Printer Friendly
The Free Library
14,380,416 articles and books
Member login
User name  
Password 
 
Join us Forgot password?

Security isn't just for techies anymore.


During the time it takes you to read this article, your computer network will have been scanned and assessed for vulnerabilities by some unscrupulous individual attempting to exploit any identified weakness. At the same time, school district personnel are placing confidential correspondence or student data onto a common network folder In a graphical user interface (GUI), a simulated file folder that holds data, applications and other folders. Folders were introduced on the Xerox Star, then popularized on the Macintosh and later adapted to Windows and Unix. In Unix and Linux, as well as DOS and Windows 3.  and perhaps your human resources The fancy word for "people." The human resources department within an organization, years ago known as the "personnel department," manages the administrative aspects of the employees.  and administrative services departments are processing new applicants into your financial software application. Meanwhile, students in your schools are actively exploring the Internet as part of a class.

You may be thinking, "I don't have any worries. The security of my district's technology is not my responsibility-that's why we have a technology department." This mindset mind·set or mind-set
n.
1. A fixed mental attitude or disposition that predetermines a person's responses to and interpretations of situations.

2. An inclination or a habit.  could be costing you, your students, staff and school district more than you know. Imagine your e-mail or phone service being out of service for several days. What horrors come to mind if an unauthorized individual gained access to your student, financial, assessment or human resource data?

School district networks are particularly difficult to protect given the diverse types of users, software, equipment and connections that most school districts provide. Take a look around you. How many flavors of technology are you serving in your district? Do any of these items sound familiar: desktops, laptops, handhelds, servers, LAN/WAN LAN/WAN Local Area Network/Wide Area Network  connections, wireless access and remote access?

Surely your district has a common platform and common specifications for all software applications, access and equipment making it easy for your numerous and well-rested technology staff to maintain and support. Surely you already devote a significant portion of your budget to support security in the area of technology. Undoubtedly, staff turnover in your district is non-existent so that users are always highly trained and aware of your up-to-date and well-publicized technology security policies and procedures Policies and Procedures are a set of documents that describe an organization's policies for operation and the procedures necessary to fulfill the policies. They are often initiated because of some external requirement, such as environmental compliance or other governmental .

Does this sound like your school district or any other district you know? Probably not.

Types of Threats

Vulnerabilities to the security of your district's technology infrastructure can relate to users, data, software, hardware and transmission. While many of us are familiar with the problems of computer viruses and worms or individuals gaming unauthorized access to electronic records or systems, new threats appear faster than you can learn how to avoid the old ones. Have you heard the latest about spyware Software that sends information about your Web surfing habits to its Web site. Often quickly installed in your computer in combination with a free download you selected from the Web, spyware transmits information in the background as you move around the Web.  or phishing Pronounced "fishing," it is a scam to steal valuable information such as credit card and social security numbers, user IDs and passwords. Also known as "brand spoofing," an official-looking e-mail is sent to potential victims pretending to be from their ISP, bank or retail establishment. ?

Top district leadership should take ownership for understanding and monitoring the security of their technology. This does not mean you need to be able to articulate the difference between the application layer and the transport layer of your district's network operating system An operating system that is designed for network use. Normally, it is a complete operating system with file, task and job management; however, with some earlier products, it was a separate component that ran under the OS; for example, LAN Server required OS/2, and LANtastic required DOS. . However, it does require that you treat technology security as a fundamental part of the district's core functions.

Providing adequate financial resources and support personnel is an essential start. TCO (1) (Total Cost of Ownership) The cost of using a computer. It includes the cost of the hardware, software and upgrades as well as the cost of the inhouse staff and/or consultants that provide training and technical support. See ROI.  is not the name of the latest musical group to make the charts. It stands for the "total cost of ownership" for technology purchases and existing infrastructure. It means ensuring sufficient funding for training in security for support personnel and for the purchase of the needed tools and contracted services for the ongoing assessment of the security of your technology. Careful analysis prior to purchasing software, hardware and telecommunications services In telecommunication, the term telecommunications service has the following meanings:

1. Any service provided by a telecommunication provider.

2.  allows you to address potential security pitfalls.

Review of your district's technology security policies should be an ongoing activity. Good communication with your technology staff is a start. You entrust these staff members to carry out the district's technology initiatives. Providing leadership and support through your involvement is important. As the key administrator, your behavior and beliefs set the tone for the development of technology security procedures.

All staff should be trained on the district's security procedures. Reminders and refreshers are inevitable given the changing nature of technology and staff turnover. Likely training topics deal with completing backups of data, choosing and securing passwords, installing and updating anti-virus software anti-virus software nAntivirensoftware f  and emphasizing common-sense concepts like logging off network accounts when away from one's workspace.

These may seem trivial until you walk around your district office to see how many users have their passwords written on a Post-it [R] note stuck to their monitor or never shut their computers down because they don't have time.

Security Audits

While audits of a school district's curriculum and financial records are neither unusual nor questioned, mention the phrase "security audit for technology" and some people will think you are talking about jiggling the door knob to the computer lab at the end of the day to be sure it's locked. Consider hiring a qualified consultant, perhaps recommended by your state education agency, to audit the security of your technology and probe for vulnerabilities.

Administrators should subject their technology systems to the same auditing rigors that you would apply to a core educational area.

Gone are the days when everyone played nice and we could leave our schools open for everyone to use. The security of your district's technology is an increasingly complex task. While no policy, process or system is ever infallible in·fal·li·ble  
adj.
1. Incapable of erring: an infallible guide; an infallible source of information.

2. , logical and reasonable steps can minimize your exposure to security problems and crises.

Lane Mills is the assistant superintendent Assistant Superintendent, or Assistant Superintendent of Police (ASP), was a rank used by police forces in the British Empire. It was usually the lowest rank that could be held by a European officer, most of whom joined the police at this rank.  for accountability and technology for Wilson County Wilson County is the name of four counties in the United States:
  • Wilson County, Kansas
  • Wilson County, North Carolina
  • Wilson County, Tennessee
  • Wilson County, Texas
 Schools, P.O. Box 2048, Wilson, NC 27893. E-mail: Lane.Mills@mail.wilson.k12.nc.us.
COPYRIGHT 2004 American Association of School Administrators
No portion of this article can be reproduced without the express written permission from the copyright holder.
Copyright 2004, Gale Group. All rights reserved. Gale Group is a Thomson Corporation Company.

 Reader Opinion

Title:

Comment:



 

Article Details
Printer friendly Cite/link Email Feedback
Title Annotation:Tech Leadership
Author:Mills, Lane B.
Publication:School Administrator
Geographic Code:1USA
Date:Jun 1, 2004
Words:855
Previous Article:Landing the best trustees in your boardroom.(Board-Savvy Superintendent)
Next Article:Emotionally intelligent principals: addressing the affective demands of newcomers through one-on-one coaching.
Topics:



Related Articles
Managing the new technical employee.
Grub: WWII and Techies.(Brian Vidor's The Hump)(Brief Article)
COMPANIES CRAVE HIGH-TECH KNOW-HOW, BUSINESS SMARTS.(BUSINESS)
Now loading: Windows XP--the best operating system ever or something we can do without? (Technology Report).(Evaluation)
Same as it ever was. (Review).(Leading for Business Results: Leadership in the New Economy)
Plug in. (Cybersurf).(web site features the world's most tech-friendly hotels)(Brief Article)
Ten immutable laws of security.(Security)
The classroom of the future.(Editor's Note)
How you.(MAIL DROP)(Letter to the Editor)
Mayor Michael Bloomberg joins Jack Rudin, chairman of Rudin Management, and William C. Rudin, president of Rudin management, at the 10th Anniversary...

Terms of use | Copyright © 2009 Farlex, Inc. | Feedback | For webmasters | Submit articles