Mar 29, 2020
April Mardock - CISO - Seattle Public Schools
Jared Folkins - IT Engineer - Bend La Pine Schools
Nathan McNulty - Information Security Architect - Beaverton School District
OpSecEdu - https://www.opsecedu.com/
Slack
https://www.a4l.org/default.aspx
BEC - https://www.trendmicro.com/vinfo/us/security/definition/business-email-compromise-(bec)
https://www.k12cybersecurityconference.org/
Bypassing security controls - https://www.goguardian.com/blog/technology/how-students-bypass-school-web-filters-and-how-to-stop-them/
https://community.spiceworks.com/topic/2077711-chromebook-google-docs-bypassing-filters
https://www.mobicip.com/blog/here%E2%80%99s-how-kids-bypass-apple%E2%80%99s-parental-control-tools
https://www.phantomts.com/2020/01/11/kids-can-bypass-communication-limit-feature-on-ios-13-3/
https://www.ocregister.com/2009/02/17/students-accused-of-changing-grades-using-teachers-password/
Security persons at education institutions of varying sizes.
https://www.zdnet.com/article/texas-school-district-falls-for-scam-email-hands-over-2-3-million/
Why are schools soft targets?
Is money/budget the reason schools get the raw deal here?
Why is ransomware such an appealing attack?
How complex is the school
environment?
Mobile, tablets, hostile users, hostile
external forces
Adding technology too quickly? Outpacing the infrastructure in schools?
Just ideas for some questions. - Jared
Do you find vendors are very
responsive in the education space when receiving a vulnerability
report?
https://www.edweek.org/ew/articles/2019/09/10/parent-who-criticized-his-sons-math-program.html
When students, who you are trying to educate,
when they are found doing something inappropriate, how do Districts
handle it?
https://ktvz.com/news/2017/11/08/mtn-view-hs-bomb-threat-traced-to-eugene-14-year-old/
What challenges do Security people in education
face when partnering with their user base?
Unlike a corporate setting, many educators and
students need to install different software throughout the year,
how is that handled?
How
did April, Nathan, and Jared meet?
Is the technology stack in your various school systems changed much in the last 10 years? Have you moved to cloud based, or do you still have an IT shack at the school systems with physical machines?
Localadmins are not granted…
(excellent!)
Check out our Store on Teepub! https://brakesec.com/store
Join us on our #Slack Channel! Send a request to @brakesec on Twitter or email bds.podcast@gmail.com
#Brakesec Store!:https://www.teepublic.com/user/bdspodcast
#Spotify: https://brakesec.com/spotifyBDS
#Pandora:
https://pandora.app.link/p9AvwdTpT3
#RSS: https://brakesec.com/BrakesecRSS
#Youtube Channel: http://www.youtube.com/c/BDSPodcast
#iTunes Store Link: https://brakesec.com/BDSiTunes
#Google Play Store: https://brakesec.com/BDS-GooglePlay
Our main site: https://brakesec.com/bdswebsite
#iHeartRadio App: https://brakesec.com/iHeartBrakesec
#SoundCloud: https://brakesec.com/SoundcloudBrakesec
Comments, Questions, Feedback: bds.podcast@gmail.com
Support Brakeing Down Security Podcast by using our #Paypal: https://brakesec.com/PaypalBDS OR our #Patreon
https://brakesec.com/BDSPatreon
#Twitter: @brakesec @boettcherpwned @bryanbrake @infosystir
#Player.FM : https://brakesec.com/BDS-PlayerFM
#Stitcher Network: https://brakesec.com/BrakeSecStitcher
#TuneIn Radio App: https://brakesec.com/TuneInBrakesec