2026 INCTO Clinic

Tired of the costly and repetitive cycle of negotiating EdTech privacy agreements? As digital tools multiply, protecting student data becomes more complex. Learn how Indiana schools are now working together to solve this problem.

This session introduces Indiana's Student Data Privacy Alliance (SDPA), a statewide collaborative designed to streamline student data privacy. You will see how the Educational Service Centers of Indiana (ESCI) have procured access to this powerful resource for all Indiana school districts. Using the national Access 4 Learning (A4L) framework, the Indiana SDPA provides a central registry of pre-negotiated vendor agreements that saves significant time and ensures consistent, high-quality data protection.

In this 1-hour workshop, you will learn how to:
Use the A4L/SDPC registry to end repetitive negotiations.
Calculate the time and money the alliance can save your district.
Navigate the platform to find vendors and access agreements.
Begin the simple onboarding process for your district.

Learn about DR as-a-service with ESI for Scale Computing users.
Do you have Scale Computing or are you considering it as a VMware alternative?
Led by ESI in partnership with Scale Computing & Dell Technologies.

K-12 technology teams are being asked to do more than ever, all while managing increasing cybersecurity and student safety risks.

In this session, we'll walk through eight critical audits every district should be running across Google Workspace and Microsoft 365 to uncover hidden vulnerabilities and gain better visibility into daily activity.

We?ll explore real-world risks like third-party app access, suspicious logins, unsafe file sharing, phishing attempts, inappropriate student behavior, VPN usage, and device-related concerns. You?ll learn how to spot these issues early and take action before they escalate.

You'll leave with practical, easy-to-implement strategies to strengthen compliance, speed up investigations, and take a more proactive approach to protecting both data and students.

Whether your priority is security, safety, or visibility, this session will give you actionable insights you can start using right away.

Consolidation is key to creating a seamless, high-impact digital environment. For today's district leaders, managing a patchwork of tools from websites to attendance point solutions can create barriers to engagement and limit visibility across systems. A unified approach allows districts to move beyond disconnected workflows and create more consistent, meaningful experiences for families.

In this session, district leaders will share how unifying web presence, attendance interventions, online payments, and phone calling into a single platform improves engagement and oversight across the district. You'll explore how consolidation simplifies the family experience, improves clarity for staff, and supports responsible data practices, while turning your technology ecosystem into a powerful tool for connection and student success.

Back-to-school doesn't have to mean long hours spent creating, updating, and disabling accounts. In this session, discover how ClassLink's OneSync simplifies identity and access management by automating account provisioning across AD, Google, and Microsoft environments.

Join us for a real-world conversation with Matt Melton from Portage Township Schools as he shares how his team streamlined onboarding and offboarding, reduced manual workload, and improved data accuracy and security with OneSync.

Whether you're looking to optimize your current systems or start fresh, this session will provide practical insights you can take back to your district.

For those who are a part of the TLE Cohort for Indiana Cohort, this will be a productive face to face time of working towards the TLE Seal application.

For those interested come and chat about why student data privacy best practices in can become a focus of your district in the areas of your Leadership, Business, PD, Data Security and Classroom practices.
https://www.cosn.org/edtech-topics/trusted-learning-environment/

When a cyber incident hits your district, there's no time for improvisation: leaders need a clear playbook and the confidence to take the stage. In this interactive session, technology directors will work through a practical incident response template designed specifically for K-12 schools.

Using straightforward guidance and facilitated discussion, participants will begin outlining key roles, response steps, communication pathways, and financial safeguards needed to lead their district through a cyber crisis. Emphasis will be placed on governance decisions during the first critical hours of an incident, coordination with executive leadership, and protecting operational and financial stability.

Attendees will leave with a ready-to-use incident response framework, progress toward completing their own plan, and a set of clear action items to continue building or refining their district?s disaster recovery and response strategy.

If your district does not yet have a formal incident response or disaster recovery plan, this is where you need to be.

A concise look at the top emerging cyber threats highlighted in the Arctic Wolf 2026 Threat report and the key security actions organizations should take to strengthen defenses, reduce risk, and stay resilient in an increasingly aggressive threat landscape.

This non-technical, story-driven session is designed for K?12 educators and school staff who want to understand why districts enforce cybersecurity rules. Using a true-crime approach, we?ll examine the ?crime scenes? of real-world cyber incidents that have impacted school districts and uncover how everyday actions, like clicking a phishing link or using an unapproved app, can lead to major consequences.

This session isn?t about firewalls or technical deep dives. It?s about helping educators understand how their decisions impact student data and district security.

This session is specifically designed to help bridge the gap between IT policies and educators' understanding. Whether you're an educator yourself or you?re responsible for helping teachers and staff understand why cybersecurity matters, this session will give you the stories, language, and examples that make security concepts relatable and memorable.

In K12, the best tech decisions aren’t about chasing shiny new tools. They’re about protecting what really counts: learning, data, and daily operations. Join us for a lively, hands-on conversation about using a simple RACI framework to figure out what your team should handle and what might be better to outsource.  
We’ll share practical ways to frame your technology investments so they connect with what Superintendents and Boards care about most like compliance, security, and keeping things running smoothly. You’ll walk away with a clear plan for where your team’s time makes the biggest impact and how the right partners can help reduce risk, improve reliability, and give your staff more time to focus on instruction.

For those who are a part of the TLE Cohort for Indiana Cohort, this will be a productive face to face time of working towards the TLE Seal application.

For those interested come and chat about why student data privacy best practices in can become a focus of your district in the areas of your Leadership, Business, PD, Data Security and Classroom practices.
https://www.cosn.org/edtech-topics/trusted-learning-environment/

Every CTO in K-12 is being asked the same question: Are our schools truly prepared for what?s next?

From rising safety concerns to increasing cyber threats, the gap between legacy security systems and today?s risks has never been wider. Many districts don?t realize just how exposed they are?until it?s too late.

In this session, you?ll see how forward-thinking districts are shifting to a unified, cloud-managed platform that brings cameras, access control, and AI-driven insights into a single, secure environment. More importantly, you?ll walk away with a clear understanding of where your current approach may be falling short?and what modern, proactive protection actually looks like.

Join your peers who are already rethinking school safety and take the first step toward closing the gap.

In today?s digital-first education environment, school districts rely heavily on cloud platforms like Google Workspace and Microsoft Office 365 to power communication, collaboration, and learning. But what happens when critical data is accidentally deleted, maliciously altered, or lost due to ransomware or system failures?

This session explores the growing importance of independent cloud backup and data protection strategies for K-12 institutions. Attendees will learn why native protections from Google and Microsoft are not enough to safeguard against real-world risks such as accidental deletions, insider threats, ransomware attacks, and compliance requirements.

Through real-life case studies from school districts, we?ll demonstrate how organizations have successfully recovered from major data loss incidents?including large-scale account deletions, ransomware infections, and unintended domain cleanups?without disrupting operations. These examples highlight the critical role of having secure, air-gapped backups and rapid recovery capabilities in place.

We will also dive into how modern backup solutions go beyond simple data storage by offering advanced features such as ransomware detection, global search and eDiscovery, sensitive data monitoring (FERPA, HIPAA, PCI), and Google Classroom backup?an increasingly vital need in today?s learning environments.

Attendees will walk away with a clear understanding of:

The shared responsibility model and why SaaS providers don?t fully protect your data
The most common causes of data loss in K-12 environments
Best practices for implementing a comprehensive backup and recovery strategy
How to ensure business continuity and meet cybersecurity and insurance requirements

Whether you're an IT leader, administrator, or technology decision-maker, this session will provide practical insights and actionable steps to better protect your district?s most valuable asset?its data.

With the rapid adoption of AI into the bad actors efforts, organizations are forced to anticipate the next attack vector and acquire or shore up defenses on the perimeter, cloud, identity and email. Firewalls and EDR's can be bypassed. Emails are trusted too often. IoT and OT devices are not being monitored. STOP GUESSING. STOP HOPING. Attend to learn more

AI is accelerating faster than policy. Students are getting better at bypassing filters. Concerns about screen time are rising. Cyber threats aren’t slowing down.

And most districts are trying to solve all of it by adding…another tool.

This session challenges that approach.

We’ll explore how tool sprawl is creating blind spots, slowing response times, and driving up costs—and we’ll show what a consolidated strategy looks like instead. Learn how leading districts are managing AI, enforcing policy, protecting students, and strengthening cybersecurity through a unified platform that actually works together.

If your team feels stretched thin, this is a conversation about increasing impact by managing less.

Come and explore the latest and greatest free cybersecurity resources available from Federal, State, and Private Partners. We'll discuss the cybersecurity landscape as well as what may be coming next.