The computer network in the school district provides access to a wide variety of resources such as educational software, resources on CD ROM, online library catalog, the Internet and e mail accounts.

The purpose of the network is to support legitimate educational and school administration, research, communication and to serve as an important tool to enhance classroom and community-wide teaching and learning.

The school district provides students and employees with access to the district network, which includes Internet access through the State of Mississippi Department of Education statewide network.

A uniform policy on usage and network security is a vital aspect of providing a safe and productive environment for all users throughout the state.

Network security and virus prevention begins with the user. No matter how well protected a network is with firewalls, anti-virus products and other security measures, a user can always circumvent these protective measures both intentionally and inadvertently.

It is imperative that the users become involved in their role in protecting the security and integrity of the network to provide a more stable, dependable and functional network. Future network expansion plans can be severely impacted by failing to implement an effective network, computer usage and security policy.

All computers on the network are school property and should only be used in the course of student education or school business only. A great deal of time and expense is spent to provide and maintain these computers for the purpose they were intended for. Using these resources for personal business and recreation can create needless network and computer related issues, which can add to the cost of the resources needed to support this equipment.

The network bandwidth provided to each school is limited and shared by all users throughout the state. This bandwidth is not unlimited and capacity planning is based on required usage and applications.

If just 10 users in a district are using excessive bandwidth through the use of internet music, radio, file sharing programs such as LimeWire, Morpheus and Kazaa all of the available bandwidth for that district will be consumed, leaving little to no bandwidth for the required applications. Additionally, using such services can expose the workstation to hackers and viruses, which are extremely prevalent
on the Internet today.

Unapproved applications and usage are an extremely easy method of acquiring viruses from the Internet. In fact, some of the better-known file sharing programs are known to carry undesirable embedded payloads and derivatives have been found that also carry viruses.

By installing and using these programs, the entire state network becomes open to needless viral and hacking attacks. Viruses are becoming more and more damaging to networks as well as becoming easier to acquire. Just visiting certain web sites can force download a virus to a workstation without the user's knowledge.

A recently discovered virus of this sort can completely erase a workstation or server's hard drive. The architecture of the state's network is such that a virus of this sort can now completely erase all of the data from a school's, the district's and possible the entire network, causing a devastating loss of data.

Viruses are costly and time consuming to remove and in some cases require complete reloading of an affected workstation, causing a loss of unrecoverable information.

Additionally, new viruses have been discovered which randomly send emails containing information from the affected workstation. This can result in a breach of confidentiality and can have major ramifications if this confidential data is sent to an unauthorized individual.

Certain viruses have also been known to allow remote control of a workstation via the Internet without the user's knowledge. This can give a hacker a base for attack from within the confines of the statewide network and negates the protection provided by the state firewall and other protective measures.

Email is another very common method of acquiring a virus. Many of the more damaging viruses of recent history are transmitted via email and exploit security weaknesses in the affected network.

Microsoft Outlook is the prime target for many of the exploits and should not be installed on any workstation if at all possible.

Email should be limited to school related business only, in order to limit the transmission of viruses from other affected systems.

Internet Messaging services and online information systems such as Yahoo Messenger, AOL, AOL Instant Messenger and Weatherbug put an added load on the workstation's limited memory capacity and processor resources and can interfere with other applications required on the workstation, as these applications are always running in the background processes on the workstation.

Additionally, these online systems consume bandwidth that can otherwise be used for normal school applications. Certain versions of AOL have been known to interfere with networked computer systems and should not be installed on any workstation.

Personal laptops and workstations used on the state network are usually not properly configured for the network, insecure and can even be carrying viruses that can be introduced into the network.

Personal laptops and workstations should never be connected to the network without the knowledge and approval of the District Network Administrator.

Another source for viruses is floppy diskettes and CDROMs created by an individual. While it is possible to set up a policy that permits the usage of personal floppy diskettes and CDROMS, there is always the possibility that a virus can slip past the protective measures in place and infect the network.

Usage of such floppy diskettes and CD's should be at an absolute minimum and allowed on workstations only after being scanned for viruses using a virus scanner with the most current antivirus data files.

It is imperative that the antivirus data files be
maintained at the most current version to prevent a viral outbreak. New viruses are appearing on a daily basis and antivirus files should be updated on a weekly basis at the outside, and preferably updated daily if at all possible.

To prevent the introduction of viruses into the network and to prevent network problems, no unauthorized software should be downloaded or installed on any school workstation without the knowledge and approval of the District Network Administrator.

Physical security of the individual workstation is the responsibility of the primary user of the workstation. No workstation should be left unattended and logged into the network.

Many hacking attacks begin with access to an open
workstation. Many of these workstations allow access to confidential information, which should not be permitted to be accessed by unauthorized users.

When not in use, the workstation should be logged off of the network to prevent unauthorized access to confidential information and to limit the vulnerability to internal hacking attacks.

Visiting unapproved Internet sites can have major ramifications. In addition to their less than desirable content, these web sites are another prime source of viral infections, Adware and Spyware.

There are also legal liability issues involving pornographic or other less than desirable web sites. An unerasable trail is always left behind and unauthorized access to unapproved web sites can be traced and monitored.

Downloading software and music files from the Internet, in addition to the hacking and viral danger, are often in violation of copyright laws and can expose the school system to legal liability.

Storing these downloaded files consume limited and expensive network server and workstation resources.

Additionally, most file sharing services are two-way services, allowing the sharing of files from the workstation. This again can consume a great deal of available Internet bandwidth as well as opening the workstation up to attack from hackers.

Windows-based workstations have the capability to have various features disabled by an administrator. This can be done via Windows Policy Editor on Windows workstations and servers. Networks with Novell servers as their primary servers can also control these settings via Zenworks.

Different configurations of limiting workstation features are possible, allowing different levels of access for students, teachers and system administrators. Security system that is extremely easy to defeat. It is vital that these type workstations have these security policies put in place to prevent unauthorized access to the data stored on the workstation itself.

Network logons should be required and set to where they cannot be cancelled allowing access to a workstation without logging into the network. Where possible, all data should be stored on the network servers, where the security and integrity of the data is more easily controlled.

Workstations are rarely backed up which can cause a loss of valuable data. The servers are backed up on a regular basis, preventing loss of data in the event of a workstation failure.

No security policy is effective without the cooperation of a network's users. Unfortunately, there are always those that will not abide by the guidelines for usage and unless a means and process is put in place to address network abuse, not only will the abuse continue, often it will become worse and spread to other users who feel that since it is ok for one individual to do it, they can do it themselves.

The actual process should be a joint effort between the District Network Administrator, District Administration and the users. Abuse of network resources should fall under disciplinary measures already in place and should be implemented in such a way as to educate the users as to the reasons behind the guidelines rather than as punishment. A graduated scale such as verbal notification, written notification, limiting network access rights and complete removal of network access is one possible method to address these concerns.

Thanks for your attention: