Denver Public Schools Utilizes FireEye to Protect
Students' Prestine Identities
Denver Public Schools’ (DPS) IT
department manages 24,000 Microsoft Windows computers, as well as a
similar number of Chromebooks. It supports Google Apps for Education
to provide students with the ability to collaborate and share
information, while Microsoft Office is maintained for the use of
faculty and staff.
In addition to the large network of
district-owned desktop and laptop computers, DPS permits students,
faculty, and staff to connect their own smartphones and tablets to its
network, under a ‘bring your own device’ (BYOD) policy. On an average
day, the network handles 25,000 individually-owned devices, bringing
the total endpoints managed to over 73,000. Correspondingly, email
volumes generated and received by the enormous number of devices run
into multiple millions of messages each month.
The Shock of Being Breached
In 2014, many DPS employees received a
phishing email directing them to a credential harvesting website that
tempted unsuspecting visitors to provide passwords and other login
details. A few users inadvertently responded, allowing the attackers
to use the stolen credentials to breach the district’s human resources
system. The criminals were able to hijack the direct deposit routing
for the payroll of a number of employees, resulting in a loss of
almost $30,000 for the district.
Reeling from this breach, and knowing
that the massively popular BYOD program had the potential to inflict
vulnerabilities anywhere in its network, DPS began looking for more
advanced threat prevention tools to safeguard its infrastructure. The
district’s attention quickly focused on FireEye because of its
reputation for threat prevention across multiple domains.
Robert Losinski, DPS’ Manager of
Information Security, recalled, “We were looking for solutions that
would protect our network, email and endpoints. We also needed tools
that would elevate our incident response capabilities.”
Losinski consulted with each of the five
other school districts in the Denver area and with the IT department
of a nearby county. It soon became clear that FireEye was the leading
security-as-a-service vendor for all of them.