Security for EDU
K-12 school districts and higher education institutions offer an incredibly complex and dynamic environment for technology professionals. Often, technology directors and staff are asked to perform many functions with few resources. More recently, schools have been targeted by ransomware and outright data theft by malicious bad actors.
With all that's going on in education centered around BYOD, 1:1 rollouts, online testing and other issues, very often the information security concerns are an after thought. Typical security vendors tend to focus around the vulnerabilities surrounding Fortune 500-type businesses.
Since education has a unique set of software packages, security issues, and known users... it requires a solution designed exclusively for K-12 and higher education. SchoolScan was created to fill this void. By providing cost-effective, highly specialized services, SchoolScan enables technology directors and CIOs to focus on more pressing issues while having the piece of mind of knowing someone is watching their back in the realm of information security.
While SchoolScan can't completely shape an institution's information security posture, we can greatly help eliminate known threats and vulnerabilities and make for a more secure learning environment.
Managed Nightly Vulnerability Scanning
We scan both your Internet-facing and internal resources on a nightly basis to establish a security baseline. After our initial scanning period, we meet with you to go over and known vulnerabilities or issues with these assets. Once you've patched and outstanding issues, we then perform nightly scans of those resources looking for new and outstanding security vulnerabilities.
Nightly, you'll receive a fresh report of our findings on your network. However, if a major vulnerability is discovered, we not only email you the results but we also call and text you to alert you to this serious security flaw. This way, it's almost impossible to have a major vulnerability go unnoticed. Consider us a second set of eyes and ears.
We've intentionally priced this service so that every educational institution can afford it. We think every educational body in the country should have some sort of active vulnerability scanning happening.
Secure Network Layout and Design
As your add new users, devices, and use cases to your network, it's important to take a step back and evaluate your network design and general security posture from time-to-time. The purchase of a new firewall or switching equipment often provides a great opportunity to envision and design a more secure experience for your district and users.
- Accounting server not sitting behind an external and internal firewall?
- Student information server sitting with all ports exposed to your users?
- How do you handle printing from your internal network and does that expose all resources to that user?
These are just a few questions that you should be asking yourself when designing your network. We can help you come up with a network design that can be implemented in phases, over time, as you add new equipment and resources.
Network design is critical to the security and safety of every educational institution.
Network Security Audit & Penetration Testing
For a more comprehensive view of your institution's security controls and policies, we provide security audit and penetration testing services. By reviewing your network configuration, design, policies and procedures, we can help you know what areas are solid and which areas need improvement.
This typically involves a remote and onsite review of your network and exploring the various configurations for each type of user on your network. We can help document your network configuration and can also verify that your filtering mechanism is adequate and meets state and federal requirements... before your state comptroller or auditor does so.
Our network security audits are not designed to be a 'gotcha'. These assessments are designed to provide you with the information you need to ensure continuity and continuous security. Our review typically takes a few weeks and provides rigorous review of your internal policies, procedures, and controls. Even if you don't have any of these things in place, we can help you create them by providing a baseline assessment of where you are today.