The Spring Branch Independent School District (ISD) is a large K-12 public school district in the Houston area. About 6,000 faculty and staff educate 35,000 students on 47 campuses and in 52 buildings. The district supports students’ learning in many subjects and prepares them for life beyond high school with a dispersed IT infrastructure. And keeping students, staff and all district data safe is a crucial goal.
Troy Neal, executive director for cybersecurity and technology operations for Spring Branch ISD, recently hired an engineer to help him with all cybersecurity responsibilities. This lean team works by leveraging efficiencies everywhere they can, with the goal to protect the district’s entire attack surface.
“If you look at our size, we have around 40,000 end users, which is bigger than most companies,” Neal says. “At the same time, Spring Branch is a typical school district. We really emphasize optimization of every CapEx [capital expenditures] dollar spent.”
Neal reached out to Fortinet early in his journey since Spring Branch ISD had very positive experience with the company’s firewalls. “The FortiGates are a phenomenal product,” Neal says, “but we considered other options because I wanted to make sure to select a solution that would future-proof us for the next five to 10 years. We quickly saw that in the Fortinet Security Fabric.”
Part of Neal’s strategy was to leverage a centralized management console and security analytics. By leveraging solutions from Fortinet, he could manage firewalls, SIEM, email security and authentication solutions within a single pane of glass, one of the advantages of the Fortinet Security Fabric. They developed a central repository to collect all the correct information and developed a dashboard-level view of what was going on. The centralized dashboard is available to district administrators to drill down to investigate what the risks are and what actions need to be taken.
The ability to manage through a centralized console further enhances the district’s visibility into incidents networkwide. Neal says, “I do not want to have to go to five different interfaces to figure out a problem. With a lean team, we cannot be there in person every time someone has a security question.”
Now, Spring Branch ISD is taking the next step forward in increasing the efficiency of the district’s Fortinet security infrastructure with an adaptive security orchestration, automation and response (SOAR) platform. FortiSOAR gives them the ability to start automating and takes the people portion out of immediate, reactive security response so that the team can focus on higher-priority and bigger-picture concerns.
One of the key drivers of the SOAR implementation was phishing emails. The solution automatically checks whether an email address is valid and detonates attachments, then automatically does all the cleanup for the team, versus needing to have two engineers go in and write scripts to pull emails from mailboxes. This eliminates a lot of manual work for the security team in an area always a pressing concern.
Another goal of the FortiSOAR deployment is for the solution to pull in information from Spring Branch ISD’s third-party vendor of wireless access points, switching and user access control. “We want to ingest information from all those tools into the Fortinet Security Fabric,” Neal says. The third-party tools could fit into FortiSOAR playbooks, which orchestrate the multiple vendors’ solutions in automated threat mitigation processes.
“In addition to the automation and orchestration, FortiSOAR will enable us to see the path, the trajectories, the events leading up to a security incident,” Neal says. “We are looking forward to using that information to learn and grow as a security team. We want to translate that knowledge into training for junior staff, and we want to leverage our time savings to focus on better supporting instructional value throughout the district.”
With centralized management and security automation in place, it’s clear that Spring Branch has achieved their efficiency goal. What’s more, they have found a true partner to assist them on their security journey. From here, Neal sees the relationship with Fortinet continuing to grow. “I do not do business with vendors,” he says. “I do business with partners. I see Fortinet as an extension of our IT team. We have a lean staff who can reach out to Fortinet, as necessary, to escalate issues.”
“I am not going to get a bigger security team,” he says, “and frankly, I do not even want a bigger team. School districts have to maximize the available dollars, and to my mind, the best way to do that is through automation and streamlining management processes as much as possible. That is what makes Fortinet the right partner for Spring Branch ISD: The solutions are enterprise-class, and they protect us from all angles — from internal threats to email to authentication. They are integrated, so we have centralized visibility to it all.”
To learn more about Spring Branch ISD, review their full case study.
Sponsor Content