Story image

Your school’s Internet security policy: Blueprint to protect your students, staff and network

23 Aug 2016

Your school’s Internet security policy is the most important component of your entire ITC infrastructure and framework. It is your appropriate use guidelines, network inventory, strategic plan, operating procedure manual and data protection specifications all rolled into one. It is not something that you can outsource. Sure, you’ll need expert assistance in formalising your school’s Internet security policy, but the actual rules, procedures, datasets and user roles are unique to your school, your network and your appropriate use policies. If you don’t have a comprehensive blueprint with clearly defined rules, you can’t build a secure network. It’s as simple as that.

“You have to define the rules before you can enforce them,” says Andrew Khan, Fortinet Senior Business Manager at Ingram Micro, New Zealand’s largest distributor of Fortinet’s cyber security solutions. “Creating a realistic Internet security policy is not a technical issue but a managerial and administrative imperative. You can leave the specific details of actually designing, installing and configuring your security framework to the professionals – be they in-house, a contractor or in the cloud – but you are responsible for giving them clear instructions. Anything else leads to confusion, cost over-runs, poor performance and, ultimately, gaps in your network security profile.”

Start with what you have

Most schools in New Zealand already have de facto Internet security policies. “You have guidelines for appropriate use, policies on which staff can access which student records, back-up and archive procedures to protect your data in case of a disaster and other key considerations,” continues Khan. “But have you specified what type of reports you need to satisfy compliance and overview requirements? Do you have a policy for locking down any personal devices that staff might be using to access your network? Do you have an emergency plan if your network is hit with malware? Or a disk failure? And do you have all of these procedures set out in one document available to key staff and a summary for students, all staff and even parents?”

While there are online security policy templates for New Zealand schools, they outline general content rather than specific rules. “The best way to ensure that your security policy is up-to-speed is with a workshop and whiteboard including you, your ICT providers, key staff and any IT-savvy board members,” continues Khan. “Outline what you have now, what you know, what you want, what you think the risks are and any other pertinent information. List, to your best ability, your data, applications, ITC-related business processes, infrastructure, traffic patterns and Internet usages and anything else that comes to mind. Once you have the general scope defined, you can start to drill down into specifics.”

The decisions are yours alone

“Policies are top down,” concludes Khan. “Management sets the tone and the ICT team provides the details. But they need your guidance. They have the skills to configure the network security infrastructure to enforce your security policy. But they need the rules spelt out. It is not their role to make decisions on who should be able to access what and when. It’s your call. The Fortinet team at Ingram Micro – along with our specialist education sector Partners - have extensive experience in developing network security policies for New Zealand schools. Give us a call and we can help steer you in the right direction. Your students are our future. It’s our responsibility to ensure that they stay safe online.”

For further information, please contact:

Andrew Khan, Senior Business Manager Email: M: 021 819 793

David Hills, Solutions Architect Email: M: 021 245 0437

Hugo Hutchinson, Business Development Manager Email: P: 09-414-0261 | M: 021-245-8276

Marc Brunzel, Business Development Manager Email: M: 021 241 6946

Apple says its new iMacs are "pretty freaking powerful"
The company has chosen the tagline “Pretty. Freaking powerful” as the tagline – and it’s not too hard to see why.
Cloud providers increasingly jumping into gaming market
Aa number of major cloud service providers are uniquely placed to capitalise on the lucrative cloud gaming market.
NZ ISPs issue open letter to social media giants to discuss censorship
Content sharing platforms have a duty of care to proactively monitor for harmful content, act expeditiously to remove content which is flagged to them as illegal.
Partnership brings AI maths tutor to NZ schools
“AMY can understand why students make a mistake, and then teach them what they need straight away so they don't get stuck."
Unencrypted Gearbest database leaves over 1.5mil shoppers’ records exposed
Depending on the countries and information requirements, the data could give hackers access to online government portals, banking apps, and health insurance records.
Mozilla launches Firefox Send, an encrypted file transfer service
Mozille Firefox has launched a free encrypted file transfer service that allows people to securely share files from any web browser – not just Firefox.
Online attackers abusing Kiwis' generosity in wake of Chch tragedy
It doesn’t take some people long to abuse people’s kindness and generosity in a time of mourning.
Apple launches revamped iPad Air & iPad mini
Apple loves tinkering with its existing product lines and coming up with new ways to make things more powerful – and both the iPad Air and iPad mini seem to be no exception.