Audit finds gaps in Cairo-Durham IT policies
Carly Miller is reporting for Columbia-Greene Media an audit by the state Comptroller's office has found that inadequate and outdated IT policies in the Cairo-Durham Central School District could expose its students, employees and the computer network to risk. State officials reviewed web history reports from 11 district computers and found the computers had accessed websites that could put the network at risk. The report lists several gaps in the district’s IT policy, including a lack of procedures for classifying sensitive information, wireless security, managing mobile computing and storage devices and training staff on cybersecurity. And inadequate web filters allowed staff members to browse games, hobbies, job searches, social media, shopping and travel websites, and computer users could access websites about “terrorism, adult entertainers and gambling.” These policy gaps don’t necessarily mean that school computers were a high-risk target for hackers, Comptroller’s Office spokesman Brian Butry said. “But the district’s policies are insufficient.” The Comptroller’s office recommended the district update its Information Technology policies, provide periodic cybersecurity training to employees, and block access to sites that violate school policy. District officials received the report in January and it was released to the public on February 27. Read the full story at HudsonValley360 [dot] com.