NETWORK SECURITY

PRESENTED BY

KAREN BOULANGER

EXECUTIVE DIRECTOR, IT

DEFINITION

Network security is the protection of access to files

and directories in a computer network against

hacking, misuse, and unauthorized changes to the

system.

Common Network Security Threats

•Viruses, worms, and Trojan horses

•Spyware, malware, and adware

•Denial of service attacks

•Data interception and theft

• Identity theft

Malware

Software created to act maliciously and destroy or access a computer’s

information without the knowledge of the user. It is often launched through a

link on a website or email that installs in the background.

Phishing

Phishing is the practice of using deceptive email messaging and websites to trick

users into giving up confidential – often financial – information. If often looks

like it is coming from a trusted brand or institution, including your employer. The

name is related to the idea of “fishing” for leads.

Protection Measures and Tools

• Accounts with strong passwords(8 character minimum; 3 of 4 required - capital, lower, number, or special)

• Regular computer updates(requires machines to be shutdown and restarted daily)

• Endpoint Protection

• Palo Alto Firewall

• iBoss Web Filter

• ClearPass Wireless Management

How can staff and students help?

• Use individual network accounts and not share login info with others.

• Keep strong, difficult-to-guess passwords and do not post them in

easy-to-find locations.

• Do not click on links or open attachments in suspicious-looking emails.

• Be sure you are on a secure site for confidential and financial

transactions. Look for “https” prefix, not just “http”.

• Shutdown ALL machines nightly (to prevent intrusion and to obtain

critical security updates and patches).

• Submit help desk ticket if Endpoint Protection

is not running on your district/school machine.

LOOK FORs

• A mismatched URL - Hover over the link to see the actual address

• Misleading domain name that seems to be legitimate

such as microsoft.emailtest.com

• Poor spelling or grammar

• Requests for personal information

(such as username, password, credit card number, answer to a security question)

• Any requests for money

• Offer seems too good to be true - If received in an email, it probably is!

• You didn’t initiate the action and/or you were not expecting to receive the link or

attached file, even if it seems to come from someone you know.

• Unrealistic threats or extremely urgent need for response

If something just does not look right, investigate and verify!

If you receive unwanted emails, please simply report it by

clicking the “Report Spam” icon:

Incidents Seen and Addressed in our Schools

• Cyber bullying, Vulgar language, Misuse of Chatexample: Enfamil attack last year

• Viewing pornography on school computer; filming/sending video by cell phone

• VPN/Proxy Apps for filter avoidance (on phones and USB drives)

developed primarily for bypassing or avoiding the web filtering policies that are currently in place for all

users; including but not limited to Psiphon, Betternet, Ultrasurf, SurfEasy, Avast secure line, etc.

• Botnetcollection of infected computers used to perform malicious actions on a hacker’s behalf

• Keylogger softwaretype of spyware used to record a user’s keystrokes; used to attempt to replicate passwords/usernames

• Executable files (on shared drives and USB drives)

These files are being brought in as standalone applications on student’s flash drives that they are in turn

using to running gaming applications, other operating systems, and proxy avoidance in our environment.

Also, many viruses enter our network via .exe files, from email links, email attachments, and flash drives.

Information Technology Code of Conduct gr 6-12

Violation Levels

Strict Enforcement

is required to

protect RRPS!

High School Student Discipline Matrix (Middle School is nearly identical)

Violation

Level 1

Violation

Level 2*

Violation

Level 3*

* RRPD referral may be filed on all Level 2 and 3 infractions.

Please help spread the word!

Please communicate network security concerns to all staff, students, and

parents. Help everyone understand how to protect themselves and the RRPS

network with the items on slides 7-9.

Related IT Topics

•Personal devices with filter avoidance apps

•Continued enforcement of violations on district devices

•Pilot of RRPS-provided student e-mail

•CIPA Compliance and Internet Safety Education

•USB Drives

QUESTIONS?