Thursday, May 5, 2022

MD Office of Legislative Audits Report on Baltimore County Public Schools Cybersecurity Incident

Maryland Office of Legislat... by Parents' Coalition of Montg...


Finding 6 – We recommend that BCPS

a. periodically review employee access capabilities to ensure all access is appropriate and incompatible duties are segregated (repeat)In Progress 

Finding 8 – We recommend that BCPS implement appropriate database monitoring controls over the aforementioned critical systems. Specifically, we recommend that BCPS

a. log all significant database security, audit related event, and processing activities, included direct changes to critical database tables, and generate reports that include this related database activity(repeat)Resolved b. ensure that individuals perform regular, independent documented reviews of the aforementioned reports and retain the information for reference purposes(repeat)

Resolved

c. restrict assignment of critical database administration roles to only those personnel requiring such access fortheir job responsibilities (repeat)Resolved

Finding 9 – We recommend that BCPS

a. relocate all publicly accessible servers to a separate protected network zone to limit security exposures to the internal network segment (repeat) Resolved


No comments:

Post a Comment

If your comment does not appear in 24 hours, please send your comment directly to our e-mail address:
parentscoalitionmc AT outlook.com