Pearland Independent School District (ISD) is based in Pearland, Texas. More than 25,000 Pearland ISD teachers and students access curriculum and applications via virtual desktop infrastructure (VDI) installed by Logical Front. For this new project, Pearland reached out to Logical Front to find a User Environment Manager (UEM) to combat and contain a recent security threat.
Though it doesn’t get as much attention as hackers targeting the Department of Defense, large financial institutions, or the nation’s utility grid, cyber attacks plague the networks of educational institutions. Google something like “students steal personal information from school networks” and you’ll get more than 29 million hits.
Greg Bartay, IT director for Pearland ISD, can vouch for the seriousness of this problem firsthand. “We had a student who brought malicious tools into the district and executed them from a flash drive,” explains Bartay. “The student downloaded Active Directory tools at home. Consequently, he also downloaded UltraSurf, which creates a virtual tunnel through your firewall from the inside out. The objective was to break into student accounts.” He was posting the information he retrieved online, Bartay continues.
“As a result, we started receiving anonymous emails from Internet share groups telling us what he was doing. With more time, he could have gotten access to things like students’ and parents’ Social Security numbers,” Bartay explains. To combat this threat and avoid future problems, Bartay began looking for a solution the district could use to protect the personal information of all parties involved.
One week after the hack, Pearland was hit with a ransomware attack. “The attack was due to a flash drive file used on a school computer,” said Jonathan Block, desktop support services manager for Pearland ISD. “There were 15-20 file shares affected. It took us five hours to recover the data from backup. And, because we had to take down those file shares to recover data, we were unable to back up a day’s worth of teachers’ and students’ classwork.”
“We thought we were protected against ransomware,” continued Block. “But we found that Microsoft’s System Center Endpoint Protection had no zero-day solutions for the variant that attacked us.” The one-two punch of a hack closely followed by a ransomware attack created a sense of urgency for the Pearland ISD IT team to find a fix.
Other than locking down the network, which made day-to-day educational tasks nearly impossible, the district had few choices for protecting its sensitive information. “We knew that trying to address the problem via Active Directory would take a lot of time and expertise,” recalls George Thornton, vice president of engineering for Pearland’s technology partner Logical Front. “Then a representative from AppSense explained what Application Manager could do. So we set up a proof of concept study.”
The P.O.C ran for two months and Application Manager performed as promised. Application Manager prevented any unauthorized executable from running within the network. “It does everything it said it would do,” notes Bartay. “It gives us control over what anyone can execute out of their home folders or off a USB drive. If someone wants to run a program that’s not on our list, they have to ask permission. Additionally, it prevents kids and even many of our staff from using Pearland ISD endpoints for non-school-related activities.”
“It took just ten minutes to deploy a simple Application Manager configuration to 38 machines in one of our high school libraries as a test,” said Block. “The team spent several hours observing a succession of students try to play games on those library computers using flash drives they brought from home. Application Manager blocked every attempt.”
Since Logical Front installed Application Manager, Bartay and his team have significantly reduced their risk. In addition, Application Manager has allowed the IT team to block students from executing online games.
This saved the IT team time and also put a stop to activities that were robbing students of instructional time. “When they are losing instructional time, it means they’re not doing what they are here to do,” Bartay points out. By implementing Application Manager, Logical Front is able save the IT team hundreds of hours each school year. Application Manager also resets all the student passwords due to any malware or ransomware issues.
Organizations used to stress perimeter security with strong firewalls and robust access policies. Today, that’s not enough. “You can’t put a price on security. You’re talking about people’s lives. Just ask the people that shopped at Target. People will be cleaning that up for years to come,” concludes Bartay. “You have to have a zero trust policy, with virtual firewalls throughout your network and layered defenses. AppSense helps achieve that.”