Beyond Firewalls(2) - Tech Learning

Beyond Firewalls(2)

Twenty years ago, when I was in high school, computers had just made their way onto the desks of staff and administrators. I couldn't play football or slam dunk, but I could wrestle a computer program to its knees, and nothing gave me more pleasure than beating the administration at their own game. Before I
Author:
Publish date:

Twenty years ago, when I was in high school, computers had just made their way onto the desks of staff and administrators. I couldn't play football or slam dunk, but I could wrestle a computer program to its knees, and nothing gave me more pleasure than beating the administration at their own game. Before I incriminate myself further, let me get to the point: I understand what lurks in the restless hearts of the thousands of students whose records we secure. Grades, tests, and even confidential e-mail messages are all susceptible to the urges of nascent crackers.

And then there's the problem with people like us. When it comes to security, many of us don't know what we don't know. And this lack of knowledge potentially places all of our networks in danger. If you have an administrator who leaves her password taped under her keyboard, or a teacher who doesn't change his password (ever!) or can't be bothered to log out or lock the computer, all the firewalls and antivirus programs in the world will not protect your network.

That's why it's critical to have someone at your district or school who can not only design a comprehensive security plan, but educate the staff as to why security is necessary. Achieving this requires formal training. One path to better understanding security is through local universities that offer technical degrees. In San Francisco, for instance, Golden Gate University's School of Technology (www.ggu.edu/school_of_technology) has created a new master's program in systems and network management. Three of the 10 classes in this program specifically address enterprise and network security.

The quicker route, and the one I ended up taking, was the (ISC)2's Certified Information Systems Security Professional program, a well-constructed, vendor-neutral certification that offers best practices, recommended procedures, and much more on topics ranging from business continuity to security architecture. To be certified, you can read a 550-page book, which costs about $75, or take a one-week crash course that typically costs in the $2,000 range. Either way, after passing a test on your new-found knowledge and having another CISSP verify your practical experience, you will receive your certification.

The CISSP certification is excellent for the person who is or will become the designated security manager for your organization; however, it may not be the best fit for every person in your technology department. In order to determine what's appropriate, start by doing your own research. Below, I've broken out a list of selected security certifications to investigate. Each site includes recommended readings and classes designed to help you achieve certification.

For security managers:

(ISC)2 CISSP

For security practitioners:

GIAC Security Essentials Certification

(ISC)2 Systems Security Certified Practitioner

For junior security practitioners:

CompTIA Security+

Dell Certification and Traning

TruSecure ICSA Certified Security Associate

Eric Svetcov, CISSP, is president of Palint Technology, Inc. and former director of technology for St. Ignatius College Preparatory in San Francisco.

Learn more about security issues at our Web site.

How to Perform a Security Audit

Secure Your Wireless Network

Data Privacy Trouble Spots (August 2004 issue)

Featured

Related

Beyond Firewalls

Twenty years ago, when I was in high school, computers had just made their way onto the desks of staff and administrators. I couldn't play football or slam dunk, but I could wrestle a computer program to its knees, and nothing gave me more pleasure than beating the administration at their own game. Before I

Beyond Firewalls

Professional certification ensures your staff will understand information security in its proper context.

Image placeholder title

Beyond the Hardware

In the November 2013 issue of Tech & Learning, we asked districts around the countrywhy they chose certain devices for their 1:1 initiatives.

Good Firewall Option

Question: What inexpensive firewall security options are available? The IT Guy says: Thanks to an IT Guy reader for the following tip: A while ago I submitted a question here about firewall for the school that I work for. I found a great solution. It is called Astaro and it provides many tools including firewall

A Wireless World(2)

This month's School CIO addresses wireless computing and preparing your educators for one-to-one implementation.

Installing Shareware and Freeware(2)

Question: Why does our school network administrator not want us to install extra software? The IT Guy says: Every time you install new software on your computer, you increase the chances of a crash or hang-up caused by a software conflict. Many people write software who are not professionally trained or

Back to School Product Guide(2)

For teachers and administrators, a new school year means weighing new options. From network security tools to formative assessment products, the realm of educational technology offers no shortage of tools for classroom and district improvement. Technology & Learning's Back to School Product Guide provides a glimpse of