top of page
AdobeStock_236084095.jpeg
luis.png
samantha.png
taylor.png

We conducted a basic cyber hygiene audit of the school’s network and the devices on it. Somethings can’t be disclosed for security purposes. Because if the methods get out its will be easier for threat actors to exploit the system.

Device and Network Security

  • Update Operating System & Software all devices connected to the school’s network are all automatically updated and up to date

  • Use of strong passwords is implemented and MFA

  • Firewall and Antivirus is installed and up to date

  • Encryption in transit but not at rest

  • Can’t disclose how it’s done encryption and security patches

 

User Access Control

  • Least privilege principle implemented and secure remote access for certain employees and students

 

Email and Phishing Defense

  • Email Filtering using spam and phishing filters to block suspicious emails

  • DMARC is enabled to prevent email spoofing can’t disclose

 

Physical Security

  • Secure access to devices (locked doors, restricted access to important rooms such as IDF rooms)

  • Rented Laptops cannot be modified without administrative privileges

(Recently becoming more inflexible as lab employees aren’t allowed to help students download programs of their choice onto rented laptops)

 

Security Awareness and training

  • There is regular training for work-study and employees

  • Can’t disclose how

 

Data management and backup

can’t be disclosed

 

Incident response plan

(Posters put out to inform everyone)

 

Third party risk management

 can’t disclose

 

Monitor and audit

 can’t disclose

 

Compliance and documentation is implemented

 

 

we spoke to the following people during the cyber hygiene audit:

  • Maggie Hemme – Works in the IT Department front desk Bldg ASC, Rm A259

  • Lois Dominguez – Lab Assistant AST bldg.

  • Desiree - Student union bldg. Work Study

  • Jesse Ramirez - bldg. B

bottom of page