Securing the System A K-12 Case Study. Background Rural School District 93% Free and Reduced Lunch 1100 students 3 Schools 1 Systems Administrator.

Slides:



Advertisements
Similar presentations
The Whole/Hole of Security Public (DoD) v. Corporate Carl Bourland US Army Judge Advocate Generals Corps.
Advertisements

Summer Garcia Information Systems Management EDLD 5362.
The Individual Health Plan Essential to achieve educational equality for students with health management needs Ensures access to an education for students.
INADEQUATE SECURITY POLICIES Each covered entity and business associate must have written polices that cover all the Required and Addressable HIPAA standards.
University Data Classification Table* Level 5Level 4 Information that would cause severe harm to individuals or the University if disclosed. Level 5 information.
K eep I t C onfidential Prepared by: Security Architecture Collaboration Team.
Health Insurance Portability and Accountability Act HIPAA Education for Volunteers and Students.
National Health Information Privacy and Security Week Understanding the HIPAA Privacy and Security Rule.
Health Insurance Portability and Accountability Act (HIPAA)HIPAA.
HIPAA TRAINING to satisfy the training requirement for School District # 435 Staff.
Today’s Schools face:  Numerous State and Federal Regulations  Reduced Technology Funding  More Stringent Guidelines for Technology Use.
Topics Rule Changes Skagit County, WA HIPAA Magic Bullet HIPAA Culture of Compliance Foundation to HIPAA Privacy and Security Compliance Security Officer.
CAMP Med Building a Health Information Infrastructure to Support HIPAA Rick Konopacki, MSBME HIPAA Security Coordinator University of Wisconsin-Madison.
Module 6: Configuring Windows XP Professional to Operate in a Microsoft Network.
Technology Plan EDLD 5362 Casey Smith.
Information & Communication Technologies NMSU All About Discovery! Risk-Based Information Security Program at NMSU presented by Norma Grijalva.
CERT ® System and Network Security Practices Presented by Julia H. Allen at the NCISSE 2001: 5th National Colloquium for Information Systems Security Education,
Acceptable Use Policy Quiz Boston Public Schools Technology Awareness Initiative.
August 9, 2005 UCCSC IT Security at the University of California A New Initiative Jacqueline Craig. Director of Policy Information Resources and.
ITS Offsite Workshop 2002 PolyU IT Security Policy PolyU IT/Computer Systems Security Policy (SSP) By Ken Chung Senior Computing Officer Information Technology.
© 2015 Jones and Bartlett Learning, LLC, an Ascend Learning Company All rights reserved. Security Policies and Implementation Issues.
Network security policy: best practices
Ferst Center Incident Incident Identification – Border Intrusion Detection System Incident Response – Campus Executive Incident Response Team Incident.
New Data Regulation Law 201 CMR TJX Video.
1 Chapter Overview Planning an Audit Policy Implementing an Audit Policy Using Event Viewer.
FCMAT Technology Recommendations Fil Duldulao Shawn Cabey David Flores Julienne DeGeyter.
“ Technology Working For People” Intro to HIPAA and Small Practice Implementation.
Security Baseline. Definition A preliminary assessment of a newly implemented system Serves as a starting point to measure changes in configurations and.
Current Job Components Information Technology Department Network Systems Administration Telecommunications Database Design and Administration.
1 General Awareness Training Security Awareness Module 1 Overview and Requirements.
Keeping you Running Part I Experiences in Helping Local Governments Develop Cyber Security and Continuity Plans and Procedures Stan France & Mary Ball.
Student Confidentiality: The FERPA/HIPAA Facts AISD Policy Student Records AISD Procedure AP. 11.
Training to meet requirements for Children’s Internet Protection Act (CIPA)
 INADEQUATE SECURITY POLICIES ›Each covered entity and business associate must have written polices that cover all the Required and Addressable HIPAA.
Information Technology Study Fiscal Crisis and Management Assistance Team (FCMAT) Las Virgenes Unified School District Presented By: Leslie Barnes Steve.
Technology Overview Kim Davis Coordinator of Technology Support Services.
ACTIVE DIRECTORY : AN INTRODUCTION The Network Team Knox County Schools.
Pembroke Pines Charter Middle School Central Campus Proudly Presents Technology Night 2013.
LeToia Crozier, Esq., CHC Vice President, Compliance & Regulatory Affairs Corey Wilson Director of Technical Services & Security Officer Interactive Think.
Eliza de Guzman HTM 520 Health Information Exchange.
Lesson 9-Information Security Best Practices. Overview Understanding administrative security. Security project plans. Understanding technical security.
Ali Pabrai, CISSP, CSCS ecfirst, chairman & ceo Preparing for a HIPAA Security Audit.
IT Security Policy Framework ● Policies ● Standards ● Procedures ● Guidelines.
Working with HIT Systems
Component 8/Unit 6aHealth IT Workforce Curriculum Version 1.0 Fall Installation and Maintenance of Health IT Systems Unit 6a System Security Procedures.
TOP TEST SECURITY RECOMMENDATIONS FOR SCHOOL DISTRICTS John Fremer, Ph.D. President Caveon Test Security October 25, 2006.
Middle School iPad Projects School Year Alki Discovery Gaiser Jason Lee Jefferson McLoughlin.
Implementing Server Security on Windows 2000 and Windows Server 2003 Fabrizio Grossi.
Ed Tech Audit Case Study Pete Reilly. Process Meetings with the Superintendent Extended meetings with the technology coordinator Meeting with each administrator.
Configuring, Managing and Maintaining Windows Server® 2008 Servers Course 6419A.
Creating and Managing Networks CSC February, 1999.
Chapter 3 Pre-Incident Preparation Spring Incident Response & Computer Forensics.
Working with HIT Systems Unit 7a Protecting Privacy, Security, and Confidentiality in HIT Systems This material was developed by Johns Hopkins University,
Technology Services Division Rebecca Stilling Deputy Director.
Safeguarding Sensitive Information. Agenda Overview Why are we here? Roles and responsibilities Information Security Guidelines Our Obligation Has This.
SemiCorp Inc. Presented by Danu Hunskunatai GGU ID #
FERPA & HIPAA: Maintaining Student Confidentiality.
SCHOOL LEADERS & INTERNET SAFETY James Graves. CHILDREN’S INTERNET PROTECTION ACT (CIPA)  Act of Congress (2000)  E-rate federal funding requirements.
Appendix A: Designing an Acceptable Use Policy. Overview Analyzing Risks That Users Introduce Designing Security for Computer Use.
Yazoo City Municipal School District Technology Department
CompTIA Security+ SY0-401 Real Exam Question Answer
Information Technology (IT) Department
Move this to online module slides 11-56
Final HIPAA Security Rule
Bethesda Cybersecurity Club
Security week 1 Introductions Class website Syllabus review
PLANNING A SECURE BASELINE INSTALLATION
What does that have to do with me?
Agenda The current Windows XP and Windows XP Desktop situation
Presentation transcript:

Securing the System A K-12 Case Study

Background Rural School District 93% Free and Reduced Lunch 1100 students 3 Schools 1 Systems Administrator

Regulations CIPA – Child Internet Protection Act NCLB – No Child Left Behind HIPAA – The Health Insurance Portability and Accountability Act FERPA – Family Educational Rights Protection Act

Problem Frequent Server Crashes No Backups Patch Levels Out of Date Overlapping Policies Generic Logins Sketchy Licensing Lack of System Security No Technology User Agreement No Valid Technology Plan

Steps Taken Redefined the Technology Team Director of Technology Systems Administrator Network/Computer Technician Streamlined and Consolidated Servers and Connections Consolidated the districts data aggregation point Centralized Management of System Established a Backup Procedure

Steps Taken Established logins for all students at the middle/high school Required a Technology User Agreement signed and on file Restricted access thru all ports Purchased an I-Prism content filtering solution

Steps Taken Deleted all policies and started from scratch Set alarms and monitoring procedures in place to monitor the system Restricted access to the SYS folder to the Technology Team Set up home directories for both students and faculty Re-imaged computers with standard settings

Is It Secure? The system, while better, is still at risk for a serious security breach.

What Now? To secure the system further: A tiered security policy system needs to be implemented Teachers need to be trained on the use of class monitoring software The district should implement an annual security audit to ensure that all new threats are addressed promptly Money should be budgeted in the general fund for upgrades and future needs

What Does It Look Like? Internet Firewall Technology Department District Office Elementary School Middle/High School Novell Gwava I-Prism Sophos 7 Servers 2 Servers

Questions?

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.