Magazine article Technology & Learning

Beyond Firewalls: Professional Certification Ensures Your Staff Will Understand Information Security in Its Proper Context

Magazine article Technology & Learning

Beyond Firewalls: Professional Certification Ensures Your Staff Will Understand Information Security in Its Proper Context

Article excerpt

Twenty years ago, when I was in high school, computers had just made their way onto the desks of staff and administrators. I couldn't play football or slam dunk, but I could wrestle a computer program to its knees, and nothing gave me more pleasure than beating the administration at their own game. Before I incriminate myself further, let me get to the point: I understand what lurks in the restless hearts of the thousands of students whose records we secure. Grades, tests, and even confidential e-mail messages are all susceptible to the urges of nascent crackers.

And then there's the problem with people like us. When it comes to security, many of us don't know what we don't know. And this lack of knowledge potentially places all of our networks in danger. If you have an administrator who leaves her password taped under her keyboard, or a teacher who doesn't change his password (ever!) or can't be bothered to log out or lock the computer, all the firewalls and antivirus programs in the world will not protect your network.

That's why it's critical to have someone at your district or school who can not only design a comprehensive security plan, but educate the staff as to why security is necessary. Achieving this requires formal training. One path to better understanding security is through local universities that offer technical degrees. In San Francisco, for instance, Golden Gate University's School of Technology (www.ggu.edu/school_ of technology) has created a new master's program in systems and network management. Three of the 10 classes in this program specifically address enterprise and network security.

The quicker route, and the one I ended up taking, was the [(ISC).sup.2]'s Certified Information Systems Security Professional program, a well-constructed, vendor-neutral certification that offers best practices, recommended procedures, and much more on topics ranging from business continuity to security architecture. …

Search by... Author
Show... All Results Primary Sources Peer-reviewed

Oops!

An unknown error has occurred. Please click the button below to reload the page. If the problem persists, please try again in a little while.