MIS: Opening Admin servers SQL port or 'port 80' to curriculum network
John Condon (under 'Electronic Registration' thread) says:
I thought the above is worth a new thread.
This is an excerpt from a circular distributed from BECTA on the 18th, from Dr Stephen Lucey, Becta Executive Director, Strategic Technologies.
"Recent high-level security breaches concerning loss of personal and sensitive information have highlighted the need to update information security guidance.
Suppliers – particularly management information systems, technical support, connectivity and learning platform providers – have an important role to play in helping schools to meet their responsibilities for data security. This may be simply to reassure school leaders that appropriate security mechanisms are already in place and make sure that they know how to use them to greatest effect. They may also ask you to review their security mechanisms and policies, and recommend or implement any necessary improvements. "
So it looks like the debate on adapting 'flat networks',Admin-curriculum seperation, opening servers SQL port or 'port 80' to curriculum network etc. and the risks (or lack thereof) has definitely spilled beyond Edugeek
(As if anyone had any doubts that it hadn't )
Many get hang up on 'flat networks' vs 'two network' argument and we overlook the real issue - which is "Opening Admin servers SQL port or 'port 80' to curriculum network".
It will be interesting to see if Becta will come out and put guidance on this core issue which is in the centre of data security risks in schools with flat networks.
By definition curriculum network in schools is 'untrusted' / 'insecure' network hence opening SQL ports or port-80 on admin servers to curriculum network is like opening it to Internet. Yes?