Dec 11, 2020
How One of the Largest U.S. School Districts Protects Its DataBy Taniuim
Mitigating cyber-risks and understanding modern (and future) security strategies are fundamental skills for IT leaders.
Guarding the virtual gates of an organization and running the cybersecurity program is key to ensuring business resilience and continuity in a fast-changing world. Enter Arden Peterkin, information security officer at Gwinnett County Public Schools (GCPS).
Peterkin protects the information and IT infrastructure for the school district near Atlanta, which is the 12th largest school system of its kind in the U.S., with an enrollment of approximately 180,000 students.
“The school system is world-class,” Peterkin says. “It’s the standard that our CEO/Superintendent has established. We function at a very high level, more like a Fortune 500 company.”
Drawing the bridge against vulnerabilities
Like many top enterprises, GCPS has drawn the attention of cybercrime organizations. It is forced to continuously ward off cyberattacks and update its defenses. As an IT and security veteran, Peterkin understands that no matter the effort, gaps and vulnerabilities still exist.
“The root cause of cyber-related vulnerabilities is human error,” he says. “Vulnerabilities are often the unintentional consequence of a lack of knowledge, lack of skill, or lapses in judgment. They manifest as programming flaws within software applications, default or lax configuration settings, or the proclivity to fall victim to cybercrime methods, such as social engineering.”
It’s a challenge, but the school district is focused on preparing its people. Wide-scale automation and security education for employees has been critical. Most importantly, Peterkin focused on keeping the team vigilant about their fundamental security practices. This helped the district maintain good IT hygiene to reduce the opportunities for hackers to breach the network’s defenses.
With the advent of the global pandemic, businesses and school systems alike have noticed IT gaps and vulnerabilities more frequently than ever before. However, as Peterkin suggests, while the main threats and vulnerabilities have remained the same, the risk has dramatically increased.
More than a decade ago, school district leadership identified “anytime, anywhere” access to instructional support resources as a strategic priority. This progressive approach has helped the district build out online learning and administrative services for its mobile, digital-savvy constituency of young students. And this prepared them well for what the COVID-19 pandemic would bring.
Wielding the weapons of defense
Phishing to commit extortion using ransomware or financial fraud are the most prevalent attack methods employed against the school district. One of the weapons of defense for GCPS is having good security awareness and education.
“While sometimes it’s easy to forget the basics, it’s not something that should be overlooked,” Peterkin says.
Keen strategies and effective risk mitigation are other weapons wielded by diligent data defenders, along with implementing the right tools. In fact, GCPS has around 12,500 laptops that leave the safety of the organization daily, which could create major gaps in visibility, resilience and agility. But with the proper environment and structure in place — complemented by Tanium tools — GCPS is able to meet their security expectations.
Keeping an eye on the horizon
Over the next five years, Peterkin believes, organizations across all industry verticals – but particularly K-12 school districts like his — will fully embrace a cloud-first strategy. He believes that host-based, micro-segmentation will become a necessity, as organizations continue to embrace the notion of “Zero Trust” networking.
As for the future, Peterkin likes to SOAR: Security Orchestration, Automation and Response. He believes SOAR will bring your policy framework and incident response playbooks to life. It can also help improve security analysts’ morale and retention by eliminating repetitive, mundane tasks from their workday — giving them back time to contribute to more meaningful assignments.
“Never lose sight of the fundamentals – email security, IT hygiene, awareness and education,” Peterkin says. “These are the frontline, foundational elements that, when managed well, will sustain your cybersecurity program and close your IT gaps.”
Finally, he recommends celebrating your success.
“Every day that your files are not ransomed and your data is not on the streets is an excellent day!” he says. “Your success isn’t an accident. It is the result of deliberate planning and execution by you and your team. Find ways to celebrate your team’s success regularly.”
To learn more about how Tanium can help your organization bring comprehensive visibility and control to its devices and endpoints, schedule a demo today.