[ISN] Report: School technology should cough up hackers

[InfoSec News]

http://www.insidebayarea.com/dailyreview/localnews/ci_3367058

By Grace Rauh
STAFF WRITER
01/03/2006

UNION CITY - A team of experts from outside the New Haven school
district is recommending that the district take new steps to better
safeguard student information and improve its technology.

The recommendations were compiled in a report that will be shared with
school board members at their meeting tonight. The board hired the
Fiscal Crisis and Management Assistance Team for about $7,500 in
October to study the district's technology system to try to keep
hackers at bay.

The decision was made on the heels of a security scare last spring,
when it was mistakenly believed that an unauthorized user broke into
the student information system. Superintendent Pat Jaurequi said at
the time she wanted the district to conduct this study to prevent
security breaches in the future.

Team members visited the school district Oct. 10-11 and interviewed
employees, collected data and reviewed information about technology in
New Haven. They found the school district's technology department
has motivated employees who are willing to improve the system, but
lacks leadership.

Some obvious security risks the team discovered during its two-day
visit included teachers who let students work on their classroom
computers and shared passwords with them, giving them access to
confidential information.  Team members found the door to New Haven's
main data center unlocked and discovered there is no system in place
to end an employee's access to confidential information before he or
she is fired, leaving the district open to a security breach by a
former employee.

The meeting begins at 7:30 at the Educational Services Center board
room, 34200 Alvarado-Niles Road.