Business Practices

Do's and Don'ts

• By Joel Dolisy
• July 1st, 2016

Network security is a hot topic in all sectors of education administration. No network is immune to potential threats. But ensuring true network protection is no small feat. Thankfully, there is help — a road map of sorts —to ensure that your school system can tackle this monolithic maze.

The following simple steps can help protect the network and can provide peace of mind knowing that your organization is on the right path.

1. Standardize your network. Like a maze with multiple deadends, a nonstandardized infrastructure greatly increases the complexity of monitoring and managing the network, particularly when it comes to security. That complexity can increase the potential for network downtime and security breaches. Network standardization also makes it easier and more efficient to update the infrastructure.

2. Establish a clear change control process. It’s all about checks and balances. Any changes introduced into an IT system must be done in a controlled manner to reduce errors. Administrators must ensure that changes to the network are made under supervision and with approval. This approach also enables real-time tracking of unauthorized changes to the system.

Don’t change course for the sake of changing course. Today’s networks are complex. Changing one part of the network can inadvertently affect other parts. That factor is becoming increasingly problematic as more institutions build their IT framework on app stacks, which create an interconnected maze of applications that are heavily dependent on one another — a labyrinth within the labyrinth.

3. Implement compliance awareness standards. Compliance standards aren’t just for healthcare and financial institutions. Although those industries are all highly regulated, everyone — even those in education — can benefit from their stringent measures to keep security as highly regarded as possible.

In other words, don’t let security become an ad hoc way of thinking; approach it diligently. If your system doesn’t already have compliance processes in place, establish them. Having clear policies and standards will help prevent security breaches. However, such policies will need adjustment and modification as technology evolves.

Avoiding Road Blocks

Every good maze has its obstacles and dead-ends. How can districts avoid mishaps and road blocks?

1. Don’t operate under the mantra “if it ain’t broke, don’t fix it.” Even if all seems to be going well, a regular inventory of your network will reveal potential vulnerabilities so you can resolve them before a breach happens or react to them quickly in the case of a potential threat. Use network monitoring software to scan for potential vulnerabilities and receive automated alerts when those vulnerabilities are identified. Many of today’s tools are self-healing and automatically repair damages.

In today’s complex IT world, there will always be new threats to security and new viruses to thwart. Taking a proactive approach to ensure that the route is clear will surely bolster the security of your network.

2. Don’t use outdated technology. If you’re working from an outdated map, you may forever be lost in the maze! Likewise, neglecting to maintain updated security technology and device firmware opens your network to attack. Avoid this pitfall by frequently updating your software to include the latest virus-scanning and firewall tools.

3. Don’t ignore BYOD (bring your own device). Consider this: in the past year, smartphone usage was up 394 percent and tablet usage was up 1,721 percent, according to Internet analytics company comScore’s “2015 U.S. Digital Future in Focus” report. With this proliferation of use, an abundance of personal devices are connecting to today’s networks — smartphones, smart watches, fitness trackers, wearable devices, and tablets. It’s almost like a maze whose pathway keeps shifting.

To address this added layer of complexity head-on, track and manage IP addresses and monitor the resources those devices are accessing. User device-tracking solutions can do that by scanning your network for “rogue” or unauthorized devices that could pose a threat. In this case, it’s all about diligence. Any organization must be on the lookout for potential anomalies and impending threats that could signal a data breach or an attack.

On the Right Path

Although all of these do’s and don’ts of maintaining network security may have your head spinning, bear in mind that there are ways to navigate this network security maze. By following the steps outlined above, you will have your IT infrastructure on the right path to ensure that your network is as safe and secure as it can be.

— Excerpted with permission from the June 2016 issue of School Business Affairs, published by the Association of School Business Officials International. www.asboint.org.

This article originally appeared in the July/August 2016 issue of School Planning & Management.