2-Factor Authentication: Should my district adopt this data security measure?

Many districts are adopting a 2-factor authentication process.  Why?

We all know what cybersecurity means.  Today, passwords for sensitive data is just not enough.  To avoid legal penalties and protect their districts’ privacy, education data managers must make data privacy a priority.  There are federal and state data protection policies administrators must follow that to protect student data privacy.  A strong strategy for cybersecurity will always include implementing two-factor authentication for all users.

Continue reading 2-Factor Authentication: Should my district adopt this data security measure?

Cyber and Physical Security in Schools – What should you be thinking about?

The topic of school security is growing more visible nationwide and the pressure is mounting to implement viable solutions to cyber and physical threats.

If there’s room in the budget for a security solution, should you spread the funds between physical security options and cyber-security prevention?  Both areas are of massive importance.  No matter what or when you implement a security measure, in order for it to be effective and successful, there should be a process in place for thorough training to everyone involved.  The need to adhere to safety procedures is instrumental in avoiding a dangerous infringement to your entire districts’ records.  All processes need to be monitored. Continue reading Cyber and Physical Security in Schools – What should you be thinking about?

Cyber-Security: Are You Doing All You Can?

We are all vulnerable to cyber attacks but for varying reasons but education, specifically K-12, is at the bottom rung when compared to private and public sectors in managing their cyber security.  Due to the sensitive nature of student enrollment forms and personal information shared in the student records, it is critical to have a plan and work that plan to avoid being vulnerable to such attacks.

Here are few suggestions to get your district on its way to a safer cyber environment:

• Make sure to provide your staff and volunteers with the tools to stay diligent to suspicious emails to avoid Phishing scams
• Update your anti-virus and anti-malware software
• Incorporate a network redundancy and backup recovery plans

Cyber-security is not something to “get to” in the future, it’s an immediate risk and needs to be made a necessity to building a secure future for our students and districts.

Understanding Data Security Threats in Your District

As recent as a few years ago, cyber-security threats were not on the radar of most school district leaders.

That’s according to the sixth annual broadband and infrastructure report released by the Consortium for School Networking (CoSN), a nonprofit made up of K-12 school technology leaders.  An increasing number of district leaders are realizing the importance of bolstering their network security, the report found, and their budget priorities reflect as much.

“School districts, like every organization and person in the world, are concerned with keeping data private and secure,” Keith Krueger, CEO of CoSN, tells EdSurge. “It’s dramatically up from recent years.”

Based on responses from 386 U.S. school districts, more than one-third (36 percent) of districts spend 10 percent or more of their technology budgets on network security, and another third (31 percent) direct between 5 and 9 percent to security issues.  These security funds are often spent on services such as breach detection and security vulnerability assessments.

As the necessity of data breach avoidance measures increase, so must the awareness to stay on top of this issue.  Our district’s, students, employees, volunteers and others, all deserve the peace of mind that security measures offer.

Are You Managing Your School’s Safety Clearances?

A common topic facing today’s school districts is student safety. Taking the steps to ensure staff and volunteer safety clearances are managed can protect a child and a district’s reputation.

We all appreciate the dedication and sacrifice that school volunteers provide to students – that goes without saying.  But it’s imperative that along with staff, volunteers and counselors undergo the appropriate background checks and safety clearances to ensure we are placing students’ safety in the proper hands.  Read below to learn more details into this critical issue.

As a result of child abuse cases that have gathered national attention in recent years, there has been a growing trend among states to increase background checks for professions that come in close and regular contact with children.  To clarify what a volunteer is, here are some examples of unpaid positions as a volunteer responsible for the welfare of a child or having direct contact with children can include:

  • Parent/Chaperone at school events
  • Girl Scouts/Boy Scouts
  • Agency volunteers who help with transportation or other services
  • Big Brothers/Big Sisters
  • Literacy programs
  • Little League/coaches/sports officials

A Pennsylvania law was passed in 2014 requiring anyone who works with students at public and private schools in the state to obtain background checks.  This requirement, which was effective July 1, 2015, defines a background check to include both criminal and child abuse checks.  This mandate is not uncommon in education settings across the U.S.  Does your state have similar requirements?

Unfortunately, the safety clearance process sometimes can cause feelings of anger and distrust among volunteers.  While it may cause feelings of privacy invasion, background checks provide an extra layer of protection and put parents’ worries at ease.  The majority of volunteers will be happy, willing participants in these strict procedures to protect the vulnerability of children.

black computer keyboard with red lighting network security

Network Security: How to Protect Your School Website from Harm


Network security is top of mind for all school administrators lately.

School districts across the nation, such as San Dimas High School (CA), Fulton High School(MO), and Comack Union Free High School (NY) have been hacked by their very own students in the past year, which tells us that when it comes to school network security, we need to protect our servers from threats on the inside.

Distributed denial of service (DDoS) attacks are plaguing districts with increasing frequency. For the sake of pure mischief, these attacks saturate servers with so many external communications requests that they can’t respond to legitimate school traffic, such as teachers trying to access online grades or email.

These attacks can range from a slight annoyance, such as the single student who brought down Fulton High School’s network for a few hours, to downright disastrous, such as the month-long network shut down at Community Unit School District 303 in Illinois. The scary part is it only took two high school students and their smartphones to launch this devastating attack on the school’s network.

So how do we prevent our networks from becoming liable to DDoS attacks and our most conniving tech-savvy students?

Teachers aren’t always aware that they can open doors to security risks when they log into school’s network while students are around. Even more dangerous, as teachers access different web apps on the school network throughout the day, it is not unusual for teachers to leave some or all of their accounts logged in at the end of the day.

Properly signing off of each account goes a long way to protect the school network server and database. Allowing the IT department to implement a privacy protocol is a very effective first step towards ensuring digital security, as long as it’s followed by rigorously educating staff on what that protocol is.

Are there more technologically-offensive approaches to preventing DDoS attacks?

  • Disruptions are rendered short-lived if a district has a software protocol that shifts unwanted inbound traffic to a separate IP address.
  • Intrusion detection software can alert IT staff, who can then shut down DDoS attacks before they cause more disruption.
  • Having two data centers is also a foolproof way to sidetrack DDoS attacks. If the first data center becomes flooded with unwanted traffic, IT can switch all users to the second one so that network access can continue uninterruptedly for other school staff.
  • Although currently at a very high cost, DDoS-mitigation software automatically shuts down attacks without the second step of manual intervention.
  • Storing files in a secure cloud and preventing school staff from downloading files onto personal devices can go a long way to protect sensitive data – as long as staff are taking all the necessary precautions to protect login data. This includes changing passwords frequently, keeping passwords complex, never sharing passwords, and logging off of all accounts when leaving a device.
  • Narrowing the amount of authorized personnel from accessing certain information minimizes risk. This can happen on various levels, such as barring almost all school staff members from accessing social security numbers, and limiting teachers’ access to their own students’ information rather than the entire student body.
  • IAM (Identity and Access Management) technology lets users access online resources with a single sign-on that meets district security policies. IAM also puts tighter controls in the hands of IT staff. This includes automating when accounts, resources and certain operations should be blocked.

Central Records Gateway from SRC Solutions expands On Demand document access for school districts

Central Records Gateway combines school district records retention requirements into one simple to use interface spanning student, human resources, business office records and more…
SRC Solutions is excited to announce the launch of Central Records Gateway and the Central Records Solutions Program (CRSP). Central Records Gateway is an evolution of SRC Solutions award winning document management solutions and bridges the gap from Student Records to HR Records as well as Business Office Records. SRC Solutions Registration Gateway and document management solutions are in use in districts across the US.

Central Records Gateway allows school districts to create, automate and relate digital documents across multiple stakeholders, various retention schedules and ever changing archiving policies. Through the CRIV program, Central Records Gateway can expand to incorporate any current or future district document source.

Student centric document sources may include Student Information Systems, Online Registration, Fee Payment, Medical, Transportation, Special Education and more…

Human Resources centric document sources may include Applicant Tracking, Online Hiring, Insurance, Background Checks, Payroll, Continuing Education Credit Management and more…

Business Office centric documents may include Accounting Software, Expense Report Management, Invoicing Systems, RFP Management and more…

What truly differentiates Central Records Gateway from any other electronic document solution is SRC Solutions dedicated efforts towards open integration with any third party document source as well as permissionable Electronic Cumulative Folder access to administrators, parents and students.

Central Records Gateway offers a four pronged approach to existing and new document collection including desktop document scanning, Multi-Function device direct scanning, direct document flow through CRSP integration and bulk document distribution direct to online folder.

To learn more about Central Records Gateway, click here.

Take Central Records Gateway for a spin simply by clicking here.

“Central Records Gateway is an all-in-one self-manageable solution for school districts. Central Records brings record management out of the file cabinets and into the hands of permissioned users making information typically trapped in forms actionable and relevant. Take one example of a student medical record. Traditionally, records have to be transferred from school to school within a district as kids age out of schools. With Central Records, the moment those students age into another school, permissions are automatically transferred to the new school medical professional. We are excited to bring this functionality to school districts and allow them to take charge of FERPA and HIPAA compliance in their records” said Patrick Maher, CEO SRC Solutions.

Central Records Gateway doesn’t stop at document management and retention. Central Records Gateway also provides an easy to use form creation tool right within the application. Once forms are completed by the parents, students, employees etc… they can be automated to go back into the central record.

Document collection, organization and retention is key but the true differentiation is security. Central Records Gateway employs sophisticated security standards which match the access already in place within school districts. There is no need to reinvent security provisioning.

Central Records Gateway also makes district to district student transfers as simple as can be with a unique records packaging feature allowing receiving districts access to specific student records from the sending district.

About SRC Solutions, Inc.
SRC Solutions, Inc. provides school districts a mechanism for positive process change. SRC Solutions, Inc. offers a suite of “Gateway” applications each designed to tackle obstacles standing in the way of the educational process.
For more information, visit http://www.src-solutions.com

SRC’s Registration Gateway Wins EdTech Digest’s “Cool Tool” Award for Excellence in Education

Reston, VA – January 25, 2012

Surety, LLC, the leading provider of data integrity protection, and SRC Solutions, Inc., a provider of technologies for improved productivity and profitability for educational, government and private industry customers, announced that SRC’s Registration Gateway has won EdTech Digest’s Cool Tool Award in the security/privacy solution category.

Registration Gateway is SRC Solutions’ flagship product that is designed to simplify the student registration process by minimizing data inaccuracies, removing repetitive administrative tasks and driving down maintenance cost. Earlier this year, SRC Solutions and Surety announced that they had partnered together to integrate Surety’s AbsoluteProof data integrity protection solution into SRC’s Registration Gateway application to secure the authenticity of the students’ electronic records. AbsoluteProof applies a tamper-evident, digital “seal” to each record, providing long-term and independent proof that the record’s content existed at a particular point in time and has not been altered since. The application legally ensures student record integrity.

“We’ve worked hard to provide our customers with the tools they need to successfully implement a paperless environment within K-12 school environments, and winning this award is a great feat for us,” said Patrick Maher, founder and CEO of SRC Solutions.

“The strength of SRC’s Registration Gateway product is that it enables the school systems to achieve the cost and efficiency benefits of a fully electronic solution, while eliminating the data integrity risks associated with electronic recordkeeping,” says Jim O’Connor, president and CEO of Surety. “SRC’s Registration Gateway not only simplifies and improves the student registration process, but it now offers a more secure approach than any paper-based process that it replaces.”

EdTech Digest is a publication featuring leaders in and around the education sector who are dedicated to making a difference for future generations through the innovative use of technology. Its award program recognizes individuals and technologies that are setting trends and best practices for achieving a healthy future for the education space. Registration Gateway was named a Cool Tool award winner within the security/privacy solution category because of its ability to simplify and improve the student registration process and its attention to the importance of authenticity for the duration of students’ academic careers.

“To be recognized as a Cool Tool really demonstrates the need and importance of secure recordkeeping, especially dealing with the sensitive information students accumulate over the course of their academic years. With Surety’s help, we’re able to provide our customers with the resources they need to guarantee personal record protection to students, parents and district officials.”

For more information, visit surety.com and registrationgateway.com.

About Surety, LLC

Founded in 1994, Surety is the world’s leading provider of technology to protect the integrity and authenticity of digital information. Surety’s founders were pioneers in the field of cryptographic timestamping, and to this day, Surety provides the market’s best solution for long-term, independent proof of electronic data integrity through its AbsoluteProof Service. With millions of electronic records and files worldwide protected under its authenticity Seal, AbsoluteProof can be deployed at all levels – from the desktop or the enterprise to the cloud – and provides an ideal solution to the challenges of protecting intellectual property and online or digital evidence, and proving the authenticity of electronic records. For more information, visit surety.com.

About SRC Solutions Inc.

Founded in 2001, SRC Solutions, Inc. provides a gateway to improved productivity and profitability for educational, government and private industry customers. SRC’s flagship solution, Registration Gateway, enables schools and other higher learning educational institutions and organizations to save time and money from paperless enrollment, downstream reporting, compliance and document tracking. SRC identifies cumbersome, repetitive, counter-productive work procedures and replaces them with easy-to-use, intuitive solutions and streamlined digital processes. As a XEROX® Platinum Partner and an authorized reseller for Kofax, Surety and Recruit Manager, SRC provides solutions for both the public and private sector, including document management, workflow improvement and integration into numerous ERP systems. SRC Solutions, Inc.: Where process meets technology.


Registration Gateway