Beyond Firewalls - Tech Learning

Beyond Firewalls

Professional certification ensures your staff will understand information security in its proper context.
Author:
Publish date:

Twenty years ago, when I was in high school, computers had just made their way onto the desks of staff and administrators. I couldn't play football or slam dunk, but I could wrestle a computer program to its knees, and nothing gave me more pleasure than beating the administration at their own game. Before I incriminate myself further, let me get to the point: I understand what lurks in the restless hearts of the thousands of students whose records we secure. Grades, tests, and even confidential e-mail messages are all susceptible to the urges of nascent crackers.

And then there's the problem with people like us. When it comes to security, many of us don't know what we don't know. And this lack of knowledge potentially places all of our networks in danger. If you have an administrator who leaves her password taped under her keyboard, or a teacher who doesn't change his password (ever!) or can't be bothered to log out or lock the computer, all the firewalls and antivirus programs in the world will not protect your network.

That's why it's critical to have someone at your district or school who can not only design a comprehensive security plan, but educate the staff as to why security is necessary. Achieving this requires formal training. One path to better understanding security is through local universities that offer technical degrees. In San Francisco, for instance, Golden Gate University's School of Technology (www.ggu.edu/school_of_technology) has created a new master's program in systems and network management. Three of the 10 classes in this program specifically address enterprise and network security.

The quicker route, and the one I ended up taking, was the (ISC)2's Certified Information Systems Security Professional program, a well-constructed, vendor-neutral certification that offers best practices, recommended procedures, and much more on topics ranging from business continuity to security architecture. To be certified, you can read a 550-page book, which costs about $75, or take a one-week crash course that typically costs in the $2,000 range. Either way, after passing a test on your new-found knowledge and having another CISSP verify your practical experience, you will receive your certification.

The CISSP certification is excellent for the person who is or will become the designated security manager for your organization; however, it may not be the best fit for every person in your technology department. In order to determine what's appropriate, start by doing your own research. Below, I've broken out a list of selected security certifications to investigate. Each site includes recommended readings and classes designed to help you achieve certification.

For security managers:

(ISC)2 CISSP

For security practitioners:

GIAC Security Essentials Certification

(ISC)2 Systems Security Certified Practitioner

For junior security practitioners:

CompTIA Security+

Dell Certification and Traning

TruSecure ICSA Certified Security Associate

Eric Svetcov, CISSP, is president of Palint Technology, Inc. and former director of technology for St. Ignatius College Preparatory in San Francisco.

Learn more about security issues at our Web site.

How to Perform a Security Audit

Secure Your Wireless Network

Data Privacy Trouble Spots (August 2004 issue)

Featured

Related

Beyond Firewalls

Twenty years ago, when I was in high school, computers had just made their way onto the desks of staff and administrators. I couldn't play football or slam dunk, but I could wrestle a computer program to its knees, and nothing gave me more pleasure than beating the administration at their own game. Before I

Beyond Firewalls(2)

Twenty years ago, when I was in high school, computers had just made their way onto the desks of staff and administrators. I couldn't play football or slam dunk, but I could wrestle a computer program to its knees, and nothing gave me more pleasure than beating the administration at their own game. Before I

SECURITY: Step by Step

It's time to begin planning for summer upgrades, and if information security isn't at the top of your list, it should be. Your students continue to learn more about the tools and technology that could be used to circumvent your current security infrastructure. What you need is a security architecture and approach that

Image placeholder title

Beyond the Hardware

In the November 2013 issue of Tech & Learning, we asked districts around the countrywhy they chose certain devices for their 1:1 initiatives.

Good Firewall Option

Question: What inexpensive firewall security options are available? The IT Guy says: Thanks to an IT Guy reader for the following tip: A while ago I submitted a question here about firewall for the school that I work for. I found a great solution. It is called Astaro and it provides many tools including firewall