Saint Paul Public Schools (SPPS), located in Saint Paul, MN, is one of the largest and most diverse school districts in Minnesota. With a mission to provide a safe and nurturing educational environment, SPPS recognized the increasing importance of robust cybersecurity measures. 

In 2017, SPPS partnered with Res-Q-Rity to enhance their cybersecurity framework, addressing critical vulnerabilities and ensuring the protection of sensitive information. This story highlights the comprehensive collaboration between SPPS and Res-Q-Rity and the significant improvements achieved in the district’s cybersecurity posture.

Identifying the Challenges

SPPS faced several cybersecurity challenges that needed immediate attention:

• Two-Factor Authentication: Implementing two-factor authentication for VPN access to enhance security.
• Privileged Account Management: Securing privileged accounts to prevent unauthorised access.
• Endpoint Security: Enhancing monitoring and defence mechanisms against malware and other threats.
• Security Loopholes: Identifying and addressing security loopholes in generic accounts and improving Active Directory (AD) account auditing.
• Log Management: Configuring and administering a comprehensive log management system.
• Security Policies and Programs: Developing and documenting formal security programs and policies.

Objectives and Goals

The primary objectives of the collaboration between SPSS and Res-Q-Rity were:

1. Bolstering the systems for authentication.
2. Securing privileged accounts.
3. Enhancing endpoint security.
4. Identifying and mitigating security vulnerabilities.
5. Improving log management and analysis.
6. Creating and putting into effect thorough security procedures.

The Solution: A Comprehensive Cybersecurity Framework

Res-Q-Rity approached the collaboration with a multi-faceted strategy, focusing on both immediate and long-term security improvements. The solution was designed to address each of the identified challenges comprehensively.

• Two-Factor Authentication Implementation

Res-Q-Rity introduced and implemented two-factor authentication (2FA) for VPN access using DUO Security. This added layer of security ensured that only authorised personnel could access the network remotely, significantly reducing the risk of unauthorised access.

• Securing Privileged Accounts

To enhance the security of privileged accounts, Res-Q-Rity deployed BeyondTrust. This solution effectively eliminated excess access to systems and data, ensuring that privileged accounts were closely monitored and controlled. By doing so, SPPS minimises the risk of insider threats and unauthorised access.

• Enhancing Endpoint Security

Res-Q-Rity conducted a thorough analysis of malware trends using advanced endpoint security tools. This analysis helped in understanding the evolving threat landscape and implementing appropriate countermeasures. The team also identified security loopholes such as generic accounts, disabled them, and improved AD account auditing processes.

• Entire Log Management

Log management was a critical aspect of the cybersecurity framework. Res-Q-Rity configured and administered LogRhythm, a powerful log management and analysis tool. This system collected logs from various critical assets, including servers, workstations, and iPads. The logs were analysed for suspicious activities, intrusions, and potential security breaches.

Developing and Implementing Security Policies

Res-Q-Rity worked closely with SPPS to develop, implement, and document formal security programs and policies. This included policies for securing systems, handling sensitive data, and responding to cybersecurity incidents. The team also provided guidance on the proper disposal of data to fight against cyberbullying, enhancing the overall security culture within the district.

Technical Support and Training

Res-Q-Rity provided Level-3 technical support for SPPS, addressing issues such as system filtering, URL filtering, and managing litigation holds and e-discovery. The team also trained SPPS staff on best practices for cybersecurity, ensuring that everyone was aware of potential threats and how to respond to them effectively.

Table 1: Key Security Measures Implemented

Measure	Description	Impact
Two-Factor Authentication (2FA)	Implemented DUO Security for VPN access	Enhanced remote access security
Privileged Account Management	Deployed BeyondTrust	Reduced unauthorised access
Endpoint Security	Analysed malware trends and implemented advanced tools	Improved threat detection and response
Log Management	Configured LogRhythm	Enhanced log analysis and threat identification
Security Policies	Developed comprehensive security programs	Strengthened security culture
Content Filtering	Deployed iBoss	Blocked inappropriate content
AD Auditing	Regular auditing of AD accounts	Reduced inactive accounts and potential vulnerabilities

Specific Implementations and Achievements

• Password Policy Development: Res-Q-Rity developed a strong password policy, which was approved by the board and implemented across the district.
• Content Filtering: The team deployed content filtering using iBoss, blocking inappropriate content and protecting the entire district.
• AD Auditing: Regular AD auditing was performed to disable/delete test, service, and vendor accounts that were not in use.

• Vulnerability Management: Proposed and implemented strategies for remediating system vulnerabilities using Insight VM.
• Phishing and Suspicious Email Monitoring: Implemented measures to identify and block phishing and suspicious emails using O365 Admin Portal and PowerShell scripts.

Table 2: Compliance Achievements

Compliance Standard	Description	Outcome
HIPAA	Health Insurance Portability and Accountability Act	Ensured protection of sensitive health information
COPPA	Children’s Online Privacy Protection Act	Protected the privacy of students under 13

Results and Impact

The collaboration between SPSS and Res-Q-Rity led to significant improvements in the district’s cybersecurity posture. Key achievements included:

• Enhanced Security Framework

The implementation of 2FA, improved privileged account management, and advanced endpoint security tools significantly enhanced the overall security framework of SPPS.

• Reduced Security Incidents

With robust log management and regular AD auditing, SPPS experienced a notable reduction in security incidents. The proactive identification and mitigation of vulnerabilities played a crucial role in maintaining a secure environment.

• Stronger Security Culture

The development and implementation of comprehensive security policies, combined with staff training, fostered a stronger security culture within the district. Staff members became more aware of cybersecurity threats and how to respond to them effectively.

• Compliance and Regulations

Res-Q-Rity’s expertise in handling regulatory compliance ensured that SPPS met the necessary standards, including HIPAA and COPPA. This compliance not only protected sensitive information but also bolstered the district’s reputation as a secure and trustworthy institution.

Conclusion

The partnership between Saint Paul Public Schools and Res-Q-Rity exemplifies the importance of a comprehensive and proactive approach to cybersecurity. Through detailed planning, expert implementation, and continuous monitoring, Res-Q-Rity successfully addressed the diverse cybersecurity challenges faced by SPPS. The collaboration not only enhanced the district’s security framework but also instilled a culture of security awareness among staff and students. As cybersecurity threats continue to evolve, SPPS remains committed to maintaining a secure and safe learning environment, with Res-Q-Rity as a trusted partner in their ongoing efforts.

Key Performance Indicators (KPIs)

1. Reduction in Security Incidents: A significant decrease in reported security incidents and breaches.
2. Increased Compliance: Achieving and maintaining compliance with relevant standards and regulations.
3. Improved Security Awareness: Higher participation in security training programs and improved staff awareness of cybersecurity best practices.

Future Directions

Res-Q-Rity continues to support SPPS in maintaining and enhancing their cybersecurity framework. Future initiatives include:

• Regular security audits and assessments to identify and mitigate new threats.
• Continued staff training and awareness programs to keep up with evolving cybersecurity challenges.
• Integration of advanced technologies such as artificial intelligence and machine learning for enhanced threat detection and response.

By maintaining a proactive and adaptive approach to cybersecurity, SPPS and Res-Q-Rity aim to stay ahead of potential threats, ensuring a secure and nurturing educational environment for all students and staff.

FAQs 

1. What types of cybersecurity training programs does Res-Q-Rity offer?

Res-Q-Rity offers a variety of cybersecurity training programs tailored to meet the needs of different organisations and skill levels. Our offerings include basic cybersecurity awareness training designed for all employees, focusing on fundamental cybersecurity principles and practices. For IT professionals and security teams, we provide advanced cybersecurity training that covers topics such as threat detection, incident response, and penetration testing. 

2. How does Res-Q-Rity customise its training programs for different organisations?

Res-Q-Rity customises its training programs by conducting a thorough assessment of the organisation’s specific needs, industry requirements, and existing security posture. This process begins with an initial consultation to understand the organisation’s goals, challenges, and training needs. We then perform a risk assessment to identify the most prevalent threats and vulnerabilities relevant to the organisation. Based on this information, we develop tailored training materials and scenarios that address the identified risks and align with the organisation’s policies and procedures. 

3. What is the format of Res-Q-Rity’s cybersecurity training sessions?

Res-Q-Rity’s cybersecurity training sessions are designed to be flexible and engaging, offering various formats to suit different learning preferences and organisational needs. We provide on-site training sessions conducted at the organisation’s premises, allowing for interactive and hands-on learning experiences. For remote or distributed teams, we offer virtual training sessions that provide real-time interaction with instructors. Our e-learning modules are self-paced online courses that employees can complete at their convenience, providing flexibility and scalability. 

4. How does Res-Q-Rity measure the effectiveness of its cybersecurity training programs?

Res-Q-Rity employs a multi-faceted approach to measure the effectiveness of its cybersecurity training programs. We use pre- and post-training assessments to evaluate participants’ knowledge and skills before and after the training to measure improvement. Phishing simulations are conducted before and after training to assess changes in employee behaviour and awareness. We also collect feedback from participants through surveys to gauge their satisfaction and gather insights for further improvement. 

5. Can Res-Q-Rity assist in creating a continuous cybersecurity education program for our organisation?

Yes, Res-Q-Rity can assist in creating a continuous cybersecurity education program tailored to your organisation’s needs. Our approach includes designing a comprehensive, ongoing training curriculum that covers essential cybersecurity topics and evolves with emerging threats. We provide regular updates to the training materials and sessions to keep employees informed about the latest cybersecurity trends and best practices. To keep employees engaged and motivated to participate in continuous learning, we implement strategies such as gamification, rewards, and recognition. 

Click here, to know more about Res-Q-Rity.