Homeland Security: Schools Must Be Ready To Protect Students and Staff

While protecting the safety of children is an imperative burned into the mind of every responsible adult, not everyone in this world shares these sentiments—least of all those who would threaten the safety of schoolchildren or the security of educational establishments. Keenly aware of their responsibilities, school security professionals have been examining—and re-examining—their existing network security and emergency planning preparedness. And from radio frequency telephones to off-site data storage and computerized security cameras, schools are embracing new ways of meeting the security requirements of our modern world.

In Maryland and Texas, school administrators are gathering resources to confront possible emergencies. By coordinating with several agencies, schools can be ready to protect students and staff in these uncertain times.

Montgomery County Public Schools

“International events have definitely put new security concerns on the radar screen,” says John Q. Porter, CIO of Montgomery County Public Schools (MCPS) in Rockville, Md. “Over the past year and a half, there has been heightened awareness of the importance of school security and the necessity for innovative solutions to security problems.”

MCPS has chosen a radio frequency-based telephone system manufactured by Nextel Communications for use in emergencies. “Our telephone network was completely overwhelmed on September 11th, 2001,” Porter explains. “The network was so saturated that we were unable to make outgoing calls. That reinforced for us that the more ways we have to communicate, such as radio phones, the better we will be able to remain calm and focused in the event of an emergency.”

MCPS were early adopters of the technology, and their relationship with the company was a significant factor in MCPS negotiating an attractive price for the equipment. There is one phone in the administrative office of every district school. The company even donated some phones during the early testing phase. A monthly charge based on usage is the only recurring equipment cost.

These phones allow calls to be broadcast globally (that is, to all users in the network), or to particular groups or individuals. This ensures that an effective information flow is maintained even if some links in the chain are temporarily unavailable.

“We chose a phone that operates on a radio frequency, not just because it represented a cost-effective option for us, but because we will be able to depend on it in the event that the local telephone system goes down”, Porter says.

Nextel phones are a key element of MCPS’ Incident Command System, a complex network of information channels designed to spring into action in the event of an emergency. If there is an incident, MCPS will rely on this technology for the exchange of information between schools and agencies at the county level.

“Testing and training have been extensive,” Porter says. “Each phone is tested daily, and features like global broadcast are tested at least every two weeks to measure response times and the efficiency of the established information channels.”

“Federal government has raised our awareness of homeland security issues, and that has helped us to improve our security procedures,” Porter observes. “Our close proximity to Washington, D.C. has heightened our awareness of the importance of excellent security planning.”

Auditing Your Way to Greatness

“Continuous auditing is essential,” Porter says of MCPS’ security system. “A detailed audit every six months will help you build a better system.”

The auditing is extensive. It examines computer security attributes, including authentication, access control and audit trails; and network security attributes, from encryption, message authentication and alarms through event reporting.

The upward curve is evident: A 2001 audit, for example, showed weaknesses in internal security that left the system open to potential attack. A subsequent audit identified poor background documentation as an obstacle to the development of efficient security strategies by MCPS staff.

By August 2002 however, an audit carried out by BAE Systems to examine the MCPS’ security program and practices, awarded the school system a cumulative score of B+/A-. The assessment included a review of MCPS’ security policies, security architecture, continuity, security capital planning, critical infrastructure, and security program planning and management. A B+/A- score means MCPS meets or exceeds the generally accepted standards for safeguarding information technology assets.

Then, in March 2003, the U.S. Department of Education (ED) and the U.S. Department of Homeland Security showcased a new federal initiative to help schools with emergency preparedness for potential terrorist attacks at Montgomery Blair High School in the MCPS District.

The MCPS District is now cited on the ED Web site as one of three schools nationwide engaged in “Promising Practices in School Emergency Response.” It is evident that rigorous audits and careful planning paved the way for MCPS’ rise to national pre-eminence in school security. This attention to detail will ensure MCPS does not fall behind its own high standards anytime soon.

“You can never be too secure,” Porter says. “You can never do too much to protect your networks against the sinister people out there who will try and attack your system. When it comes to emergency response and technology, exhaustive planning is the key. Then you should practice the emergency response plan, create drills. Some of these drills should be unannounced and involve different scenarios.”

Montgomery County’s school system is the 18th largest and the 12th fastest growing in the United States. Montgomery County’s 191 schools—29 of which are National Blue Ribbon schools—serve roughly 138,000 students, with in excess of 10,500 teachers instructing students from more than 161 countries.

Harris County Schools

Other school districts are working with federal agencies to develop security plans.

Dr. Richard Griffin is a consultant for School Governance and Executive Leadership to the Harris County Department of Education (HCDE) in Houston, Texas, and a former superintendent of the Harris County School District (HCSD).

“The response to homeland security concerns in our district has been phenomenal,” Griffin says. “The Center for Safe and Secure Schools and other initiatives provide a framework for developing awareness and effective policies and procedures among educators, administrators and others with a role in school security.”

“All agencies have bent over backward to help us,” Griffin observes. “During last year’s anthrax scare, for example, the federal government sent out one of America’s foremost experts on anthrax to talk to us. This kind of coordination is extremely positive.”

Meetings of the HCDE Governing Board have quadrupled in frequency over the past 12 months, and an extensive range of security topics are discussed. “At our next meeting, for example, we will be discussing smallpox,” Griffin explains. “If there is even just one case of smallpox anywhere in the Houston area, schools will be used as clinics. So, it is vitally important that we have a strategy in place to deal with such an eventuality.”

Griffin emphasizes the importance of open discussion of security issues: “Monthly meetings of the Superintendent’s Institute regularly involve security discussions in a candid environment. At these meetings, expert speakers deliver lectures on specialist topics, including security, and the candid atmosphere aids frank and open discussion of any security concerns our superintendents may have.”

“We are in regular contact with the FBI, the Secret Service, Houston Police, medical experts and psychologists,” Griffin says. Not content to rely on security programs developed solely by schools, Harris County has learned from security experts in business and industry, experts that bring extra insight to security strategy development. The HCSD and HCDE have also communicated with experts from Houston’s massive petrochemical industry to put procedures in place in the event of an emergency.

Griffin speaks enthusiastically about rigorous security evaluations at schools: “We measure schools against a checklist of 200 items, and we send out teams that include police officers, FBI and education specialists to examine the school’s security system.”

Technology levels are high in Houston schools. Spring Independent School District (ISD)—with around 30,000 students—have a computerized camera system in place that is linked to the Spring ISD Police Department. If there is an incident on school premises, police can see the camera feed live on their PCs.

Citing the Cypress-Fairbanks Independent School District as an example, Griffin explains that an ideal data backup and storage policy will include off-site storage. Cypress-Fairbanks back up their data tapes nightly and then forward them to a “hotspot,” a secure, off-site location capable of acting as a centralized backup locus. “Most schools have not implemented such a system,” Griffin observes. He recommends that they do so.

Spring Independent School District—Houston

Another Texas school district has begun using security cameras as part of the safety measures they are taking.

“The Columbine tragedy is what really got schools working toward improving their in-house security systems,” says Alan Bragg, chief of police of the Spring ISD Police Department. “For me, everything that happened on 9/11 just emphasized it more and brought it closer to home.”

Spring ISD uses analog and digital security cameras. Analog systems rely on dial-up to each camera via a 56K modem. Spring ISD bought the fiber-optic cable network that forms the foundation of their “always-on” digital camera system.

Twenty-four hours a day, Bragg’s staff monitor close to 500 cameras from 30 sites. They can monitor up to 64 live camera images simultaneously.

“We are getting to the point where we depend more and more on technology every day,” Bragg explains. “Every school we build in the future will be digital, and as funding permits, we’re going to convert all of our analog systems over to digital.”

Common Goal, Common Tongue

Schools and school districts must establish a shared vocabulary among all agencies involved in security planning.

“We have found that a lack of common terminology has been an obstacle to communication between schools, emergency services, police and county authorities,” Griffin says. “So, we have been working hard in this district to develop a code of common language so that the various bodies involved in dealing with emergencies understand each other.”

Understanding each other, working together, being unafraid to return again and again to the minutiae of security planning as you work with several agencies simultaneously—with these imperatives in mind, we can protect our educational institutions from the violent excesses of our brave new world and keep our schools safe for this and future generations.