Recently, we hosted Ross Randall, Director of Technology at Lamar County School District in Georgia, and Tim Miles, Director of Technology at Steamboat Springs School District in Colorado, for a summer-inspired live webinar focused on fortifying your district’s multilayered cybersecurity strategy.

From beach balls to firewalls, Ross and Tim generously shared their practical insights, guiding other K-12 tech professionals through the complex layers of cybersecurity. They discussed assessing current infrastructure and developing an effective incident response plan. You can watch the full webinar recording here.

If you’re like most technology directors, you’re probably still working on closing the gaps in your district’s multilayered cybersecurity tech stack. I can almost guarantee that at some point, you’ve been overwhelmed and shocked at how ruthless and sneaky cyber attackers can be. As K-12 IT professionals, protecting students at school is your top priority. But protecting them easily and securely is a different story.

If you want to protect your students and staff data – and still get a restful night’s sleep – it’s entirely possible. It results from closing the gaps in your district’s cybersecurity strategy by having a multilayered tech stack.

Whether you need additional defenses or your district has several layers already deployed, learning from other K-12 leaders is a great place to start. Today, let’s dive deeper into Ross Randall’s three essential tips on closing the gaps in his district’s multilayered cybersecurity strategy and finish with how your district can improve its security and safety strategy today.

1. Visibility

Getting hacked is inevitable. And it’s true when we say, “You don’t know what you don’t know.” That’s why having multiple layers of visibility into your district’s cloud domains is one of the most essential strategies for protecting students.

In our recent webinar, Ross Randall highlights that having multiple cybersecurity products bleeding into each other is a must, as some products may not pick up on things 100% of the time. For instance, the Cloud Monitor Risks tab is the only product in Ross’ cybersecurity toolbelt that scans images in his district’s Google Workspace domain. He also recommends gaining visibility by having firewall logs, an MDR software service, SIEM, and others.

Our district operates 100% in Google Workspace. We need a tool to analyze and monitor all of the files and activities in our Google domain. If we can’t see what’s there, we don’t know what’s happening. Being able to put policies in place to alert us if there is a social security number or student information being shared is essential. I live on the Cloud Monitor risks tab; it is my favorite go-to. I don’t have another product in my toolbelt that does a good job of scanning images.
—Ross Randall, Director of Technology, Lamar County School District

2. Segmenting your network

As an influential K-12 leader, Ross cannot stress enough how important segmenting your district’s network is.

Network segmentation is the practice of dividing your school network into parts. Each segment is like its own slice of the primary network but isolated from the rest, which is essential as it prevents lateral movement. In other words, if the financial department suffers a data breach, malware won’t easily move across the district’s network to infect more systems and steal more data.

If there is a school district that has not segmented their network, please do that today! It is absolutely necessary.
—Ross Randall, Director of Technology, Lamar County School District

3. Training your staff

One of the most essential aspects of cybersecurity, as emphasized by Ross, is the importance of training staff and students. He highlights that proper cybersecurity protection begins with educating people.

Cybersecurity starts with people. The most significant layer for us is training our people. Cybersecurity is not a technology problem, it’s an institutional problem. Everybody has to be aware and understand the threats, how to recognize them, and what needs to happen when they do encounter an attack. Training is a huge layer of multilayered cybersecurity.
—Ross Randall, Director of Technology, Lamar County School District

Historically, school districts have not had to focus on cybersecurity but Ross argues that this is not a technological issue—it’s an institutional one. It is necessary for everyone to be aware of potential threats, understand how to identify them, and know the appropriate steps to remediate them.

While there’s no product out there that can defend your district 100% of the time against cyber hackers, a great place to start is with ManagedMethods’ products: Cloud Monitor and Content Filter. Want to see these platforms in action? Schedule your free cybersecurity and safety audit with ManagedMethods to kick-start your cybersecurity journey today.

The post Ross Randall’s 3 Essential Tips to Strengthening Your District’s Multilayered Cybersecurity appeared first on ManagedMethods.

*** This is a Security Bloggers Network syndicated blog from ManagedMethods authored by Alexa Sander. Read the original post at: https://managedmethods.com/blog/3-tips-for-multilayered-cybersecurity/