Databus Issue: 2004 3 07/30/2004
President's Message
Oswaldo A. Galarza PresidentSecurity In Our Schools
PDF
Forensic technology, intrusion detection, spyware, virus protection, encoding, secure communications, http virus scanning, VPN, spoofing, honeypots, fishbowling, and a host of other terms have all become part of our regular techno lingo when discussing the security or lack thereof in school district networks.
Protecting network resources, while permitting authorized access to information, are goals that are naturally
opposed and represent a daunting challenge for K-12 technologists. Information security is not only a technical challenge but also a financial burden to already thin budgets.
School districts in California host some of the most complex and challenging network environments. A number of school districts have budgets of several hundred million dollars, hundreds of remote sites, thousands of computers, multiple-operating system environments, wired and wireless connectivity, brand new schools and some of the oldest school buildings.
Districts host networks across multiple cities, multiple cable-companies and phone providers. In some small cases, the district is the sole ISP for the area. However, unlike corporations, directives that ensure security, standardization and the enforcement of strict security mandates do not apply in most schools in California. School districts are unique environments where technology departments can face security attacks from internal sources, such as misguided bright students, unethical workers, troublemakers looking for prey, disgruntled employees, as well as threats from external sources, both foreign and domestic. Basically, anyone on the Internet, including friendly staff or students that do not implement virus protection measures on their personal computer can be a threat to district network security.
We’ve all heard numerous things such as “Stay on Windows 98-Second Edition”, the viruses are only affecting W2K systems; buy Macs, close all ports except 80; eliminate all floppy drives; do not allow any user to install any software. In short, we can protect our network to the point of making technology unfriendly and inaccessible.
One of the greatest challenges for K-12 technologists is to implement security while maintaining environments that enhance and foster student and teacher access to technology. Districts are unique, in that on any school site, a student, teacher or parent volunteer can hang a wireless unsecured device on our network. Hackers need only drive around to find an easy source for Internet access.
Having said this, and given our limited budgets, limited staff and substantial challenges, most K-12 technologists are doing a great job of delivering secure Internet access to K-12 students and staff.
Keep up the great work! This volume of the DataBus is focused on security.
I hope the articles and vendor information on security are of value to you. The CETPA board encourages your participation and articles. Drop a note to Andy Prestage, DataBus publications director, at anprestage@kern.org, with your success story or “challenged implementations” article. Please remember to mark your calendars for the 2004 CETPA Conference, “Digital Roundup,” at the Sheraton, Grand Hotel in Sacramento (November 17-19). CETPA is
always looking to feature K-12 technologists in the DataBus or at the conference
