Especially not the students.
We were so close. Just 20 minutes to go until the end of the week, and someone screwed up. LadiesMan spotted a couple of students using the computer in the office next to ours, nearly half an hour after home time. I immediately checked via remote desktop what they were looking at.
They were going through a member of staff’s email.
I marched in and challenged them, and things went from bad to worse. They had been given permission to go through the inbox by the member of staff in question, who was in another building at the time, to search for a contact email address.
This comes just one day, ONE DAY, after our Deputy Head had announced in a staff briefing that there had been a suspected incident of students accessing the staff intranet (which contains very sensitive pupil records) via a compromised staff account, and that staff should be absolutely sure not to leave their account logged in. We also issued a very firm policy at the start of term that explicitly explained why staff must never allow a student to use their login, ever, for any reason.
I recently started delivering training to educate our staff about Information Security. Guess who I’m going to book onto the next one?