Security Rx for School Networks

Nearly every day, there are news reports about hacker attacks, security vulnerabilities, and virus alerts. These are issues that any network administrator must grapple with. Working in education, however, there is another layer of concerns to address: CIPA, COPPA, privacy concerns, and demands of technology/curriculum integration. And on top of all of this, technology directors must do this while being consistently under-staffed, under-resourced, and under-appreciated.

Clearly, this is too much for anyone to handle. Even in the corporate world, IT directors are continually complaining about being under-resourced and educational budgeting is nowhere close to this. A recent survey stated that 70% of responding IT directors felt that they had adequately protected themselves from hacker attacks. A commentator responded that at least 30% of the IT directors were honest. With security, regardless of your environment – education, business, etc. – it is impossible to be 100% prepared. The key is to recognize which vulnerabilities are the most significant and minimize your exposure to those.

The Mass Networks Security Rx will help technology directors by presenting an overview of computer security. We will discuss the threats you should be most concerned about, how to prevent them, and how to recover once you have been hit. This will include specific threats and specific tools and resources to minimize those threats.

A Mass Networks Security Rx has three steps: Evaluate, Diagnose, and Prescribe.

Evaluate

• Analyze network structure, Internet connection, and remote access features
• Catalog current hardware/software configurations and authentication measures
  
• Look at the physical security and environment of servers and critical equipment

Diagnose

• Identify critical vulnerabilities
• Isolate security hot spots
• Prioritize areas of concern
• Recognize resource constraints

Prescribe

• Implement specific actions to prevent identified threats and minimize current risks
• Introduce tools to remedy vulnerabilities and for future analysis
• Align practices with recovery plan and security strategic plan