Tips to keep students’ data protected while using WebEx

With the move to remote instruction, instructors should be aware of resources and best practices for teaching online while keeping student data secure and complying with the Family Educational Rights and Privacy Act, known as FERPA.

Because instructors are charged with the protection of student data, they should also be equipped with the skills and knowledge to avoid unwanted participants in their classroom settings, such as cybercriminals or online trolls. Reports of “Zoom-bombing” and increased phishing attacks should prompt users to be careful with the tools Purdue instructors are now using and how they’re communicating with students about grades, class activities and more.

WebEx is the University-sponsored teleconferencing program. It is secure, but it is not intended to be used to display or discuss controlled or restricted data, such as health data. To avoid mishandling restricted data, follow these tips:

ITaP recommends using WebEx, Blackboard and Brightspace for instructing, submitting assignments, office hours and any other activity related to class and assignments. Using teleconferencing tools not supported by Purdue, or using email to communicate FERPA-protected data, is discouraged and potentially a security risk.

Instructors may choose use other tools for instruction and feedback because of student needs or personal preference, but they need to consider the same recommendations that apply to WebEx when choosing to use a non-supported tool. More information: visit Purdue’s GoldAnswers knowledge base, www.purdue.edu/goldanswers, and type 1286244 into the SEARCH box.

For those using Zoom as part of their instruction, these additional security measures should be taken, provided by Krannert School of Management IT:

  • Turn off participants
  • Change display names
  • Mute everyone by default
  • Turn off cameras
  • Encourage one device per person
To learn more about Zoom security recommendations, visit https://zoom.us/security

NOTE: On March 30, the FBI released a warning regarding the use of Zoom teleconferencing along with guidelines for securing Zoom meetings. In addition to the guidelines suggested by the FBI, instructors using Zoom should also create waiting rooms for attendees and disable file sharing.

Issues or questions with WebEx can be directed to ITaP by emailing itap@purdue.edu or calling 765-494-4000. If you have questions about other web conferencing tools used in your area, consult your campus unit's IT staff.

If instructors are concerned that an activity may require student disclosure, there are strict rules about how to obtain student consent. Instructors should consult with the Office of Legal Counsel legalcounsel@purdue.edu to learn more about this option.

Last updated: April 3, 2020