Safety & Security
Sam Rayburn ISD Safety & Security Plan
Sam Rayburn ISD has formulated a district security team made up of administrators, principals, teachers, students, parents and community members as well as county safety personal. The team is responsible for making recommendations to the school board of education. The team will go through the safety and security audits every other year and stay vigilant as to new technologies and recommendations from Homeland Security, Texas Education Agency, The FBI, CISA, MS-ISAC Advisories, and others.
UPDATES and PD
Sam Rayburn ISD Cybersecurity Officer keeps the district updated with policies, procedures, news, and current threats on a regular basis through email, online PD, and required Security Training. All employees are required to complete the Safety and Cybersecurity training provided by the district. Security updates include notifications from Homeland Security and their Sentinal Appliance on the latest Phishing Schemes.
All students will be instructed in Cybersecurity and safety modules and must pass an Acceptable Use Policy exam for their grade level before they are able to gain access to the network.
The Sam Rayburn Tech Department uses Homeland Security Alerts to block malware injected IP addresses and to blacklist malicious sites.
Sam Rayburn ISD is committed to providing all stakeholders with immediate communication as required to keep all stakeholders safe and protected. The district employs several logging and notification programs for alerting the appropriate staff to cybersecurity issues, cyberbullying, and self-harm notifications. Additionally, the district employs handset radios and a desktop SchoolMessenger program.
SECURITY, PRIVACY, and CRISIS MANAGEMENT for TECHNOLOGY DEPARTMENT
External Threat Deterrence
o Ensure all doors and windows are in good repair and lock properly
o Lock overhead and receiving doors with high-quality padlocks
o Install cameras at all access points to allow or disallow "buzz-ins" as needed
o Light all exterior entries with fixtures that are difficult to reach or tamper with
o Add surveillance cameras and motion detectors in appropriate areas
o Add a locked door or barrier as the first line of defense if necessary with appropriate signage according to access under CJIS laws
o Ensure hidden areas are well protected. They are the most vulnerable areas
o Leverage a monitored intrusion system to help deter crime and to alert emergency personnel if a crime event occurs
o All data transfers and backups offsite are encrypted with 256-bit data encryption procedures.
Internal Threat Deterrence
o Running background checks on potential employees before making a job offer
o Restrict who has access to your security system’s arm and disarm codes
o Removing ALL personal information files and data files from the desktop
o Restrict access to all infrastructure components (NOC, IDFs, MDFs) Post warning signs: Prosecution under CIIS Security Act.
o If providing keys/access cards, give them only to those employees who need them for their jobs
o Employ an access control system – access cards are difficult to copy, cost less and are easier than keys to replace if lost or stolen
o Use security cameras that record to monitor areas where the money is kept and where valuable equipment is used or stored. Cameras are a strong deterrent to theft.
o Deploy an intrusion detection system and train employees on coded phrases
o Maintain temperature control and alert devices, temperature probes, and fire alarms
o Deploy halogen fire suppression system for the Network Operations Center instead of a water sprinklers.
o Access control all inventory, storerooms, maintenance equipment entrance and exit points.
o Practice safe & exemplary backup/recovery procedures (A, B, C, D backups to different locations- each campus, UT Health Center & Cloud backup through Spanning and Region 20)
o Require employees to run updates and scanning programs on all machines under their care
o All faculty members are responsible for monitoring and teaching students concerning Internet Safety (CIPA & DOPPA), Student Privacy, Anytime-bullying, Acceptable Use Policies, and Ethical Use of district digital resources.
o The District deploys the StopIt to monitor for cyberbullying and harmful threats in emails.
Crisis Management & Preparedness
o Make sure all employees are trained on security, privacy, and emergency procedures, then perform regular drills
o Keep your emergency contact list updated
o Test your security systems monthly to make sure they are working properly
o Review your log reports weekly to look for irregularities and before too much time has passed
o Carefully train new employees to ensure safety and security procedures are being followed\
o Keep critical data on offsite servers and backup storage devices.
o Keep employees informed of all current threats such as malware, spyware, trojans, viruses, and socially engineered SCAMS
o Require all employees to report any suspicious behavior or unauthorized access to digital or hardware resources.
o Update policies regularly to stay ahead of threats and emergency procedures.