110 likes | 198 Views
Securing the System. A K-12 Case Study. Background. Rural School District 93% Free and Reduced Lunch 1100 students 3 Schools 1 Systems Administrator. Regulations. CIPA – Child Internet Protection Act NCLB – No Child Left Behind
E N D
Securing the System A K-12 Case Study
Background • Rural School District • 93% Free and Reduced Lunch • 1100 students • 3 Schools • 1 Systems Administrator
Regulations • CIPA – Child Internet Protection Act • NCLB – No Child Left Behind • HIPAA – The Health Insurance Portability and Accountability Act • FERPA – Family Educational Rights Protection Act
Problem • Frequent Server Crashes • No Backups • Patch Levels Out of Date • Overlapping Policies • Generic Logins • Sketchy Licensing • Lack of System Security • No Technology User Agreement • No Valid Technology Plan
Steps Taken • Redefined the Technology Team • Director of Technology • Systems Administrator • Network/Computer Technician • Streamlined and Consolidated Servers and Connections • Consolidated the districts data aggregation point • Centralized Management of System • Established a Backup Procedure
Steps Taken • Established logins for all students at the middle/high school • Required a Technology User Agreement signed and on file • Restricted access thru all ports • Purchased an I-Prism content filteringsolution
Steps Taken • Deleted all policies and started from scratch • Set alarms and monitoring proceduresin place to monitor the system • Restricted access to the SYS folder tothe Technology Team • Set up home directories for both students and faculty • Re-imaged computers with standardsettings
Is It Secure? The system, while better, is still at risk for a serious security breach.
What Now? • To secure the system further: • A tiered security policy system needsto be implemented • Teachers need to be trained on the use of class monitoring software • The district should implement an annual security audit to ensure that all new threats are addressed promptly • Money should be budgeted in the general fund for upgrades and futureneeds
What Does It Look Like? District Office ElementarySchool 2 Servers 2 Servers TechnologyDepartment ElementarySchool Internet Firewall 2 Servers Novell Gwava I-Prism Sophos 7 Servers Middle/HighSchool 2 Servers