by Dawn Brinson, NHCS Chief Technology Officer
One of New Hanover County Schools’ main priorities is keeping students safe while at school. Safety is not limited to just physical safety, but also digital safety. As you may have heard on the news, there have been some major security breaches at well known businesses and public entities, including school systems in North Carolina. We thought we would take the time to inform you of the measures that NHCS take to keep our students and staff digitally safe.
A robust enterprise filtering system is in place to protect students against malicious content – whether intentional or inadvertent. A team has been assembled consisting of security and instructional specialists to set baselines for the categories that we are filtering, which are based on age appropriate content. We have infrastructure in place to automatically update and patch NHCS devices to address the latest identified security threats.
Ransomware attacks have also been in the news over the past few months. There are security measures that we have taken to decrease the likelihood of a ransomware attack; unfortunately, end users’ behaviors cannot be controlled.
One of the most common ways that ransomware attacks are carried out is via phishing emails. As of March 2016 according to PhishMe.com, 93% of all phishing emails contained ransomware attacks. These emails will have attachments that look legitimate and may or may not be from someone you know. It’s important to not open unsolicited attachments from emails unless you are 100% certain of their authenticity. It is reasonable to reply or call the person to verify the validity of the attachment if you know them. If you do not know the person that should be a big red flag.
Knowing that the majority of ransomware comes in via email, we do heavy spam filtering. We currently scan all email for spam internally and externally that passes through our system at an aggressive level. While this is often successful in identifying the spam and categorizing it as so, it is still important that the end user be diligent and question each email. No spam filtering is 100% effective.
Ransomware, malware, and viruses are a constant threat to NHCS users and assets. We currently have deployed multiple levels of security such as district-wide Firewalls, IPS (Intrusion Prevention System), Web Filtering and Antivirus. Unlike traditional viruses that are designed to infect machines and cause significant harm and data loss, Ransomware is designed to lock the user out of their data/equipment until they pay a ransom to unlock the data. They are not out to explicitly destroy data, they want you to pay the ransom, so the data is kept intact. One of the ways that the system protects important data is to back it up regularly. This allows us the ability to restore data that may have been encrypted by a ransomware attack.
In an effort to stop ransomware from overwriting files on our servers, we do block certain file extensions from being written to server drive space. If a user is compromised with ransomware, this will provide us with some protection from the user encrypting files on the shared server space with other users.
Education, Tips, and Strategies
While we make best efforts to protect students via hardware and software, we also have a Digital Citizenship course that is implemented in sixth grade. Additionally, each teacher is responsible for teaching students about internet safety.
We would not be doing our duty if we didn’t share some strategies that can be done at home to keep you and your child’s data safe. The easiest thing that users can do is in regards to passwords:
Don’t write them down;
Use a different password for each site; and,
Passwords need to be complex.
Businesses have made it very convenient to stay connected by providing public wi-fi. Do not use this wi-fi to do transactions with banks, credit cards, as well as medical records. It is easy for someone to gain access to your account information through public wi-fi networks.
How Parents Can Help
Parents are encouraged to have discussions with their children about what is appropriate technology behavior/usage and what isn’t and why. This should include not sharing personal information. Children need to be taught how to analyze search results for what is true and what is just someone’s opinion. They need to know that just because it came up in a Google search doesn’t make it true. Monitor children’s use, consider implementing parental controls such as software-based web filtering, or using your wireless router’s built-in parental controls if available.
Understanding where your data is stored is very important as well. When you are signing yourself or your child up on websites, there is a good chance that the servers that house the data do not reside in the USA. There are websites that are hosted in countries that have no laws governing the use of your data or who it can be shared with; often it is just stolen and sold off to the highest bidder. Doing some research to determine where the company is located can save you from sharing data with nefarious companies that may be out to steal your data. Identity theft should be on everyone’s mind. Sharing information like birth dates and addresses with websites that do not need that information for the service they are providing is a big red flag. Publicly sharing personal identifiable information like phone numbers, addresses, birth dates, etc., can be used to build a profile on you that can be used to create other accounts or impersonate you.
Technology is everywhere, and because of that we now reside in a digital age. The measures we take to protect our students is of the utmost importance. We hope that the information stated above will provide insight and generate conversations to help use technology in a responsible manner.