Your Weekly Tech Tidbit – Clean Up, Clean Up. Your Security Depends On It

October 5th, 2020
Your Weekly Tech Tidbit – Clean Up, Clean Up. Your Security Depends On It

 

"Clean up, clean up, everybody, everywhere, Clean up, clean up everybody do their share"

-Barney

That song has been stuck in my head recently having two Kindergarten aged kids in the house.

However, after many of the conversations I have had with you over the last few weeks, it seems an appropriate message this week.

Many of you "did what you had to do" to keep everyone afloat and functioning during the height of the pandemic.

Nobody had time to plan and prepare.

Literally that afternoon life was completely different and we just had to figure it out. I am very proud of how the district technical staffs rose to the challenge and how they shared "what is working for us" with their peers.

However, this did not come without some costs.

In many cases district's cut corners or turned off security features so that your users could work. The plan was that those compromises would be cleaned up over the summer.

As I talk to many of you, we keep having these "a ha" moments where we all suddenly realize that the clean up part got lost in the chaos of the Spring and the tremendous amount of work you all did to prepare for the Fall. You were then immediately swept away by these these new fluid learning models which started creating an entirely different set of pressures and needs.

However, the stark reality is the bad guys feast on this chaos. We have now have over 1,000 US school districts getting hit with ransomware since 2016. A school district in Nevada refused to pay the ransomware and the bad guys published all student personal information to the internet! To make matters worse, the Federal government has now said that people paying to unlock ransomware could be subject to fines if the money is going to countries with embargo restrictions!

You can't be wrong on this.

During the Spring many district's:

-Gutted their password policies since many remote users don't get notified their password is expiring and can't change the passwords anyway.

-Gave out local administrator passwords to remote Windows laptops to allow remote software installation.

-Made remote users local administrator's to their Windows laptops to allow them to do whatever.

-Removed many security GPOs.

-Failed to implement even the most basic mutli-factor authentication standards to minimize added stress to their users.

If we go through the school year leaving these exposures in place, something bad is going to happen. It is time for you to remember what you did and begin the work to re-securing that part of your network.

We have solutions to all these issues that we believe properly balance security with ease of use.

If you need help, figuring out how to plug these holes, give us a call.