However, security is an issue for other levels of education, and as I learned from my conversation with George Thornton, network operations manager at the Montgomery (Texas) Independent School District, managing a school district's computer network is similar to that of any business, with a few exceptions.
Thornton said his district has 7,000 students and nearly 900 teachers. The No. 1 security problem?
Students and teachers both bring in outside drivers for the computers at the school. What comes from home can't be controlled by IT.
Working with Kaspersky Lab, the district now has a tool that, when a flash drive or other outside driver is plugged into a computer, the computer automatically runs a scan. Said Thornton:
The normal reaction is to check no if the computer prompts a scan. This tool doesn't give the user the choice.
That adds an extra layer of security to the machines. But it also adds an extra layer of security for the school itself. You see, one of those exceptions that schools deal with that enterprise does not is the Child Online Protection Act, which Thornton admits can create serious security nightmares. It requires strict content filtering, which is difficult because different schools will have different levels of filtering.
Because budgets are limited, he told me, schools aren't able to upgrade computers and equipment as frequently as a corporation might, which can affect security efforts. The tight budgets also mean that Thornton -- and school CIOs nationwide -- have to carefully pick and choose which security options to employ and which have to be skipped because they are too expensive.
School districts are not immune to the threat of attack from outside or inside hackers. Just like in a business, just like in a college, school districts are a wealth of personal information on thousands of people. Just like in many segments of industry and society, security for school computer networks is its infancy in many ways, but I think it is important to remember that no matter what type of business you are in, everyone needs to focus on data security issues.