From government agencies to private businesses, cyber security is both a concern and a priority in order to protect personal information, financial transactions, and more. Des Moines Public Schools employs a staff of professionals who work around the clock to ensure student information and the district’s tens of thousands of devices are protected from cyber attacks. Keeping up with the newest technology updates and vulnerabilities means continuous learning for leadership and staff as technology continues to improve at a breakneck pace in the United States and around the world.
Following a recent security breach at a school district in California, we want to share an overview of the technology defense work at DMPS, including protecting student information.
“Our mindset is ‘when’ not ‘if’ the time comes when we fall subject to an attack,” said Lisa Irey, DMPS Director of Technology.
The technology department recently shared an overview of the DMPS Cyber Security Plan with the school board at their request. Read on to learn the many ways DMPS IT professionals are protecting us from individuals who would do the district harm.
Des Moines Public Schools has many forms of cybersecurity to protect district data. With the danger of security threats more present than ever, DMPS protects data at every level. The district utilizes a layered security model, which safeguards against the fallibility of one system. If one system misses a malicious event or bad actor, another one will catch it. DMPS also diversifies security between two companies, both of which use a world-wide install base to get the latest information to keep data secure. This security model can be likened to a fortress with defenses at many levels to protect from attacks.
One of these defenses is a firewall, which protects from outside threats such as malware, malicious traffic, and various attacks. It works by monitoring traffic patterns; if it detects deviations from the status quo, it shuts it down to prevent catastrophic events. The firewall is connected to a database that monitors IP addresses all over the world. This allows it to continuously update its database when suspicious activity is detected anywhere and notify others of threats. It sends updates and alerts to all firewalls to stop this bad actor or malicious behavior.
DMPS also utilizes a cloud service that protects users no matter where they are working from or where they go on the internet. It uses a URL filter and application filter, along with a malware/malicious activity blocker which blocks threats before they even reach the network. By collecting and categorizing all internet activity, it offers shorter response times for incidents.
An Automated VPN, or Virtual Private Network, connection works on a lower level to create a secure, encrypted connection. It ensures traffic is encrypted and prevents man in the middle attacks when staff and students are connected to public Wi-Fi. It also filters students’ and staff’s internet activity and browsing sessions, preventing traffic to inappropriate sites that could lead to security threats.
The district also uses a program that specifically protects user data. It collects data across all users and devices, including the file system, email, and chats (SharePoint, OneDrive, Outlook, and Teams). It provides data loss prevention and detects threats, including malware, hacking, and insider threats using artificial intelligence.
There are also security measures in place at the individual level. Every staff member in technology contributes to keeping data secure. Whether someone is running network cable, configuring a server, or working with a customer, all are security oriented and capitalize on opportunities to protect the fortress from a different angle.
All district staff members contribute to our cybersecurity. They are required to use a 16-character passphrase. A simple 16-character password is harder to crack than an 8-character complex password. Passwords are only changed when the end user initiates it or suspicious activity is detected, which reduces the instances of forgotten passwords and the security threats they can cause. All staff are required to use multi-factor authentication, which significantly reduces the risk of someone hacking into one of our accounts. The district also uses a system to simulate phishing scams to educate end users on email security threats. It trains them to double check the sender address, hover over a hyperlink to check the address, and contact the sender using a different medium when they feel an email is suspicious. The district also uses SafeLink to check for links sent through email or Teams, assuring they are safe to click and are not linked to a malicious destination.
Each of these systems works together to protect DMPS’s data from many threats. The district’s data is protected by a strong fortress with many defenses, each at a different level.
Submitted by Anna Shearer