Protect Logo with shield
  • Welcome to Protect.

    Protect is the SPS initiative focused on protecting student and staff data, as well as providing information security resources to our community.

    We will provide regular updates about efforts at SPS to protect critical and confidential information, as well as demonstrate examples of best practices you can adopt to protect your personal information at home.

    Currently, as part of Protect, Springfield Public Schools aligns curriculum with strong Digital Citizenship, utilizes robust Digital Tools, adheres to Information Security protocols established by industry standards, and steadfastly secures Student Data.

    How will we achieve this, and how do we measure our progress?

    One of the major approaches that SPS is taking to ensure the privacy of our student's information is to work towards earning a nationally recognized seal of data security standards.  We are striving to earn the Trusted Learning Environment (TLE) seal, which is a program created by the Consortium for School Networking (CoSN) by 28 member school districts.

    SPS is using this program to guide our approach to Protect, and to show our commitment to keep our student's data private and secure.

Updates

  • National Cybersecurity Awareness Month: Protect IT

    Posted by Bruce Douglas on 10/21/2019 7:00:00 AM

    National Cybersecurity Awareness Month

    It’s National Cybersecurity Awareness Month and we’re excited to be sharing tips on protecting yourself.  This week we’re going to highlight how you can stay safe and “Protect IT”.

    More and more devices and information are on the internet everyday.  To stay safe, we have to think about how we use the internet and how we can protect our digital profile to avoid being a victim of a cybercrime.  Check out these resources from the National Cyber Security Alliance on you can Protect IT.

    Tell us how you are protecting your digital profile on Twitter by tweeting @OfficialSPSIT and using the hashtags #BeCyberSmart and #CyberAware.

    Comments (-1)
  • National Cybersecurity Awareness Month: Secure IT

    Posted by Bruce Douglas on 10/14/2019 7:00:00 AM

    National Cybersecurity Awareness Month

    It’s National Cyber Security Awareness Month and we’re excited to be sharing tips on protecting yourself.  This week we’re going to highlight how you can stay safe and “Secure IT”.

    You use your device everyday and cybercriminals do too.  They are always looking for different ways to get personal information and we have to take steps to secure our identities and information.  Here are some more resources from the National Cyber Security Alliance on how you can Secure IT.

    Tell us how you are securing your identity on Twitter by tweeting @OfficialSPSIT and using the hashtags #BeCyberSmart and #CyberAware.

    Comments (-1)
  • National Cybersecurity Awareness Month: Own IT

    Posted by Bruce Douglas on 10/7/2019 7:00:00 AM

    National Cybersecurity Awareness Month

    It’s National Cybersecurity Awareness Month and we’re excited to be sharing tips on protecting yourself.  This week we’re going to highlight how you can stay safe and “Own IT”.

    It’s important to understand your digital identity so you can take the right steps in protecting yourself.  Think about what devices you use at home and work, what information you share publicly, what information you have access to and what you can do to own your own safety.

    The National Cyber Security Alliance has some great resources available.  Check out these tips and ideas.

    Tell us how you are owning your safety on Twitter by tweeting @OfficialSPSIT and using the hashtags #BeCyberSmart and #CyberAware.

    Comments (-1)
  • National Cybersecurity Awareness Month

    Posted by Bruce Douglas on 10/1/2019 7:00:00 AM

    National Cybersecurity Awareness Month

    October is National Cybersecurity Awareness Month (NSCAM).  Developed in 2014 by the National Cyber Security Alliance and the Department of Homeland Security, NSCAM is designed to ensure all Americans have the resources they need to stay say online.  

    We are celebrating NSCAM in couple ways.  First, we’ll have weekly blog posts about the 2019 theme “Own IT, Secure IT, Protect IT” with ways you can help keep your information safe.  Second, we’ll participate in the conversation on Twitter by using the hashtags #BeCyberSmart and #CyberAware with our @OfficalSPSIT feed.

    Take a few minutes to check out some ways to stay safe online on the National Cyber Security Alliance’s website.  Be sure to check back throughout the month and participate in the conversation on Twitter.

    Comments (-1)
  • The Missouri High School Cyber Security Challenge

    Posted by Sean Burch on 9/30/2019 6:00:00 AM

    The Missouri High School Cyber Security Challenge is a multi-round competition that tests students’ skills in networking, programming and operating system security. Round 1 saw 53 teams participate. The top 10 teams will compete in round two at the MOREnet Annual Conference at Tan-Tar-A Resort on October 9. 

    https://www.more.net/professional-development/missouri-high-school-cyber-security-challenge

    SPS had 3 students score in the top ten for the state!

    Comments (-1)
  • All About Phishing

    Posted by Sean Burch on 9/23/2019 7:00:00 AM

    As we get back into a regular groove here at SPS, I wanted to send out a reminder to check the link every time you are opening a page on the internet. This is especially true in email where phishing scams are a constant threat. 

    Phishing comes in many forms and is the primary way cyber criminals steal data.  Three types of phishing we want you to be aware of are; social engineering, spear phishing and spam.  

    • Social engineering is a targeted approach to phishing.  One of the most common forms, also known as whaling, is to create an account with the same name as your boss and then to ask for goods or information.  These can easily be detected by looking at the email address.
    • Spear phishing is another type of targeted approach to phishing that focuses on individuals with sensitive data or access to important resources.  This will include organizational leaders, such as principals, or staff with access to financial data or human resource data. These attempts can be combated by knowing how confidential and critical information is requested in our system.
    • Spam is the most common form of phishing.  These emails will often try to look like a known organization, such as your bank or even a district department like the IT department.  They will then ask you to provide information or to log in immediately.  

    You can learn more about the different types of phishing from KnowBe4 here.  

    Cyber criminals are interested in your information and they will not discriminate between personal or professional data.  Why do they want your info? It varies. Some want your money. Some want to sell your information for profit. Some are just trying to cause heartache. Some of the worst are looking to establish a foothold in a larger environment so they can steal a lot more information.

    The amount of phishing attempts continues to grow every year.  Protect yourself, please keep your online footprint in mind while at work and at home.  The links you click, and the places you connect to the internet matter. 

    Here are a few strategies for ensuring the links you click on are safe.

    • Read this article from the Federal Trade Commission on recognizing phishing attempts.
    • Ask yourself;
      • Does the URL that shows when you hover your mouse over the link match the link description? 
      • Were you expecting an email from the sender?
      • If you were expecting an email from the sender, does the message seem right?
    • Use a link checker like the Google Transparency Report.
    • When in doubt, don’t click.  If something doesn’t feel right, you can always contact the IT department to double check.

     

    Comments (-1)
  • SPAM and Phishing

    Posted by Sean Burch on 9/20/2019 6:00:00 AM

    Protect exists to increase awareness about information security in SPS.  Here is a recent event that hits very close to home.  Cybercriminals have turned their eyes to public school districts in recent months and we all have an important part to play in protecting our information.  We are only a few days into our first phishing campaign and we are thrilled to have less than 1% of staff clicking through on these emails.  Phishing is the primary method of attack for ransomware.  Help to reinforce safe behavior by sharing this resource with your staff.

    You can forward any suspected SPAM and Phishing attempts to stopspam@spsmail.org .

    Comments (-1)
  • Some Physical Security Basics for Private Information

    Posted by sean burch on 9/9/2019 7:00:00 AM

    Physical Security Basics:

    Protecting our information starts with physically securing our devices and information.  Information exists on our computers but also on paper, post-its, whiteboards, USB drives, phones and any number of other items we use everyday.

    Here are some basic steps we can physically take every day to ensure our information is protected.

     

    • Lock your computer

     

    Make it a habit to lock your computer every time you leave the keyboard.  You can quickly lock your computer with this keystroke: ❖ + L

     

    • Clean your desk and work area

     

    Make sure any paper document with student records or personally identifiable information (PII) are shredded each day.  A trash bin is not a shredder and is not a safe way of destroying sensitive information.

     

    • Avoid removable media

     

    Avoid using USB flash drives or other memory cards, especially for storing student data or PII.  These are easy to lose and often offer no security such as encryption of data. When using removable media for anything, be sure to never leave them behind - either in a computer or on a desk or in a drawer.

     

    • Always secure your device

     

    Never leave your laptop, phone or other devices alone, such as in a car or in a public place.

    Comments (-1)
  • Speaking of Passwords...

    Posted by Sean Burch on 8/30/2019 7:00:00 AM

    Passwords.

    Do’s and don’ts…

    Do:

    Use a long password

    Plan to use a minimum of 10 characters for your password but don’t feel like you have to stop at 10.  Longer passwords increase the difficulty of cracking more effectively than short passwords with high complexity.

    Use a password you will remember

    A password you can’t remember is one you write down.  It’s much more difficult to remember ake*3A.tY! as your password than a long password like EngagingRelevantPersonal.  The long password will take a computer 121 sextillion years to crack while the short password will take 53 years.

    Use a passphrase

    A passphrase is a string of words and can be anything that you will remember.  Use a story to create your passphrase such as “TheQuickBrownFoxJumpsOverTheLazyDog!”.

    Change your password regularly

    You can change your password at anytime and it doesn’t have to be after your password has expired.  If you ever suspect your password has been compromised or if the same password has been compromised somewhere else the first action you need to take is changing your password.

    Use a password manager

    A password manager is great for securely keeping track of your passwords.  They also help you in using a different password for each site or application.

    Keep your password private 

    No one else ever needs to know your password.  Watch out for people that try to look over your shoulder or watch your fingers when typing.  Your password is your identity, keep it safe.

    Do not:

    Share your password

    No one needs it but you.  Keep it safe all the time.

    Write down your password

    Never write your password on a post it note, on a white board or anywhere else.  

    Use online suggestions

    There are a lot of websites with password recommendations and many of them want your password.  Come up with a passphrase that is unique to you.

    Use the same password for everything

    We know there are a lot of passwords required in our lives.  Using the same password for everything means that once one application is compromised, all applications are compromised.

    Share your password

    Seriously, no one else needs it.

    Comments (-1)
  • Help from Homeland

    Posted by Sean Burch on 8/12/2019 7:00:00 AM

    The Department of Homeland Security has a public awareness campaign to aid with understanding cybersecurity threats:

    The motto of the campaign is: Stop, Think, Connect.

     

    General information link:

    https://www.dhs.gov/stopthinkconnect 

     

    Parent and Educator specific link:

    https://www.dhs.gov/publication/stopthinkconnect-parent-and-educator-resources 

     

     

    Comments (-1)