CoSN updates tools to help IT leaders mitigate cybersecurity, data threats

The Consortium for School Networking recently updated tools to help school technology leaders protect student and staff data against cybersecurity threats.

CoSN now provides a cybersecurity planning rubric, describing elements of basic, adequate and advanced levels of security planning; a planning template, which offers a structure for identifying issues to address; and a self-assessment, which is a 100-point quiz to gauge progress in implementing a security plan.

CoSN said the new guidance, which was supported by AT&T and Fortinet, is intended to help district leaders put systems in place to mitigate attacks that continue to evolve, such as one surfacing this year involving a W-2 email phishing scheme that began targeting school districts.

In a recent discussion, Marie Bjerede, CoSN project director, explained that technology leaders seeking to protect their networks and information security should analyze their current status and validate what they are doing well.

She questioned three district leaders about vulnerabilities facing schools today, and which best practices have protected data from what appears to be a rise in security threats, such as phishing scams, as well as denial-of-service attacks and ransomware, which infects devices and prevents authorized users from accessing network systems.

Building awareness

Nathan Mielke, director of technology services at the Hartford Union High School District in Wisconsin, said building awareness, districtwide, for such matters is key.

She also conducts internal phishing audits periodically to “see how many clicks I get.”

“Unfortunately, we’re at 50 percent, even after doing some education on it, so I know there’s more work to do,” he said.

Keith Bockwoldt, director of technology services for the Township High School District 214 in Illinois said the district faced a similar phishing incident two years ago and learned to “consistently” communicate to staff about different scams and how they may occur.

“When an email comes in and somebody thinks it doesn’t look right, we have mechanisms in place where staff will either send it to me or send it to the help desk and we take a look at it to determine if it is a scam,” he said. “One of the biggest pieces is making sure that your staff is informed — and knowing what to look for in those emails.”

The district also purchased a threat mitigation service through its internet service provider in order to block harmful traffic. The provider notifies the district via email whether there’s an attempted attack occurring and its threat level, he explained. “You need to protect your network,” he said.

Brockwoldt recognized, however, that such services may be out of reach for some districts, so he advised school leaders to “work with service providers” to make it more affordable.

“Companies don’t understand education — that we don’t have a lot of money to work with,” Brockwoldt said. “What we’re trying to do is work with presidents and vice presidents of companies to say, ‘Hey, we’re education and we provide a very different service than companies do; we’re not selling a product like an online store, losing a million dollars a minute, but we also have a lot of instruction going on,’ and one-to-one learning environments are an enterprise in and of itself,” he said.

“Our goal, and we encourage everybody [to do this], is to continue to work with your internet service provider to figure out what threat mitigation services they have and how they can actually help you reduce that cost,” he said. “One of the companies I worked with last year wanted to charge us $23,000 a month, and then another company wanted to charge us $30,000 a month. The company charging $30,000 a month was 2 gigabits of clean traffic,” not nearly enough to meet the district’s needs.

“School districts just can’t afford that,” he lamented. “We need to continue to educate these companies, the internet service providers.”

Recognizing threats

Diane Doersch, chief technology and information officer for the Green Bay (Wis.) Area Public School District, suggested all school leaders “get on the same page” and have a common dialogue with teams, including classroom teachers, on practices for protecting network security.

“People need to be very well educated so they can recognize early on when things happen,” she said. “For instance, if their computers are starting to run slow, if there are ads or pop-ups on their screen, those are signs that something [harmful] is maybe happening on your network.”

She strongly advised having a firewall in place as “your first place to start” in building a network security plan.

As for vendors, ensure third party providers are prohibited from unlimited VPN access to district servers, especially after their service is terminated, she said.

“Limit your remote access, desktop access, to make sure that you know who’s coming in,” she said.

Emily Ann Brown covers education technology and STEM education issues for LRP Publications.

Copyright 2017© LRP Publications, Education Daily®