Frequently asked questions

We focus exclusively on private schools in the St. Louis area, particularly ISSL member schools. This specialization means we understand the specific challenges, budget constraints, and governance structures of independent schools.

Usually with a conversation. We'll talk through your current situation, understand your priorities, and discuss whether our services make sense for your school. No pitch, no pressure - just an honest assessment of fit.

No. Our advisory engagements are month-to-month. We believe that if we're providing value, you'll want to continue. If we're not, you shouldn't be locked in.

It varies by need. Some schools work with us for a specific project over 2-3 months. Others maintain an ongoing advisory relationship for years. We're flexible.

Not currently. Our expertise is specifically in private school operations, and we prefer to stay focused on what we know well.

Probably not. Bans are difficult to enforce and push AI use underground where you can't see or influence it. Better to have clear policies that guide appropriate use.

It depends entirely on your use case, budget, and privacy requirements. We help you evaluate options based on your specific situation rather than pushing particular vendors.

Look for education-specific products with explicit FERPA and COPPA compliance statements, signed data privacy agreements, and clear documentation of data handling practices. We can help you evaluate this.

No. Studies consistently show high rates of both false positives and false negatives. We recommend policies based on transparency and appropriate use rather than detection.

Be explicit about what's permitted and what's not, require disclosure when AI is used, and design assessments that work in an AI world. We help schools develop policies that are clear and enforceable.

Unfortunately, yes. K-12 schools experienced a 92% increase in ransomware attacks last year. Schools hold valuable data and often have limited security resources, making them attractive targets.

Multi-factor authentication (MFA). It's not glamorous, but it stops the majority of credential-based attacks. If you can only do one thing, do this.

Short sessions quarterly work better than annual compliance training. 30 minutes focused on current threats beats an hour-long video nobody remembers.

Almost certainly. And insurers are increasingly requiring specific security measures before they'll provide coverage. We can help you understand what's required.

Have a plan before you need it. Know who makes decisions, who communicates with parents, who contacts insurance. Don't try to figure this out during a crisis.

FERPA protects education records for all students. COPPA specifically protects online data collection from children under 13. Both apply to most K-8 schools using digital tools.

Generally, no. Consumer versions of ChatGPT, Claude, and similar tools don't have the privacy protections schools need. Education-specific versions with appropriate agreements are different.

It depends on the tool's data handling. For most consumer AI tools, this creates compliance risk. For education-specific tools with appropriate agreements, it may be fine. Policy should be explicit.

Centralize them. Know what tools are in use, ensure each has appropriate agreements, and review annually. Many schools use the Student Data Privacy Consortium resources as a starting point.

There's no universal answer, but most schools we work with have 1-3 IT staff for populations of 300-1,000 students. That's often not enough to do everything well.

Keep strategic decisions and relationship-intensive work in-house. Consider outsourcing specialized functions like network monitoring, backup verification, or security operations where scale matters.

Focus first on keeping systems running, then on security basics, then on improvements. We help schools develop prioritization frameworks that match their actual capacity.

Cloud is usually the right answer for schools, but the transition needs to be planned carefully. We help evaluate the tradeoffs for your specific situation.

Our advisory tier starts at $1,500-2,000 per month. Operations Partner is $3,000-5,000 monthly. Fractional CTO engagement is $5,000-10,000 monthly. All pricing depends on school size and scope.

No minimum term. We're month-to-month because we believe our value should be obvious enough that you choose to continue.

Yes. Policy development, security assessments, and vendor evaluations can be scoped as discrete projects rather than ongoing relationships.

A full-time IT director costs $80,000-120,000+ with benefits. Our services provide strategic expertise at a fraction of that cost, complementing rather than replacing internal staff.