Eliminating Data Security Risks in EdTech

Data security in the school enterprise world is an enormous challenge. Typically, the basic data needed by any EdTech solution vendor will consist of what is referred to as the roster data, which consists of the names and course affiliations of students and teachers within every school building.  Without these names and corresponding data, the application vendors could not create accounts for the end users of their systems. This process usually requires a bulk upload of the data using an extracted report from a Student Information System (SIS) that the school or the district office uses. The roster data changes frequently, so it is important for these files to be updated and uploaded daily through an automated data extraction and upload process, which is labor intensive to set up and maintain.

Managing Multiple EdTech Vendors Is Costly and Time-Consuming

If we assume that a typical school uses a minimum of 25 enterprise applications from 25 different vendors, then the data upload process needs to be set up in 25 discrete instances. That is a lot of work for any school with limited resources, and all schools have limited resources.  Complicating the process further, many vendors require other forms of data that go beyond the roster data, which means that there may be more than one source of data that is needed by a vendor and needs to be extracted (e.g. food, transportation, and gradebooks, to name a few).  Imagine the challenge! Some vendors bypass this process and take shortcuts that involve using the teachers in the classroom as a source of data, yet we all know that this is not a good utilization of teachers’ time and skills, and in many cases, schools create policies forbidding teachers from providing student or parent personal data to vendors, to minimize risks of data and privacy breach.

Protecting End Users Must Be a Priority

Most innovative consumer-oriented solutions today are accessed and used by end users through mobile applications that run on one of many forms of web-connected devices. This means that each user, regardless of age or the role they serve in the school, will most likely have to set up a personal account, agree to the vendor’s data privacy terms, and provide their profile data to the third-party vendor, to be able to use the product effectively. Some vendors, not all, do a great job taking data security and consumer privacy seriously, protecting the personal data of their end users and being transparent about what they do with the data. But you’re still asking students to interact with third-party platforms and provide personal information that may or may not be adequately protected.

GG4L Connect is designed to address the issue of data security so that schools can take advantage of multiple EdTech solutions without worrying about data security. GG4L Connect is consent-based, requiring the school data administrator to be 100% in control of inviting or approving a vendor to access a data subset or all the school’s stored SIS data. GG4L Connect is a global infrastructure with the ability to on-board any school’s data from any location in the world. We offer our EdTech vendors the option to invite an unlimited number of their school customers to join GG4L for free.


The members and sponsors of the Global Grid for Learning are democratizing access to K-12 data and applications. We’re making EdTech easier to deploy, more effective for teachers and students, and more affordable for districts and vendors. Connect to the Grid. Take part in an Impact Initiative. Be a sponsor. Let’s make EdTech better together! Learn more.