View Poll Results: Was this security alert helpful?

Voters
0. You may not vote on this poll
  • Very

    0 0%
  • Some

    0 0%
  • A little

    0 0%
  • No

    0 0%
Results 1 to 3 of 3

Thread: Why are digital security upgrades so urgent?

  1. #1
    Join Date
    May 2015
    Posts
    104

    Default Why are digital security upgrades so urgent?

    Why are Wayland security upgrades so urgent?

    9 May, 2015

    To: Wayland families, residents, teachers and employees

    From: Mark Hays
    Cell: 508.661.9733
    Email: MarkAllenHays@Gmail.com (best bet)

    You may be wondering why I have been pushing for digital security upgrades. Why is this technical problem so urgent for the average Wayland family, teacher and employee?

    The answer is simple: Wayland has massive and urgent security issues – but Wayland's bureaucracy has been moving at a very slow, bureaucratic pace. Cybercriminals do not suffer from the same delays. When they find a weak target, they attack. A document is attached to this post that explains how quickly automated cyber attacks work.

    It has been more than two months since cybercriminals broke into the Wayland Treasurer’s office -- twice. None of the major problems have been fixed, however. Wayland’s computers, network and data are still very vulnerable -- including your data. There was no need to wait. Fixes should have been installed immediately. Going forward, Wayland needs to respond rapidly and effectively to crises like this.

    Unfortunately, this is not a new problem. I began warning Wayland IT management two and a half years ago about major security issues. Very little was done, however. One of the gaps I told them to fix in 2012 led to the breaches in 2015.

    The dismal security of the Wayland / School network is a personal issue for our family and yours. Our son’s confidential school records should not be vulnerable to hackers, nor any Wayland child’s. We should not need to replace our credit cards, because our son purchased a few things online with his high school laptop. Our tax and identity records are also at risk.

    You should not have to worry about these risks either.

    Please let me know if you have any questions.

    Mark Hays
    Attached Images Attached Images

  2. #2
    Join Date
    May 2015
    Posts
    104

    Default Update: Board of Selectmen meeting on 18 May

    Dear Wayland residents:

    I attended the Board of Selectmen meeting on Monday, 18 May, to hear the report from Mike McCann, the IT consultant hired by Nan Balmer. Mike could not discuss any of the details behind the security problems or solutions in public, so he offered a general update on the work he and the Wayland IT team have been doing to fix some of the most serious problems affecting Town computers.

    I also met with Dr. Stein and Mike last week and reviewed the details. Although Mike is not a security expert, he is sharp and has significant IT experience. We agreed on the key priorities and the need for a number of significant security upgrades that the BoS will need to approve and purchase.

    Unfortunately, Mike is a consultant working part time and it will take 5 more weeks to complete the review of options, recommendations and a budget for upgrades. After that, the BoS will need to review, approve and fund the solutions, and launch the procurement process. It will be months, best case, before basic security upgrades are fully installed and operational.

    One member of the BoS also noted that they might have to "wait until the next Town Meeting" to approve the purchase of the security upgrades. This would obviously be extremely risky and unreasonable.

    In short, this is clearly not how a security emergency should be handled.

    Attached is a copy of the public letter I sent today to the Bos, Fincom and Wayland School Committee, clarifying a number of key points.

    Please let me know if you have any questions; my private email address is MarkAllenHays@Gmail.com
    Attached Images Attached Images

  3. #3
    Join Date
    May 2015
    Posts
    104

    Default Update: Some progress with security upgrades for Wayland Public Schools

    Dr. Paul Stein and Leisha Simon (WPS IT Director) wisely decided to upgrade all of the Wayland Public Schools Mac computers to the latest version of Mac OS X. Like Windows computers, it is vital to keep Mac OS X updated along with all of the software apps on every computer. Missing updates led to the security breaches in the Wayland Treasurer's Office.

    The devil is always in the details with digital security, however, and these upgrades are not complete:

    > Approximately 140 older Macs (apparently) cannot be upgraded and need to be replaced. The Wayland School Committee tabled the replacement of 50 of these computers in the Happy Hollow and Claypit Elementary School computer labs, pending their review of the final report from Mike McCann, the IT consultant hired by Nan Balmer. It is not clear what will be done about the rest of the old Macs.

    > Approximately 400 Macs need RAM memory upgrades to support the latest version of Mac OS X. The Wayland School Committee wisely approved the expense this week. The RAM and Mac OS upgrades should be completed over the summer.

    > I am trying to schedule a meeting with Leisha Simon to review the details for the upgrade / replacement plan.

    > None of the other essential security systems have been purchased or installed to protect WPS or Town computers, Mac and Windows. Everyone is waiting for the final report from Mike McCann, which is supposed to be delivered in late June or early July. Then it will take more time to review the report, authorize purchases and install them. As noted previously, this very slow response to critical security gaps is very risky and not appropriate following the breaches in the Wayland Treasurer's Office. Wayland's confidential data continues to be very vulnerable -- five months and counting.

    Please let me know if you have any questions: MarkAllenHays@Gmail.com

Tags for this Thread

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •