We interviewed Jaymon Lefebvre, Director, IT Services at the Wild Rose School Division (WRSD) to discuss how the IT team supports the strategy for the school board. His extensive background and certifications in IT and security make him a great resource for others managing IT in an educational setting. The WRSD supports a network of 18 schools and 2 outreach schools in Alberta with a student population derived from mid-sized and rural communities. They have selected the D-Zone DNS Firewall to help protect their network and to help manage important content filters.
What are some of the core strategies you are looking to support?
Over the last 5+ years we have been trying to move to cloud solutions that are easier to manage and scale without direct investment in hardware. This is important because it gives us a high educational return where in the past many investments were a gamble whether they'd remain relevant and valuable over a 5 year cycle. Also, because demands in today's environment shift so rapidly we are trying to eliminate complexity wherever possible.
What is the role of the network in delivering education?
We are supporting a mobile-first strategy because technology and learning strategies are moving education beyond the classroom. This touches everything from the operating systems and software we are choosing to the network architecture and service providers. By going mobile-first it helps us to solve the problems of our users. For example, by WiFi enabling school busses, students can use the commute time to catch up on work, study for a test or use social media; and do it using a safe network. It is useful for students and beneficial for their families if it can free up some home time for extra-curricular activities.
How do you approach security?
When defining architecture we weave security into the design rather than bolt it on after. Importantly, we seek out partners who understand and have a mandate to help education and non-profit sectors. For security, we moving away from relying only on perimeter and endpoint security towards pattern analysis, machine learning, and defence in depth strategies. For example, it is very important that we don't rely on a single device, like a firewall from one vendor as the sole method of protection. We see when multiple layers are in place that more is being stopped. Not only do we seek to implement technical solutions we also rely on user education and advisories in order to do our best to mitigate the risk from all threat vectors.
Have you had any critical breaches?
Thankfully, we have been relatively successful in avoiding major problems to date. We have had a few individual computers hit with ransomware but been able to quarantine the workstation and fix the problem without incurring financial loss or services down-time. That said, when something happens we have to drop everything and then carefully understand the situation to ensure we have addressed it. However, we are seeing more and more phishing attempts and more zero-day malware and, like everyone these days, we need to continually monitor and enhance our security.
What are some of the important considerations when implementing security solutions?
Number one would be scalability. With appliances, as the network and use cases grow and the content policies get more complex the hardware performance is impacted. Having to update any hardware, security or otherwise, often causes downtime which is not preferred – especially for security – because maintenance windows are becoming less and less available.
Secondly, cost is important. Some systems license by throughput which can challenge the educational space as we want learning to happen in rich contextualized places that engage children.
Thirdly, organizations that have a shared commitment to education in Canada build solutions that are designed for us. For example, over 70% of our content is delivered over the Cybera network that supports schools in Alberta. This helps keep costs down while also improves performance. Cybera and CANARIE have been fantastic resources in helping education in Canada and without them we couldn't be where we are today. Vendors (like CIRA) that are peered with Cybera or any of the national research and education networks can offer improved service to a school board like ours.
In the case of CIRA, I think that you also have the opportunity to share back to the community in ways that others may not. For instance, something as simple as comparing the content filtering policies across the educational landscape can help us to set and validate our own policies. The same could be true of early detection and dissemination of new threats seen in school boards and corporations across the country.