Appsense Pearland

Devices such as student's smartphones are a major threat to data security in schools.

Increasing Data Security in Schools with Endpoint and Recovery Upgrades

Pearland Independent School District (ISD) is based in Pearland, Texas. More than 25,000 Pearland ISD teachers and students access curriculum and applications via virtual desktop infrastructure (VDI) installed by Logical Front. For this new project, Pearland reached out to Logical Front to find a User Environment Manager (UEM) to combat and contain an increasing problem: data security in schools.


Though data security in schools doesn’t get as much attention as hackers targeting large financial institutions, school data breaches like Pearland ISD are extremely common. Google something like “students steal personal information from school networks” and you’ll get more than 29 million hits.

Greg Bartay, IT director for Pearland ISD, can vouch for the seriousness of school data breaches. “We had a student who brought malicious tools into the district and executed them from a flash drive,” explains Bartay. “The student downloaded Active Directory tools at home. Consequently, he also downloaded UltraSurf, which creates a virtual tunnel through your firewall from the inside out. The objective was to break into student accounts.” He was posting the information he retrieved online, Bartay continues.

“As a result, we started receiving anonymous emails from Internet share groups telling us what he was doing. With more time, he could have gotten access to things like students’ and parents’ Social Security numbers,” Bartay explains. To combat this threat and avoid future problems, Bartay began looking for an endpoint solution the district could use to protect the personal information of all parties involved.


One week after the school data breach, Pearland was hit with a ransomware attack. “The attack was due to a flash drive file used on a school computer,” said Jonathan Block, desktop support services manager for Pearland ISD. “There were 15-20 file shares affected. It took us five hours to recover the data from backup. And, because we had to take down those file shares to recover data, we were unable to back up a day’s worth of teachers’ and students’ classwork.”

“We thought we were protected against ransomware,” continued Block. “But we found that Microsoft’s System Center Endpoint Protection had no zero-day solutions for the variant that attacked us. ”The one-two punch of a hack closely followed by a ransomware attack created a sense of urgency for the Pearland ISD IT team to find a fix.

We thought we were protected against ransomware…but we found that Microsoft’s System Center Endpoint Protection had no zero-day solutions for the variant that attacked us.


Other than locking down the network, which made day-to-day educational tasks nearly impossible, the district had few choices for protecting its sensitive information. “We knew that trying to address the problem via Active Directory would take a lot of time and expertise,” recalls George Thornton, vice president of engineering for Pearland’s technology partner Logical Front. “Then a representative from AppSense explained what Application Manager could do. So we set up a proof of concept study.”

The P.O.C ran for two months and Application Manager performed as promised. Application Manager prevented any unauthorized executable from running within the network. “It does everything it said it would do,” notes Bartay. “It gives us control over what anyone can execute out of their home folders or off a USB drive. If someone wants to run a program that’s not on our list, they have to ask permission. Additionally, it prevents kids and even many of our staff from using Pearland ISD endpoints for non-school-related activities.”

“It took just ten minutes to deploy a simple Application Manager configuration to 38 machines in one of our high school libraries as a test,” said Block. “The team spent several hours observing a succession of students try to play games on those library computers using flash drives they brought from home. Application Manager blocked every attempt.”


Since Logical Front installed Application Manager, Bartay and his team have significantly reduced their risk of future school data breaches. In addition, Application Manager has allowed the IT team to block students from executing online games.

This saved the IT team time and also put a stop to activities that were robbing students of instructional time. “When they are losing instructional time, it means they’re not doing what they are here to do,” Bartay points out. By implementing Application Manager, Logical Front is able save the IT team hundreds of hours each school year. Application Manager also resets all the student passwords due to any malware or ransomware issues.

Organizations used to stress perimeter security with strong firewalls and robust access policies. Today, that’s not enough to ensure data security in schools. “You can’t put a price on security. You’re talking about people’s lives. Just ask the people that shopped at Target. People will be cleaning that up for years to come,” concludes Bartay. “You have to have a zero trust policy, with virtual firewalls throughout your network and layered defenses. AppSense helps achieve that.”

Project info
Pearland ISD logo for VDI case study
Pearland Independent School District
Endpoint Security to Protect Against Internal Cyber Security Threats
Security, VDI, BYOD
[ninja_form id=”9″]

Featured Equipment

Dell Precision M3800 and M4800 mobile workstations, Dell Latitude E6540 notebooks, and Dell Precision 5810XCTO workstations

AppSense Application Manager

Dell PowerEdge M710 or M620 servers, Dell PowerConnect 8100 switches

BYOD, 1:1 initiative, Virtual Desktop Infrastructure, NVIDIA GRID, PLTW Grant
Read how Little Rock School District enlisted Logical Front to
maximize a PLTW grant with a custom VDI solution and a 1:1 initiative.
Pearland ISD logo for VDI case study

Share This:

Site secured by Wayne Smiley Design