District Administration April 2017 - 54


DISTRICT CIO

OUTSMARTING THE HACKERS

"Cybersecurity is not an
IT problem. It's a human
capital problem."
-Brian Harvey, superintendent,
Oxford School District

that fool users into disclosing passwords
or other private information, providing unauthorized access to a network or
unleashing malware.
Hackers also use the internet of
things (IoT)-the network of internetenabled devices such as thermostats or
lighting controls-to break into computer networks. Many IoT devices don't
have built-in defenses against cyberattacks and can be hacked if not properly
protected. A good practice is to reset factory-installed passwords, making devices
more difficult to compromise.
Ultimately, K12 education is among
the most-targeted sectors for cyberattacks, according to the most recent

"Internet Security Threat Report" from
cybersecurity consultant Symantec.
School districts maintain thousands
of personal records, the protection
of which is at the heart of all network
security efforts. Districts also often have
older networks regularly accessed by
young, inexperienced users on various
unsecured devices.
Best defense: Smart users
On any given day in 2014 in Arlington
Heights, Illinois, the Township High
School District's computer network
experienced about 6,800 attempted
cyberattacks, says Keith Bockwoldt,
directory of technology services. In

Avoid phishing attacks
Phishing attacks often involve receiving an email with an attachment or link from
what appears to be a colleague's email address.
It's typically altered by just one letter-for example, instead of j.jones@
schoolsample.org, it may be j.jones@schoolsanple.org (the "m" is replaced with an
"n"). A user may not notice the subtle character change and click on an attachment
(unleashing a virus or malware), or follow a link to a phony site that lures them into
revealing private information. To snare users who may not be paying attention,
hackers use various tricks-from creating intentionally blurry PDF preview
attachments to building fake Google landing pages.
Phishing hacks can be reduced by teaching users to inspect any suspicious email
with attachments or links. Look for the correct spelling of any sender's name as well
as the proper organizational nomenclature, such as name.name@schoolsample.org
(if that is how all district emails are structured). Also inspect links for questionable
web addresses before clicking.
See news story "Heed phishing scam warnings" on p. 24 for more information.

54 April 2017

2017, nearly 38,000 attempts are occurring daily on a network relied upon by
12,300 students and 1,675 staff.
DDoS attacks account for most activity, which also includes infected off-site
computers known as "zombie bots" trying to infect district computers. To repel
such an onslaught, the district preaches
user awareness as the best defense.
"We tell staff, 'If you feel you have an
email that's not legitimate or is a phishing scam, send it to the help desk,'"
Bockwoldt says. "We look at it right
away and confirm if it is, and then we
can send out a mass email to alert staff."
The district has installed technology
to identify and repel spoofed or forged
email addresses popular in attacks.
Some districts employ cybersecurity
consultants to provide awareness training that includes simulated phishing
attacks. "If you can train your students,
teachers and administrators what to look
for in a phishing attack, you're going to
solve a lot of cybersecurity issues," says
John Wood, CEO of Telos, a security consulting company. [See sidebar,
"Avoid phishing attacks."]
Hackers excel at writing passwordguessing scripts, so instructing users
how to create strong network passwords-involving more than a six-digit
mix of letters, numbers and symbols-is
a must. Regularly changing passwords
is also good practice, as is having users
password-protect any personal devices
they use to access district systems.
Policy vs. products
"Cybersecurity is not an IT problem,"
says Oxford superintendent Harvey. "It
is a human capital problem. It's a personnel problem."
As such, purchasing the latest security products is not always a panacea.
Keeping staff mindful of cybersecurity
threats and consistently reviewing policies offer cost-effective protection.
For instance, districts should have a
clear procedure for a ransomware attack.
Oxford did not have a written plan

District Administration



Table of Contents for the Digital Edition of District Administration April 2017

District Administration April 2017 - Cover1
District Administration April 2017 - Cover2
District Administration April 2017 - 1
District Administration April 2017 - 2
District Administration April 2017 - 3
District Administration April 2017 - 4
District Administration April 2017 - 5
District Administration April 2017 - 6
District Administration April 2017 - 7
District Administration April 2017 - 8
District Administration April 2017 - 9
District Administration April 2017 - 10
District Administration April 2017 - 11
District Administration April 2017 - 12
District Administration April 2017 - 13
District Administration April 2017 - 14
District Administration April 2017 - 15
District Administration April 2017 - 16
District Administration April 2017 - 17
District Administration April 2017 - 18
District Administration April 2017 - 19
District Administration April 2017 - 20
District Administration April 2017 - 21
District Administration April 2017 - 22
District Administration April 2017 - 23
District Administration April 2017 - 24
District Administration April 2017 - 25
District Administration April 2017 - 26
District Administration April 2017 - 27
District Administration April 2017 - 28
District Administration April 2017 - 29
District Administration April 2017 - 30
District Administration April 2017 - 31
District Administration April 2017 - 32
District Administration April 2017 - 33
District Administration April 2017 - 34
District Administration April 2017 - 35
District Administration April 2017 - 36
District Administration April 2017 - 37
District Administration April 2017 - 38
District Administration April 2017 - 39
District Administration April 2017 - 40
District Administration April 2017 - 41
District Administration April 2017 - 42
District Administration April 2017 - 43
District Administration April 2017 - 44
District Administration April 2017 - 45
District Administration April 2017 - 46
District Administration April 2017 - 47
District Administration April 2017 - 48
District Administration April 2017 - 49
District Administration April 2017 - 50
District Administration April 2017 - 51
District Administration April 2017 - 52
District Administration April 2017 - 53
District Administration April 2017 - 54
District Administration April 2017 - 55
District Administration April 2017 - 56
District Administration April 2017 - 57
District Administration April 2017 - 58
District Administration April 2017 - 59
District Administration April 2017 - 60
District Administration April 2017 - 61
District Administration April 2017 - 62
District Administration April 2017 - 63
District Administration April 2017 - 64
District Administration April 2017 - Cover3
District Administration April 2017 - Cover4
http://www.nxtbook.com/pmg/DA/DA_0420
http://www.nxtbook.com/pmg/DA/DA_0320
http://www.nxtbook.com/pmg/DA/DA_0220
http://www.nxtbook.com/pmg/DA/DA_0120
http://www.nxtbook.com/pmg/DA/DA_1119
http://www.nxtbook.com/pmg/DA/DA_1019
http://www.nxtbook.com/pmg/DA/DA_0919
http://www.nxtbook.com/pmg/DA/DA_0719
http://www.nxtbook.com/pmg/DA/DA_0619
http://www.nxtbook.com/pmg/DA/DA_0519
http://www.nxtbook.com/pmg/DA/DA_0419
http://www.nxtbook.com/pmg/DA/DA_0319
http://www.nxtbook.com/pmg/DA/DA_0219
http://www.nxtbook.com/pmg/DA/DA_0119
http://www.nxtbook.com/pmg/DA/TechX_1218
http://www.nxtbook.com/pmg/DA/DA_1218
http://www.nxtbook.com/pmg/DA/DA_1118
http://www.nxtbook.com/pmg/DA/DA_1018
http://www.nxtbook.com/pmg/DA/DA_0918
http://www.nxtbook.com/pmg/DA/DA_0818
http://www.nxtbook.com/pmg/DA/DA_0718
http://www.nxtbook.com/pmg/DA/TechX_0618
http://www.nxtbook.com/pmg/DA/DA_0618v3
http://www.nxtbook.com/pmg/DA/DA_0518
http://www.nxtbook.com/pmg/DA/DA_0418
http://www.nxtbook.com/pmg/DA/DA_0318
http://www.nxtbook.com/pmg/DA/DA_0218
http://www.nxtbook.com/pmg/DA/DA_0118
http://www.nxtbook.com/pmg/DA/DA_1217
http://www.nxtbook.com/pmg/DA/TechX_1217
http://www.nxtbook.com/pmg/DA/DA_1117
http://www.nxtbook.com/pmg/DA/DA_1017
http://www.nxtbook.com/pmg/DA/DA_0917
http://www.nxtbook.com/pmg/DA/DA_0817
http://www.nxtbook.com/pmg/DA/DA_0717
http://www.nxtbook.com/pmg/DA/DA_0617
http://www.nxtbook.com/pmg/DA/TechX_0617
http://www.nxtbook.com/pmg/DA/DA_0517
http://www.nxtbook.com/pmg/DA/DA_0417
http://www.nxtbook.com/pmg/DA/DA_0317
http://www.nxtbook.com/pmg/DA/DA_0217
http://www.nxtbook.com/pmg/DA/DA_SR0117Final
http://www.nxtbook.com/pmg/DA/DA_0117
http://www.nxtbook.com/pmg/DA/DA_1216
http://www.nxtbook.com/pmg/DA/DA_1116
http://www.nxtbook.com/pmg/DA/DA_1016
http://www.nxtbook.com/pmg/DA/DA_0916
http://www.nxtbook.com/pmg/DA/DA_0816
http://www.nxtbook.com/pmg/DA/DA_0716
http://www.nxtbook.com/pmg/DA/DA_0616
http://www.nxtbook.com/pmg/DA/DA_0516
http://www.nxtbook.com/pmg/DA/DA0416
http://www.nxtbook.com/pmg/DA/DA_0316
http://www.nxtbook.com/pmg/DA/DA_0216
http://www.nxtbook.com/pmg/DA/DA
http://www.nxtbook.com/pmg/DA/1215
http://www.nxtbook.com/nxtbooks/pmg/da201511
http://www.nxtbook.com/nxtbooks/pmg/da201510
http://www.nxtbook.com/nxtbooks/pmg/da201509
http://www.nxtbook.com/nxtbooks/pmg/da201508
http://www.nxtbook.com/nxtbooks/pmg/da201507
http://www.nxtbook.com/nxtbooks/pmg/da201506
http://www.nxtbook.com/nxtbooks/pmg/da201505
http://www.nxtbook.com/nxtbooks/pmg/da201505_AudioVisualSolutions
http://www.nxtbook.com/nxtbooks/pmg/da201504
http://www.nxtbook.com/nxtbooks/pmg/da201503
http://www.nxtbook.com/nxtbooks/pmg/da201502
http://www.nxtbook.com/nxtbooks/pmg/da201501
http://www.nxtbook.com/nxtbooks/pmg/da201412
http://www.nxtbook.com/nxtbooks/pmg/da201411
http://www.nxtbook.com/nxtbooks/pmg/da201410
http://www.nxtbook.com/nxtbooks/pmg/da201409
http://www.nxtbook.com/nxtbooks/pmg/da201408
http://www.nxtbook.com/nxtbooks/pmg/da201407
http://www.nxtbook.com/nxtbooks/pmg/da201406
http://www.nxtbook.com/nxtbooks/pmg/da201405
http://www.nxtbook.com/nxtbooks/pmg/da201405_AudioVisualSolutions
http://www.nxtbook.com/nxtbooks/pmg/da201404
http://www.nxtbook.com/nxtbooks/pmg/da201403
http://www.nxtbook.com/nxtbooks/pmg/da201402
http://www.nxtbook.com/nxtbooks/pmg/da201401
http://www.nxtbook.com/nxtbooks/pmg/da201312
http://www.nxtbook.com/nxtbooks/pmg/da201311
http://www.nxtbook.com/nxtbooks/pmg/da201310
http://www.nxtbook.com/nxtbooks/pmg/da201309
http://www.nxtbook.com/nxtbooks/pmg/da201308
http://www.nxtbook.com/nxtbooks/pmg/da201307
http://www.nxtbook.com/nxtbooks/pmg/da201306
http://www.nxtbook.com/nxtbooks/pmg/da201305
http://www.nxtbook.com/nxtbooks/pmg/da201304
http://www.nxtbook.com/nxtbooks/pmg/da201303
http://www.nxtbook.com/nxtbooks/pmg/da201302
http://www.nxtbook.com/nxtbooks/pmg/da201301
http://www.nxtbook.com/nxtbooks/pmg/da201301_AudioVisualSolutions
http://www.nxtbook.com/nxtbooks/pmg/da1212
http://www.nxtbook.com/nxtbooks/pmg/da1112
http://www.nxtbook.com/nxtbooks/pmg/da1012
http://www.nxtbook.com/nxtbooks/pmg/da0912
http://www.nxtbook.com/nxtbooks/pmg/da0712
http://www.nxtbook.com/nxtbooks/pmg/da0612
http://www.nxtbook.com/nxtbooks/pmg/da0512
http://www.nxtbook.com/nxtbooks/pmg/da0412
http://www.nxtbook.com/nxtbooks/pmg/da0312
http://www.nxtbook.com/nxtbooks/pmg/da0212
http://www.nxtbook.com/nxtbooks/pmg/da_avguide0112
http://www.nxtbook.com/nxtbooks/pmg/da0112
http://www.nxtbook.com/nxtbooks/pmg/da1111
http://www.nxtbook.com/nxtbooks/pmg/da1011
http://www.nxtbook.com/nxtbooks/pmg/da0911
http://www.nxtbook.com/nxtbooks/pmg/da0711
http://www.nxtbook.com/nxtbooks/pmg/da0611
http://www.nxtbook.com/nxtbooks/pmg/da0511
http://www.nxtbook.com/nxtbooks/pmg/da0411
http://www.nxtbook.com/nxtbooks/pmg/da0311
http://www.nxtbook.com/nxtbooks/pmg/da0211
http://www.nxtbook.com/nxtbooks/pmg/da0111
http://www.nxtbook.com/nxtbooks/pmg/da1110
http://www.nxtbook.com/nxtbooks/pmg/da1010
http://www.nxtbook.com/nxtbooks/pmg/da0910
http://www.nxtbook.com/nxtbooks/pmg/da0710
http://www.nxtbook.com/nxtbooks/pmg/da0610
http://www.nxtbook.com/nxtbooks/pmg/da0510
http://www.nxtbook.com/nxtbooks/pmg/da0410
http://www.nxtbook.com/nxtbooks/pmg/da0310
http://www.nxtbook.com/nxtbooks/pmg/da0210
http://www.nxtbook.com/nxtbooks/pmg/da0110
http://www.nxtbook.com/nxtbooks/pmg/da1109
http://www.nxtbook.com/nxtbooks/pmg/da1009
http://www.nxtbook.com/nxtbooks/pmg/da0909
http://www.nxtbook.com/nxtbooks/pmg/da0809
http://www.nxtbook.com/nxtbooks/pmg/da0609
http://www.nxtbook.com/nxtbooks/pmg/da0509
http://www.nxtbook.com/nxtbooks/pmg/da0409
http://www.nxtbook.com/nxtbooks/pmg/da0309
http://www.nxtbook.com/nxtbooks/pmg/da0209
http://www.nxtbook.com/nxtbooks/pmg/da0109
http://www.nxtbook.com/nxtbooks/pmg/da1208
http://www.nxtbook.com/nxtbooks/pmg/da1108
http://www.nxtbook.com/nxtbooks/pmg/da1008
http://www.nxtbook.com/nxtbooks/pmg/da0908
http://www.nxtbook.com/nxtbooks/pmg/da0808
http://www.nxtbook.com/nxtbooks/pmg/da0708
http://www.nxtbook.com/nxtbooks/pmg/da0608
http://www.nxtbook.com/nxtbooks/pmg/da0508
http://www.nxtbook.com/nxtbooks/pmg/da0408
http://www.nxtbook.com/nxtbooks/pmg/da0308
http://www.nxtbook.com/nxtbooks/pmg/da0208
http://www.nxtbook.com/nxtbooks/pmg/da0907
http://www.nxtbook.com/nxtbooks/pmg/da0807
http://www.nxtbook.com/nxtbooks/pmg/da0707
http://www.nxtbook.com/nxtbooks/pmg/da0607
http://www.nxtbook.com/nxtbooks/pmg/da0507
http://www.nxtbook.com/nxtbooks/pmg/da0407
http://www.nxtbook.com/nxtbooks/pmg/da0307
http://www.nxtbook.com/nxtbooks/pmg/da0207
http://www.nxtbook.com/nxtbooks/pmg/da0107
http://www.nxtbook.com/nxtbooks/pmg/da1206
http://www.nxtbook.com/nxtbooks/pmg/da1106
http://www.nxtbook.com/nxtbooks/pmg/da1006
http://www.nxtbook.com/nxtbooks/pmg/da0906
http://www.nxtbook.com/nxtbooks/pmg/da0806
http://www.nxtbook.com/nxtbooks/pmg/da0706
http://www.nxtbook.com/nxtbooks/pmg/da-palm0606
http://www.nxtbook.com/nxtbooks/pmg/da0606-av
http://www.nxtbook.com/nxtbooks/pmg/da0606
http://www.nxtbook.com/nxtbooks/pmg/da0506
http://www.nxtbook.com/nxtbooks/pmg/da0406
http://www.nxtbookMEDIA.com