Page 1 of 2 12 LastLast
Results 1 to 10 of 14
  1. #1
    Dead Man Walking
    Join Date
    Jan 2003

    A possible contract I may need a little help with

    Let me preface this with the fact that this is not a solely computer related post

    I have recently been approached to potentially help implement a new security system/set of policies for a local private school. The only problem is I have no idea where to actually start. I have a ton of ideas but not sure where to start. They are getting a fairly good sized grant to make the school safer. I'm basically wanting to bounce some ideas around and see what everyone thinks. Also if you have any suggestions please do not hesitate to speak up. This is a K through 12.

    Here is what I am thinking, please bear in mind this is a very simplified version of what I am planning on recommending.

    1. access controlled doors. Monitored by school personnel during periods when kids are coming and going. Locked during non-essential times so as to not be operable from the outside.

    2. Door bell cameras with recording system and a remote door activation switch next to the camera monitor. So the office can open the door remotely if the person at the door is recognized as someone who is allowed to be there. This step could use a little work and some more definition I know. Like I said this is basics.

    3. Im not sure at this point how feasible this part is but I would like to see the computer with the student database and other sensitive material isolated from the internet. Possibly not hooked into the rest of the network. This is a relatively small school so they do not use the network for grade reporting or anything like that. That could all be handled by a small in house email set up with only a slight modification to the way they currently do things.

    4. An AUP that all parents are to insure that their children understand. That way it is understood what exactly the classroom computers are to be used for and what is not acceptable. The kids have internet access for research purposes but I am concerned about possible infection from spy ware because of some kid surfing the wrong sites. All the student accessible computers are set up for limited user accounts for the kids but better safe than sorry.

    5. Potentially using content filtering software of some sort. And some sort of host blocking. So the kids cant access myspace at school and other sites like that. Having never worked with anything like that I have no clue where to even start. I'm sure part of it could be done in the hosts file on the computers.

    6. Photo ID's for students and maybe even parents so that it is easier for staff to identify who is supposed to be there and who is not. And visitor badges that must be visible.

    Part of this I will probably be implementing myself and some of it just sort of consulting on. Like the doors locks and such I would have no idea where to start with that so it will probably be contracted out to a local lock and alarm company. I have a contact in the schools tech department who recommended me to consult on this. The tech teacher is a great lady when it comes to teaching the kids things they need to get jobs later in life but security is not her forte. So she is wanting to bring me in to help out. I would be responsible for initial set up and training. The occasional audit of the procedures and policies would be part of it as well. Basically Pen test the schools security system. I plan on doing a lot of speaking about social engineering during my training sessions with the staff. We have not agreed on a compensation amount yet. I do not have enough details on how much they expect me to do after the initial set up and training.

    I will add more as it comes to mind and if you have any suggestions I would really love to hear them.

  2. #2
    Senior Member C:\Saw's Avatar
    Join Date
    Jan 2008
    Hmmm, perhaps biometric handscanners used in conjunction with school ID's?
    they are used at many universites, etc...although i have no clue as to the cost
    "...to give correctly is to give them what they need from us, for it would not be skillful to bring gifts to anyone that are in no way needed."

    *Einstein Would Be Proud*

  3. #3
    Dead Man Walking
    Join Date
    Jan 2003
    I don't think that those will be practical for the situation. Its an awesome thought but it would never get implemented. While the school is fairly decent sized for a private school in this area its not quite that big. And doing a quick scan of what pops up on google the cost is more than the benefit. There are only 3 outside doors. And once I get done there is only going to be one that the is accessible from the outside.

    But that brings up another thought. What about a thumb print box on the visitors log?

  4. #4
    Senior Member WolfeTone's Avatar
    Join Date
    Jun 2007
    All external doors to have access control and are locked 24-7 via magnetic lock.

    Each student (also staff) to have their student ID card which has a unique barcode (student ID number).

    A swipe of the bar code at each door grants access and also allows for student tracking.

    Each card can be set up with different privileges so some students or staff might be allowed access to different rooms than others.

    ID Cards in conjunction with password to be used for PC access.

    Camera on main visitors doors, when they push buzzer for office it takes a photo and stores on PC, if office know this person, they log the visitors name against the photo. This is very useful for tracking of clothes.

  5. #5
    Senior Member nihil's Avatar
    Join Date
    Jul 2003
    United Kingdom: Bridlington
    You might like to look at these:



    They might help with a few ideas?

    To be honest with you I wouldn't go near the physical safety aspect without a very healthy professional liability indemnity insurance policy.

    As for the computer side, that I would feel much more comfortable with.

    1. The school's administrative network should be separate from the student network.

    2. Sure you need an AUP.................... it must apply to the staff, as well as children and parents. Ban access to private e-mail, websites, social networking sites and the like. No P2P applications allowed etc...............

    3. Yes, you will need a content filter and host blocking. Might I suggest that you check out the legal requirements for your locality and state, as I understand that some counties and states do have legislation in this respect.

    4. You need to look at what is allowed in the way of external devices......... floppies, USB, CDs, DVDs etc..................... In particular you need a policy on private laptops, and hand held devices.

    5. You need to look at network and internet usage and traffic analysis. Make it clear to all users, parents etc. that computer usage will be monitored, and violations of the AUP will be dealt with.

    6. Look at the firewalls and anti-malware. There needs to be a clear policy and responsibility for keeping them up to date and scheduling regular scans. OK, it may not be that effective, but it is a good CYA, and you need that if you are responsible for minors.

    7. Don't forget operating system and applications patches.

    Just a few thoughts........................

  6. #6
    Dead Man Walking
    Join Date
    Jan 2003
    Nihil, yea I planned on making them sign a hold harmless type thing. Actually I am waiting to hear back from my attorney on that as I type. On the physical security, I'm basically just acting as an adviser. I'm not actually implementing any of the physical aspects. I am just telling them what i would do in their shoes.

    I really appreciate the advice on the computer side of things. The suggestions will most definitely be seriously considered. I'm going to be working on the AUP today from the looks of things. If this works out good for me I could be looking at a fairly good number of other private contracts coming my way so I want to do this one right.

  7. #7
    They call me the Hunted foxyloxley's Avatar
    Join Date
    Nov 2003
    3rd Rock from Sun
    kids here where in the habit of turning their desktops into web servers
    and they will have the numbers on their side too
    so how many staff are you thinking of for admin ?
    and what capability will they have attained to get the job ?

    staffing will eat a lot of the budget
    and it will be the easiest to squeeze too

    consider a self run pen test against the site now, and after the new system is up and running

    group policy can be used to really tie down accounts
    NEVER allow any students to 'help' in the day to day runniing of the system
    never let the little bastas anywhere near anything remotely like a server

    and a GOOD system doesn't just RUN well
    it has to FAIL well too

    because they WILL trash it
    55 - I'm fiftyfeckinfive and STILL no wiser,
    OLDER yes
    Beware of Geeks bearing GIF's
    come and waste the day :P at The Taz Zone

  8. #8
    THE Bastard Sys***** dinowuff's Avatar
    Join Date
    Jun 2003
    Third planet from the Sun

    The place to start for physical security is the schools insurance company and legal counsel.

    The insurance company will be the underlying factor of what you can and cannot do - and legal council will be able to advise on local, state and federal rules/laws mandating school does and dont's

    The Fire Chief is going to get involved whether you like it or not.

  9. #9
    Senior Member nihil's Avatar
    Join Date
    Jul 2003
    United Kingdom: Bridlington
    If this works out good for me I could be looking at a fairly good number of other private contracts coming my way so I want to do this one right.
    I agree entirely............... your first private job is generally your first serious marketing campaign

    Foxy~ has a good point that I forgot to mention:

    and a GOOD system doesn't just RUN well
    it has to FAIL well too
    You will need a backup and recovery plan/strategy.

    The Fire Chief is going to get involved whether you like it or not.
    Yes, all the emergency services should be involved (more CYA ). But it is the police and paramedics who get involved with stabbings, shootings and the like.

  10. #10
    Dead Man Walking
    Join Date
    Jan 2003
    Considering the number of machines and since the vast majority of the students move to public school after 8th grade or one of the larger private private high schools. I just had a mild disagreement with a staff member. Come to find out the school has no where near the numbers I was originally told. They have a total enrollment of less than 100. I made it very clear that from this point on when I ask for numbers I want real numbers not potential ones. Long story. But now I am getting wary of the situation in whole. I can not give accurate recommendations based on inaccurate data.

    Total number of student accessible machines is aprox 30. Running anything from windows 2k up. These are donated machines that have been kitbashed together. No linux or apple OS to worry about at this point.

    All the student machines are located in one "computer lab". That will make things a little easier. With the small number of students/computers the tech teacher should be able to handle admin with a relatively small dose of training. I know her personally, she can handle the job if I get her pointed in the right direction. Hiring in of additional staffing is not an option with this place. They almost had to lay some teachers off at the beginning of this term due to funding issues. All of the money for this project is coming out of a series of grants specifically for this purpose.

    I forgot to mention that I have already performed a physical pen test of the facility. I went from the parking lot to my contacts class room during passing period with the halls full of students and teachers via the front door in less than 4 minutes with no one challenging me as to whether or not I belonged there. Never even got a second glance. And at the time I had only been on premises after hours to help the tech teacher out with a small networking issue and was never in contact with any other staff.

    You should have seen the look on the principles face when I told him about it. Maybe I shouldn't have said this but he about swallowed his tongue when I said "if I was a kidnapper I would have had my pick of the litter today". Thats when all this started. I should have never made it more than 10 feet from the front door. I should have never gotten in the front door.

    The computer part of the "lock down" wont be hard to do at all. Especially considering the numbers involved and the ages of the users. But they want to bundle the physical/computer security into one nice neat little package to make it easier to get grant money.

Similar Threads

  1. ICANN approves dotcom contract
    By whatthe in forum Regulatory Compliance
    Replies: 1
    Last Post: March 1st, 2006, 05:37 PM
  2. Contract Pay - How much to ask for??
    By hidoa in forum AntiOnline's General Chit Chat
    Replies: 6
    Last Post: August 23rd, 2005, 05:24 PM
  3. Microsoft contract with SCO
    By whizkid2300 in forum AntiOnline's General Chit Chat
    Replies: 0
    Last Post: July 3rd, 2003, 12:14 PM
  4. Norway cancels Microsoft contract
    By Palemoon in forum AntiOnline's General Chit Chat
    Replies: 2
    Last Post: July 15th, 2002, 08:17 PM
  5. Expand / contract
    By VictorKaum in forum Site Feedback/Questions/Suggestions
    Replies: 2
    Last Post: January 16th, 2002, 11:56 PM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts

We have made updates to our Privacy Policy to reflect the implementation of the General Data Protection Regulation.