Regardless of the nature of the organization in which they work, all IT professionals are very familiar with the importance of network and data security; this is a lesson taught in preparation programs and all organizations inplement data security practices. IT professionals working in schools should also promote data security, but they must be sure their actions align with the decision-making hierarchies in schools and accepted policy and procedure.
Schools are places where one is very likely to find passwords on sticky notes attached to computers (while this is becoming less common, it is still more common than it should be). In some schools where I have worked, technicians and other IT professionals were encouraged to remove those sticky notes, but that was done only with the knowledge and support of the school administrators. Another common practice is for teachers to keep list of their students’ usernames and passwords. Ostensibly, this is done to reduce troubleshooting when passwords are forgotten, but there are other strategies whereby passwords can be recoverable without exposing their accounts to being compromised.