Security and data

[Mike Reading]

Hi everyone

Just a quick heads up that we are co-ordinating a couple of 1/2 day summits with the MOE, Google, Microsoft, N4L and others. 

The first day is all about security and the second day is all about how to best use all the data you have at your fingertips. 

Here is a 1 pager for the event and here is the registration page. Would be great to have as many of you and your lead teachers attend as possible as 2022 is shaping up to be quite a year on the security front! 

To give you an indication of how big the need is, we recently ran a simple script to determine which NZ schools have security protection against forging emails from their school and found that under 60% of schools have any sort of protection and less than 7% have it fully configured.

Let me know if you have any questions

Mike 

[Izzi Lithgow]

We'll be there!

I'm presenting on responding to a cyber incident in a pandemic (plagues of locusts need not apply!) and my colleague Andrew Hood will be presenting on how to keep your precious data safe, and a few sneaky ways you can lose it.

Looking forward to seeing a few Techies for Schools faces in the virtual audience

[Edwin Bruce]

Hi,

Regarding " found that under 60% of schools have any sort of protection " was WEGC on the list found wanting?

Thanks

Edwin Bruce

[Edwin Bruce]

further... you may prefer to DM me the answer but I expect a few schools will be interested in details...

[Jeffrey B]

What measures are you looking for SPF records or something more?

---

From: techies-f...@googlegroups.com <techies-f...@googlegroups.com> on behalf of Edwin Bruce <edwin...@gmail.com>
Sent: Thursday, March 10, 2022 12:26:31 PM
To: Techies for schools <techies-f...@googlegroups.com>
Subject: [techies-for-schools] Re: Security and data

 

--
You received this message because you are subscribed to the Google Groups "Techies for schools" group.
To unsubscribe from this group and stop receiving emails from it, send an email to techies-for-sch...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/techies-for-schools/2f56e3b6-e8c0-428d-a795-daf80e3cd660n%40googlegroups.com.

[Andrew Hood]

Hi,

The Ministry did some work with SMX last year and found that roughly 50% of schools do not have SPF records in place (or are misconfigured) and about 0.9% of schools have full blocking DMARC.

There are tools for checking your SPF records (like https://mxtoolbox.com/spf.aspx) and then moving onto DMARC.

This is an area that I know is a big security risk for schools. However, I am happy to admit that understanding the complexities of SPF, DKIM and DMARC is complicated. How useful would guidance on this area be? I know that I am talking to the more technically minded end of the school sector here, but what are peoples feelings about how well understood this subject is?

Andrew Hood | Chief Advisor Cyber Security
Te Puna Hanganga, Matihiko | Infrastructure & Digital

DDI +6444638102 | Mobile 029 200 3774
National Office 1 The Terrace

education.govt.nz

He mea tārai e mātou te mātauranga kia rangatira ai, kia mana taurite ai ōna huanga
We shape an education system that delivers equitable and excellent outcomes

[Jeffrey B]

From my point of view a 'why it's a good idea' and 'how to' would be a good resource to have avalible. Personally I remember hearing about DMARC but did not get to the reading.

After being reminded I will add the reading to my list and hopeful get to it in the short term.

Hearing about some of the proactive things that can be done in a periodical or builtin would be very handy even if just to remind everyone to check.  It should be light and advisory though to keep everyone's motivation up in a neverending sea of exploits and hackers.

---

From: techies-f...@googlegroups.com <techies-f...@googlegroups.com> on behalf of Andrew Hood <andre...@education.govt.nz>
Sent: Thursday, 10 March 2022, 13:05

To: Techies for schools <techies-f...@googlegroups.com>

Subject: Re: [techies-for-schools] Re: Security and data

To view this discussion on the web visit https://groups.google.com/d/msgid/techies-for-schools/210dec52-8b63-4f94-b164-831da884538cn%40googlegroups.com.

[Glen Pringle]

"Any sort of protection" means any SPF or DKIM* record (the loosest possible definition). "Fully configured" means SPF, DKIM, and DMARC are all correctly configured. So there's heaps of schools with no SPF or DKIM at all and very few have SPF, DKIM, and DMARC all correctly configured.

* To search for DKIM records, we only looked for those using the default DKIM selector for Google Workspace & Microsoft 365. I know this might miss some where the selector has been changed from the default or another email provider is being used, but the first is highly unlikely and based on the SPF records there are only a handful of schools that fall into the second category.

Glen Pringle

Technical Trainer, Using Technology Better

[Steve Smith]

Morena All,

I edited this help info from our support center about this subject for our schools.

Hopefully it helps to see where you can make changes and how they will impact your domain.

You can make these changes (or your support partner can) direct from the console.

Best regards

Steve

PDF attached and support center links at -> support.google.com/a/topic/90617 

[Nick Steenson]

Here I was feeling all smug, now there's a BIMI to set up :-D

Nick

--

You received this message because you are subscribed to the Google Groups "Techies for schools" group.
To unsubscribe from this group and stop receiving emails from it, send an email to techies-for-sch...@googlegroups.com.

To view this discussion on the web visit https://groups.google.com/d/msgid/techies-for-schools/b0ad7dd9-3574-4917-a54a-c6f14e5bb794n%40googlegroups.com.

--

Nick Steenson IT Manager
Mount Aspiring College

T +64 (0) 3 443 0463 (Ext 222) E stee...@mtaspiring.school.nz     I...@mtaspiring.school.nz

A 101 Plantation Rd, Wānaka, NZ, 9305 W www.mountaspiringcollege.nz

 

[Andrew Hood]

Nick, If the only thing that you were missing was BIMI, then pour yourself a nice mug of smugness and have a good weekend!

[Alistair Baird]

Having set up spf, dkim and dmarc, it was a bit tricky to start with, but it certainly cuts down the SPAM. We still get spoofed though by users using anonymous Gmail accounts to send SPAM, and thus get approved DKIM/SPF headers.

The problem with BIMI when I looked at it was the logo - there wasn't any software package that could produce the SVG file format 'out the box', you have to add plugins and GitHUB tools, and/or pay some ransom for a trademark. Schools don't really have that kind of resource.

To view this discussion on the web visit https://groups.google.com/d/msgid/techies-for-schools/0a036022-3345-49bb-a67f-8fb356dd075dn%40googlegroups.com.

--

Kind regards,
Alistair Baird
IT Manager

P  06 354 4198 stpeterspn.school.nz   @stpeterspn 1 Holdsworth Avenue, Milson Palmerston North, 4414

[Nick Steenson]

>> Nick, If the only thing that you were missing was BIMI, then pour yourself a nice mug of smugness and have a good weekend!

Well there's always a possibility I've stuffed it up, and I DEFINITELY don't read the DMARC reports I get (maybe one a month).

As for BIMI, I'm intrigued, I'll have a play next week. 

My smug mug overfloweth.

Nick

To view this discussion on the web visit https://groups.google.com/d/msgid/techies-for-schools/CAKQ0vHphqqafWnwfcOujHe%3DGF6d770b-ps%3Dz3hK59WndJkzVyg%40mail.gmail.com.

[Simon Wright]

Really?  I get about a dozen dmarc reports a day!

Regards,

Simon Wright
ICT Manager

To view this discussion on the web visit https://groups.google.com/d/msgid/techies-for-schools/CA%2B9sU%3DRkLwNpSkPxVrv66iYg12PXhL-sge073Y8neUH_4rXTqQ%40mail.gmail.com.

DISCLAIMER
This e-mail is intended for the addressee only and may contain information which is subject to legal privilege. This e-mail message and accompanying data may contain information that is confidential and subject to privilege. Its contents are not necessarily the official view Otago Boys’ High School or communication of the Otago Boys’ High School. If you are not the intended recipient you must not use, disclose, copy or distribute this e-mail or any information in, or attached to it. If you have received this e-mail in error, please contact the sender immediately or return the original message to Otago Boys’ High School by e-mail, and destroy any copies. Otago Boys’ High School does not accept any liability for changes made to this e-mail or attachments after sending.

[Nick Steenson]

Brackets placement is important:

>> I DEFINITELY don't read the DMARC reports I get (maybe one a month).

I GET a load, I might only READ 1 a month :-D

Nick

To view this discussion on the web visit https://groups.google.com/d/msgid/techies-for-schools/CAEJps9pTgaqoDgdyVa%3Dv_LzQhuPtXCw2aLQE7PJ8e%2BDJkv%3D48A%40mail.gmail.com.

[Simon Wright]

Lol, yeah, just skim read that. I stopped reading them altogether and they go straight to the bin.

Regards,

Simon Wright
ICT Manager

To view this discussion on the web visit https://groups.google.com/d/msgid/techies-for-schools/CA%2B9sU%3DTDUMZ%3DPPyx95e8PZ8mtrC%3DwGDTtqO7H%3DnbWYqUdi3Xaw%40mail.gmail.com.

[Marlon Yu]

IMHO, not worth it. See https://bimigroup.org/bimi-for-non-trademarked-logos/

 

That and the USD 1,500 per year cost for a Verified Mark Certificate (VMC) makes BIMI just a waste of time at this point.

 

Would make sense for a corporate entity though (their logos are usually already trademarked so it’s just a matter of buying the VMC).

 

Had ours up since last year and none of the major webmail providers our domestic and international caregivers use (like Microsoft, Yahoo and Google) accept non-trademarked logos.

 

Marlon Yu, PMP, MIITP
IT Services Manager
Ph +64 (9) 477 0150 Ext 650

 

 

From: 'Nick Steenson' via Techies for schools <techies-f...@googlegroups.com>
Sent: Friday, 11 March 2022 2:34 pm
To: techies-f...@googlegroups.com
Subject: Re: [techies-for-schools] Re: Security and data

 

CAUTION: This email originated from outside of Rangitoto College. Be careful about clicking on links or opening attachments. If in doubt, ask IT.

 

To view this discussion on the web visit https://groups.google.com/d/msgid/techies-for-schools/CA%2B9sU%3DRkLwNpSkPxVrv66iYg12PXhL-sge073Y8neUH_4rXTqQ%40mail.gmail.com.

*** RANGITOTO COLLEGE EMAIL DISCLAIMER ***

The contents of this email and any attachments are confidential and may be legally privileged. If you are not the intended recipient please advise the sender immediately and delete the email and attachments. Any use, dissemination, reproduction or distribution of this email and any attachments by anyone other than the intended recipient is prohibited.

*** RANGITOTO COLLEGE EMAIL DISCLAIMER ***

[Alistair Baird]

>>Really?  I get about a dozen dmarc reports a day!<<

I get about 1 per month, and only from the librarian's canterbury user list when she replies to emails.

Do you have an undocumented email server/sender ? Printer perhaps ? I have a local email relay to send all our printers/scanning and Kamar messages through, and it's a designated sender.

To view this discussion on the web visit https://groups.google.com/d/msgid/techies-for-schools/CAEJps9pTgaqoDgdyVa%3Dv_LzQhuPtXCw2aLQE7PJ8e%2BDJkv%3D48A%40mail.gmail.com.