automatically on the O365 side, or manually by the user in Outlook before sending the email.
  • Encrypt/restrict access to Office documents, set document expiry dates and so on.
  • Encrypt individual files on the user’s machine, EG text files etc., before they are sent over email

Although 365’s Rights Management is a paid-for service, some customers may already have part functionality bundled in with their existing agreement, depending on what that already covers.  (Like everything Microsoft, it is very confusing.   It’s not an ‘on’ or ‘off’ service…).

There are three components to try and remember with Rights Management, but two key ones for schools are:

  • Manual: Users can apply Rights Management (encryption/restrictions) to their e-mails and Office documents directly, via options in the Office suite of applications.
  • Automatic: Emails can have Rights Management automatically applied when clicking send, should the subject contain a word (as an example ‘encrypt’)

Why not ask your IT support organisation what you have available and how they may help in configuring this for you?