MN: Mahtomedi Middle School student breaches district data

Sara Marie Moore reports on a so-easy-a-child-could-do-it-oh-look-a-child-did-do-it breach:
A Mahtomedi Middle School student breached student data earlier this fall when a teacher was logged into a computer.
在工控系统、办公设备、智能芯片、计算机固件领域,人们通常会认为安全漏洞较少进而忽略掉,所以需通过加强普及性的安全意识教育,让这些系统的所有者和使用者能结合自身,认识到潜在的安全问题。
The student accessed 3,300 student ID numbers, 215 test scores, 11 individualized education plan (IEP) sheets and 18 other student education plans, said Patrick Crothers, technology coordinator. The breach extended beyond the middle school to students in all grades. The student was not able to change any data. He showed the data to one other student and is no longer in possession of the data.
Read more on White Bear Press.
Teachers – like nursing staff and other industries – will login and walk away or stay logged in, unless you deploy technological solutions that automatically logs them out after X minutes of inactivity. Why not assume good intentions on the part of teachers but also deploy protections so that if they forget or get distracted, data are still protected.
网络安全法培训短片

On a positive note, it sounds like the school district did not try to frame the student as a hardened felon. Hopefully by responding constructively to his conduct, they will form an alliance with him that will benefit him in the future.
我们保障信息安全的的外部驱动力主要源自对法律法规的遵从,以及满足客户和供应商对数据安全的要求,内部驱动力主要源自于保障业务持续性、商业机密和员工个人信息,我们相信,在未来驱动信息安全的力量也会越来越大。

猜您喜欢

兰州城关区食药监局:供餐单位要严格落实备案制度
亟需规范的数据恢复行业
网络安全法宣传片 002 国家网络安全的现状与重要性概述
地铁界的赵丽颖?杭州地铁女神成网红
MARCOMAWARDS HANOVERNORWICHSCHOOLS
谈谈IPv6带来的安全挑战及应对之策