Upload
jacknickelson
View
484
Download
1
Tags:
Embed Size (px)
DESCRIPTION
Citation preview
Dan Turner- Surrey School District
David Hawks- Absolute Software
March 10, 2008
Laptop Security in the Classroom: Best Practices for Protecting Mobile Learning
Agenda
• Market Factors
• Compliance, Protection, Recovery
• Effective Laptop Security and Sustainability
• Case Study- Surrey School District
• Additional Resources
Changing IT Landscape for Schools
K12 Market Factors
• Increased use of mobile devices
• Growing volumes of data stored electronically
• Legislation mandating compliance and data privacy
• Security Audits and Accountability
CPR- Basic Security
• Compliance:
» Complying with all applicable mobile data protection regulations, with an easily accessible audit trail
• Protection:
» Protecting data on mobile laptops using encryption, authentication and remotely delete data
• Recovery:
» Recovering lost or stolen devices returns them to the control of the District and sustains programs
Securing Your School’s Assets:
Market Factor- PC Theft
• More than 120,000 laptop thefts occur annually from Schools Safeware,
• 70% of computer crime is a result of “inside jobs” Gartner Group,
• 1 in 10 chance of a laptop being stolen and 97% are never recovered
Gartner Group & FBI
Theft is an increasing problem
PC Asset Challenges in Districts
• Ratio of IT staff to PCs– ONE I/T staff member to every 500 or more PCs (1:500+)
• Theft and Loss– ‘Not a problem at my District’
– Silent Budget Threat- DRIFT
• Limited Funding – Lose it & it’s gone (Self insured or no insurance)
– Life Cycle Management
• Sensitive information on Admin/Faculty/Nurse PCs – Compliance or face severe penalties
Market Factor – Data Breaches
• Financial Fraud overtook Virus attacks as the #1 concern for PC Security in 2007 (Source: CSI Institute, 2007)
• The Black Market for Identity theft is valued more that $5Bil and growing 60% year-to-year, faster than the Security Industry! (Network World, September 17 2007)
• Compliance is non-discriminatory and all organizations face fines of up to $5M for data breaches
Data Accountability and Trust Act, US House of Representatives, 2006
Data Breaches result from loss and theft
Regulatory Compliance
Regulatory Compliance– FERPA– HIPAA– State legislation (Data Breach)
Audit trail required
Need to know where assets are at all times
School Districts should not only know what software and hardware is installed on computers, but also who has access to them and where they are
Compliance, Data Protection and Theft Recovery
3. Compliance Risk
1. Computer Theft 2. Data Breach
Market Factor – Asset Management
• Gartner report shows many organizations can track approx 60% of their mobile assets, since many are off-the-network (Gartner Group, 2002)
• A Ponemon Study also found that 30% of I/T Departments would never detect the loss or theft due to off-network equipment (Ponemon, 2007)
• PC Drift can account for between 10-15% of missing PCs (Absolute Software, 1996-2005*)
Mobile Users Create Asset Management Challenges
Implement I/T Asset Management (ITAM)
• Optimize and provision software and hardware » Efficiencies and reduce costs
• Enables Software license compliance » Accurately track licenses, utilization, long range Tech Plans
• Informed decision making and asset management.» Intuitive dashboards and audit compliance
• Asset accountability » Tax payer
Mobile Computing: What is really going on?
– WHO are the laptops assigned to?• Teachers or staff leaving without returning assigned laptops?• District administrators or contractors traveling with sensitive data?• Students safety at risk because of the value of their laptop?
– WHAT if the configuration has been changed?• Can components such as memory easily be taken?• Software image integrity• User-Acceptance Policies enforced?
– WHERE are my assets?• Spread out over how many physical school locations?• Laptops moving from people to people?
Case Study- Surrey School District
• Project Overview– Largest District in British Columbia - 65,000 students, 120+ schools– 7,500 staff, 60 professional IT staff, 1200:1 computer to tech ratio– Needed a way to:
• centrally & remotely manage 13,000+ computers• quickly generate accurate data on computer hardware/software• Improve annual investments in computer hardware• Improve annual Investments in computer software
– (license and regulatory compliance)
• Challenges– Provide solution to address inefficiency of manual inventory counts– Address cross-platform requirements & TCO
Case Study- Surrey School District cont....
• Milestones– 1 image for each of 2 platforms established
– Automated process and discovery asset reporting
– Efficient and reliable tracking and license management
– Accurate reporting (99% HW & SW assets on pc clients)
• Solution Outcome– Software true-up processes went from 15 field tech’s visiting schools
over a month and half, to an automated process – always up to date!
– Real-time accurate data reports on hardware and software inventories
– Provision resources more effectively and efficiently
– Reduced Total Cost of Ownership (TCO) and improve efficiencies
Building Effective Security in Schools
•Effective End-Point Security Strategies Focus:
– Network access control– Asset Protection (Physical & Data) – Codified Security Policy and UAP– Vulnerability management – Contingency Plan
• Roles and responsibilities need to be clearly defined (Professional Development and TRAINING)
• Integrate Security policy and IT processes (Disaster Recovery)
• Faculty and Students understand/adhere User Acceptance Policy
80% of issues that can cause damage to an organization can be avoided by properly implementing processes in the above areas – Gartner 2005
Maintaining a Secure Learning Environment
Physical Security • Challenge- Comprehensive strategy
Safe Learning Environment• Challenge- Vulnerabilities
Accountability• Challenge- Lack of Resources/tools
Consistent Security• Challenge- Sustainability and funding
Don’t Rely Solely on Single Point Solutions Alone
Nearly 1/3 of end-users attach passwords to PCs
- Gartner
Encryption
Cable Locks
Firewalls
Anti-Virus
Stop tags
Single Point Solutions
Best Practice
BIOS
Device
Operating System
•Tracking agent: Deter theft, recover the asset
•Remotely Delete Data
•BIOS and Hard Drive Passwords
Network•Network integrity – Unique identities•Multi-factor authentication to control access•Control over network access from the end
point•Responding to systems damaged by attack
•OS Integrity – OS/Virus Patches•File oriented Encryption and Certificates•Secure backup/recovery of data •Fingerprint readers
•Full hard drive encryption / Vista•Secure back up of data•Locks and cables / STOP Tags
No single vendor does it all
Security- Layered Approach
Summary- SASS
Sustainability- Asset Recovery
Safety- Access
Accountability- Asset Management
Security- Data Protection
eToolkit
Vendor Resources
• Compliance Vendors– www.absolute.com www.altiris.com– www.pcguardian.com www.guardium.com– www.landesk.com www.peregrin.com
• Data Protection– Encryption/USB Device
• www.credant.com• www.pointsec.com• www.guardianedge.com• www.winmagic.com• www.safeboot.com• www.pgp.com
– USB Protection• www.volumeshield.com• www.Utimaco.com
– Data Delete• www.absolute.com• www.beachheadsolutions.com
– Content Monitoring & Filtering• http://www.vontu.com
• Theft Recovery– http://www.absolute.com– http://www.ztrace.com
End
Q & A
Contact information:
David Hawks Business Development
http://www.absolute.com
410-499-5380
Thank You for your time!
1) PC Theft recovery
2) Secure Asset Tracking
3) Data Protection
Security Products
Education Institutional Protection Consumer Protection Staples & Office Depot