Like most school districts, Round Rock Independent School District is dedicated to providing its students with the latest internet technologies to advance the education process while maintaining the safest and most productive online environment. But achieving this balance is an ongoing challenge—and one that Round Rock ISD realized it could no longer accomplish with its existing IT resources.
As Ed Zaiontz, executive director of information services, explained: “With more than 40,000 students and 17,000 computers to oversee, we knew we needed an automated solution that would protect our school community from growing web-based threats, but not hinder the educational benefits of the internet. We were also looking for a solution that would help us stay in compliance with federal mandates such as the Children’s Internet Protection Act [CIPA] and Family Education Right to Privacy Act [FERPA].”
After conducting a thorough analysis of several possible content monitoring solutions, Round Rock ISD selected Vericept Monitor for its ability to intelligently monitor all internet-based communications, including eMail, web traffic, instant messaging, peer-to-peer file sharing, chat, blogs, web postings, File Transfer Protocol (FTP) traffic, and Telnet.
Providing a safe environment for students and staff
As more and more inappropriate content becomes available on the internet, school districts such as Round Rock have found it increasingly difficult to maintain a safe online environment. Internet communication such as instant messaging, chat rooms, social networking sites, blogs, and peer-to-peer traffic can put a school at risk of data breaches or even more serious consequences, such as harm to students, faculty, and staff.
“Protecting our students from inappropriate content on the internet is one of our top priorities,” said Zaiontz. “Vericept Monitor provides us with the kind of intelligence we need to preempt online threats, such as cyber bullying, that can jeopardize the safety of our students.”
Zaiontz added that Round Rock’s Information Systems group also takes seriously the welfare of the district’s more than 4,500 faculty and staff.
“The complex nature of today’s online environment requires us to provide a new level of protection for our users,” he said. “We need to ensure that the internet activities of our employees are safe from cyber threats and do not pose a liability to themselves or the school district. With Vericept, our staff can be confident that their online interactions are secure.”
Protecting personally identifiable information
Managing the personally identifiable information (PII) of 40,000 students and 4,500 faculty and staff is no small task for the Information Services department of Round Rock ISD. The school district must comply with such federal regulations as CIPA, FERPA, and HIPAA. Failure to comply with these mandates and a data breach of PII can result in a loss of funding for the district, as well as more serious consequences such as possible legal action.
As Zaiontz explained, “It’s critical that we protect the privacy of our students and staff. Exposure of such highly confidential information as student records, Social Security numbers, and employee payroll data could have devastating results for individuals and our district.”
Prior to deploying Vericept, Round Rock did not have an automated solution for monitoring sensitive information that might be leaking from its network. Even though the district had an acceptable use policy that was strictly enforced, Round Rock administrators did not feel they had real control over what might be moving outside the network. Since installing Vericept Monitor, Round Rock has been able to gain better visibility into network activity without interfering with valuable internet-based education tools.
Vericept Monitor goes beyond keyword searches and pattern matching by reading the content, understanding the context, and analyzing the structure of all internet-based communication and attachments. This kind of detection provides Round Rock’s Information Services team with the visibility and proof-positive evidence to identify data privacy violations and enforce compliance with federal regulations such as FERPA.
One of FERPA’s requirements is that student Social Security numbers cannot be sent over a network unencrypted. Using Vericept Monitor, Round Rock was able to identify a server with unencrypted Social Security numbers, shut down the server, and inform the staff that such private identifying information cannot be broadcast across the network for any purpose.
Round Rock can point to several other instances, too, of network abuse and violations of state and federal privacy laws that have been discovered using the intelligent content captures and robust reporting capabilities of Vericept Monitor.
Moving beyond content filtering
Although Round Rock currently uses a content filtering solution to block access to inappropriate web sites, it looks to Vericept to provide a complementary solution to meet its needs.
“Although our filtering system provides a good foundation for deterring inappropriate internet activity, we know that no filter is 100-percent effective,” said Zaiontz. “We needed an additional measure to identify and prevent threats to our online learning environment.”
With Vericept, Round Rock is able to see the detail of all user activity, regardless of proxies or anonymous user names that are being used. Vericept automatically flags and categorizes each violating session, and allows Round Rock to rebuild the session with full, rich content. This provides much more detail than just a simple URL or IP address.
As Zaiontz concluded, “By using the content monitoring capabilities of Vericept along with appropriate education of our students and staff, we feel we are taking a proactive approach to internet safety.”
Round Rock Independent School District