CYBERSECURITY_101

Goal 1. Develop security habits and procedures that protect Information Resources.

  • #1st Tip. Lock your PC when you are away. ...
  • #2nd Tip. Change your passwords. ...
  • #3rd  Tip Consider physical Security. Where can you keep your computer so that others do not have access especially to critical data? This may mean, teachers should not allow students behind their desks while they are logged in. This may mean that all servers and switches be locked to public access. This may mean that secretaries have a partition between their computer and the public. 
  • #4th Tip. Keep your software up-to-date. (Run NINITE each week and that your Windows updates have run properly)...
  • #5th Tip. Have an antivirus installed on your computer. (keep Malwarebytes and Symantec up-to-date)
  • #7th Tip. Back up. (Arp ISD backs up all data through Spanning and to the UT Health Science Center)

Objective 1.1 Principles of Information Security:
    (a) Users should be aware of what "information security" means. 
        Information systems security, more commonly referred to as INFOSEC, refers to the processes and methodologies involved with keeping information confidential, available, and assuring its integrity. It also refers to:
  • Access controls, which prevent unauthorized personnel from entering or accessing a system.
  • Protecting information no matter where that information is, i.e. in transit (such as in an email, or phone conversation, fax or printing) or in a storage area.
  • The detection and remediation of security breaches, as well as documenting those events.
            There are three primary components of an Intrusion Detection System (IDS):
      • Network Intrusion Detection System (NIDS): This does analysis for traffic on a whole subnet and will make a match to the traffic passing by to the attacks already known in a library of known attacks. Malwarebytes Enterprise Version & Meraki MDM assist the district with IDS.
      • Network Node Intrusion Detection System (NNIDS): This is similar to NIDS, but the traffic is only monitored on a single host, not a whole subnet.
      • Host Intrusion Detection System (HIDS): This takes a “picture” of an entire system’s file set and compares it to a previous picture. If there are significant differences, such as missing files, it alerts the administrator.
     (b) Users should be aware of the types of information (e.g. confidential, private, sensitive, etc.) they are responsible for safeguarding.  You can safeguard this information through shredders, lockable storage, secured cloud encryption,  and through confidentiality training. 

      • Example of confidential information is covered under IDEA and FERPA. 
      • Example of private information: Information that a user wishes to keep from public viewing. Credit card, social security, and financial account numbers, along with passwords to websites and other venues, are commonly kept private.
      • Example of sensitive information: The three main types of sensitive information that exist are: personal information, business information, and classified information.
     (c) Users should be aware of the forms and locations of the information they are responsible for safeguarding.
      • Examples of forms of information - student information (PEIMS), health information, IDEA, FERPA, 504, discipline.
Objective 1.2 Best Practices to Safeguard Information (All Forms) and Information Systems     
    (a)   Users should be aware of how to safeguard against unauthorized access to information, information systems, and secure facilities/locations.    
      • Arp ISD has all areas of concern marked with signs that prohibit public access under the CJIS Security Act. 
      • Arp ISD has physically blocked access to secretaries and their computer systems
      • Arp ISD requires all users of computer systems to be trained on the Acceptable Use Policies.
      • Arp ISD requires all passwords to be complex (capital, small, numbers and weird character)  Arp ISD passwords should also be unique (not the same as other passwords you might be using)
      • Arp ISD requires all users to maintain their own usernames and passwords and to safeguard their systems against unauthorized use. 
      • Arp ISD requires all employees to be trained in the confidentiality laws for IDEA and FERPA. 
    (b) Users should be aware of best practices related to securely storing information.
              
      • Arp ISD does not allow flash drives or thumb drives or external drives in the district. These are NOT considered secure at any time. Many of these are able to load keyloggers on your computer which will track all your keystrokes, including bank account numbers, passwords, and more!
      • Arp ISD requires all data to be stored in the cloud under the user's username and password. Sharing of files and folders must be done with the appropriate person or persons according to confidentiality guidelines.
   (c) Users should be aware of best practices related to securely disposing and sanitizing information and information systems.
      • Arp ISD has disposal schedules in place for all information types. Disposal requires shredding or destruction by qualified personnel
      • Arp ISD destroys all hard drives before sending the devices to a recycler. The recycler certifies the destruction of any data storage device.  
      • Arp ISD uses low-level format techniques to clean any device they sell or give to Arp ISD students/faculty members. 
Goal 2: Best practices for detecting, assessing, reporting, and addressing information security threats. 
   (Objective 2.1) Users should be aware of the meaning of "threat", "threat actors", "risk" and "attack".  
      • Arp ISD prepares all students and employees with guideline - "if you know, you must tell". This assists the administration in detecting and reporting any threats to students, student data, or security issues.
      • Arp ISD audits all traffic and systems on a regular basis. 
      • Arp ISD uses BARK, a logging system that assesses any security threats to systems, students, or personnel.
      • Arp ISD gets regular reports from Meraki MDM on threats to the wireless components in the district
      • Arp ISD gets instant reports from Symantec and Malwarebytes Enterprise for any threats to computer systems.
      • Arp ISD monitors bandwidth usage for systems that might be infected. 
      • Arp ISD is aware of guidelines from TEA to report any security breaches that affect sensitive data in the district. 
      • Arp ISD requires all employees to go through Security Training to keep all users in the loop for phishing schemes and security threats. 
      • Arp ISD does not allow users to access malicious sites such as Facebook and LinkedIn.
      • Arp ISD Tech Dept keeps up with the latest threats through journals, tecsig, and KnowBE4. 
      • All employees receive up-to-date security alerts during current threats.
   (Objective 2.2) Awareness of how to identify, respond to, and report on information security threats and suspicious activity. 
       (a) Users should be aware of how to identify indicators for common attacks.
      • Arp ISD is a Google Suite user. Google will notify users if there is suspicious activity in their accounts. The Tech Director is also notified and given the opportunity to reset passwords for any account that is being attacked.
      • Arp ISD employees know to take screenshots of any weird warning that comes up on their computer. They know to send that screenshot to the Tech Dept and to wait for notification of either turning off their computer or sending the device name to the technicians so they can remote to it.   
      • Arp ISD has trained employees to watch for bogus emails with geographical irregularities and phishing scams. 
      • Arp ISD Tech Dept monitors suspicious traffic on the network which might include: large # of requests from the same file and other log-in red flags. 

The better employees’ security knowledge, the safer your network will be protected. Employees are the weakest link when it comes to cybersecurity!

REQUIREMENT:  Users must be able to identify acceptable information security habits and procedures, detect or identify basic information security threats, and be able to address and report basic information security threats. 

QUIZ - At the end of the Quiz, Capture your score using Greenshot and place it in a Word Document.  Add your name to the top of the page, Save the Word Document in Google Drive, Share the document with joy@arpisd.org. Your results will look something like this. 



Comments