Browse By Topic

• RSS News Feed
• News Archive
• Opinion
• Features
• Wireless Technology
• Hardware
• Security/Privacy
• Integration/Networking
• Professional Development
• Special Needs Students
• Data Management
• Display/Presentation
• eLearning/Web
• Accountability/Assessment
• Policy/Research
• Funding
• Telecom
• Business Intelligence
• Green

Magazine

• Current Issue
• Archives
• Article Search
• Editorial Calendar
• Editorial Board

Newsletters

• T.H.E. News Update
• Collaboration 2.0
• THE SmartClassroom
• School Security
• Classroom Tools & Tips

Events

• FETC
• Innovative Learning Conf.
• Congress on Content

Subscription Services

• Magazine
• eNewsletters

Resources

• Learning Centers
• White Papers
• Webinars
• RoadMap to the Web
• Education Plaza
• Sylvia Charp Award
• Conference Calendar
• FETC 2008 Vendor Focus
• Podcasts
• School Security
• 21st Century Skills
• Professional Development in Technology
• Dropout Prevention
• Math Intervention

Marketing

• About Us
• Media Kit
• Press Releases
• PR Guidelines
• Contacts

October 2008 — Security Supplement

Print this article | Email this article

Click here to receive your FREE subscription to T.H.E. Journal

More Is More

by Andy McDonough

No one solution can defend K-12 computer networks against the proliferation of digital threats. A multilayered strategy that addresses cyber safety on many fronts is a district's best hope.

WHAT DO K-12 SECURITY threats have in common with chilly temperatures? The best defense against them is layers.

"There is no one silver bullet," says Randy Abrams, director of technical education at ESET, a producer of anti-malware solutions. "The best security lies in layers of protection-- defense in depth."

Because of the sheer volume and variety of threats looming in cyberspace, no single security strategy can adequately safeguard school campuses and networks. Firewalls and filters alone won't keep online menaces at bay. Establishing well-drawn security policies isn't enough either. Nor is educating staff and students about the dangers in their midst.

But implemented together, they can form a multilayered security system that can reduce the risk posed by hackers, viruses, predators, phishers, and whatever else lies in wait in the virtual ether. And Abrams maintains, that's the only reasonable goal of a security strategy: not to eliminate risk, but to manage it-- to prepare for as many knowable threats as possible and take steps to preempt any damage they can do.

According to Abrams, in the effort to manage risk, no one layer of defense is more important than the other. He draws on the different components of car safety to make his point. "Is the steering wheel or the brakes more important?" he asks. "Does that mean the seat belt can be overlooked?"

There may be no most important layer, but there is a first one: An effective security plan begins with setting and enforcing a clear and precise acceptable use policy.

"Districts operate from a defensive position more often than an offensive position," explains Bob Kirby, senior director of K-12 education for CDW-G. Creating an AUP, Kirby says, is one of the few proactive moves a district can make. Amending that policy frequently to keep up with ever-emerging threats is critical. That's why some of the latest data from CDW-G's annual "School Safety Index" survey is disappointing, including this finding: Only 4 percent of districts update their AUP more than once a year. Moreover, one out of five districts updates its security policies only once every two or three years.

"In order for an AUP to be effective, it has to be treated as a living document," Kirby says. "Districts need to incorporate the latest trends and threats into their policies."

It's also important that the policy be comprehensive, leaving no potential security break unaccounted for.

• Next »
• 1. 1
  2. 2
  3. 3
  4. 4
  5. 5