Results 1 to 2 of 2

Thread: Do you have a son / daughter at Wayland High School with a Mac laptop?

  1. #1
    Join Date
    May 2015
    Posts
    45

    Default Do you have a son / daughter at Wayland High School with a Mac laptop?

    Wayland Public School Laptops and Computers -- Major Security Problems

    Did you hear that hackers repeatedly breached the Wayland Treasurer's Office in January of 2015, and almost stole over $1 million of our money? The same problem continues with Wayland Public Schools computers used by teachers and staff, and hundreds of Mac laptops used by high school students.

    Following the breaches in 2015, Wayland (taxpayers) paid over $100,000 to hire McGladrey, an IT consulting firm, to assess deficiencies. One of their "high priority" recommendations: install a modern "patch management" system, to ensure that all Wayland Town and School computers are quickly updated with the latest security patches. (Missing patches were a proximate cause of the breaches in 2015.)

    Wayland Town management followed McGladrey's recommendations. Wayland Public Schools did not. The result? Over 1,000 computers used by WPS students, teachers and staff are not being promptly updated. The risk? Wayland Public Schools holds a vast amount of our confidential data, far more than the Town network. This includes identity information for you and your children, confidential medical, mental and behavioral data, etc.-- for thousands of current and former Wayland children and their families.

    Your risk is personal and financial. If hackers break into the WPS network just like they broke into the Wayland Treasurer's office, your family's data could be stolen and sold. This damage could not be repaired. On the financial side, liability risk to Wayland taxpayers would easily exceed $1 million according to industry studies. Who would pay? Wayland taxpayers. (Wayland does not have insurance to cover data breaches.)

    The need to quickly patch security flaws is "IT 101". Industry leaders agree, including Apple, Microsoft and the Department of Homeland Security. The standard: a couple of days at most, to run some tests. Wayland Public Schools? Weeks and months of delay. Again and again.

    I repeatedly warned Wayland management about these problems in 2012, 2013 and 2014. Nothing was done. Then hackers attacked in January of 2015. After the same problems recurred in 2016 and 2017, I notified Superintendent Stein, Nan Balmer and the Wayland School Committee. Result? The problems continue. The patch management system recommended by McGladrey in 2015 has still not been installed. A screenshot from a WPS Mac is attached -- showing the latest batch of missing updates. (The 'GarageBand' vulnerability / patch is particularly bad.)

    What can you do? Contact Superintendent Stein, the Wayland School Committee,
    Nan Balmer {Town Administrator) and the Wayland Board of Selectmen. Let them know that you are concerned. Ask them to take effective action to finally fix this basic problem.

    Let me know if you have any questions: MarkAllenHays@Gmail.com

    Mark
    Name:  WPS screen shot - 2017-03-06.jpg
Views: 29
Size:  66.4 KB

  2. #2
    Join Date
    May 2015
    Posts
    45

    Default

    How to check your Mac laptop for missing security updates: families, students and teachers

    I should have included this info with my previous post. It is easy to check your Mac laptop for missing updates. Open the App Store then click on the "Updates" button at the top right. If any updates are available, they will be listed below. For example:

    Name:  Apple OS X updates - with arrow to icon - 778 x 597.jpg
Views: 13
Size:  50.8 KB

    ​For more info see: https://support.apple.com/en-us/HT201541 We have repeatedly found WHS Macs (used by students and teachers) with old versions of OS X, firmware that was two years out of date, 'critical' security patches that were not installed, etc. etc.

    If you find that updates have not been installed, please notify Dr. Paul Stein, Superintendent of WPS, Nan Balmer, the Wayland Town Administrator, and Ellen Grieco, chair of the Wayland School Committee. They direct computer security in Wayland:

    Paul Stein: Paul_Stein@wayland.k12.ma.us or call 508-358-3774
    Nan Balmer: NBalmer@wayland.ma.us or call 508-358-7755
    Ellen Grieco: Ellen_Grieco@wayland.k12.ma.us

    Unfortunately, this is a recurring problem -- so it is a good idea to recheck your Mac at least once a month. Let Dr. Stein and Ms. Balmer know if updates are missing.

    This is a basic computer security and management process that should have been fixed years ago. Missing security patches led to the breaches in the Wayland Treasurer's Office in January of 2015. A breach at Wayland Public Schools could easily cost Wayland taxpayers >$1 million. Do we really need to learn this lesson again, the hard way?

    Mark Hays

    Name:  MAPP logo with text - v1b - white back - 288 x 64.jpg
Views: 13
Size:  46.8 KB

Tags for this Thread

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •