K12 SIX Releases Guidance on Mitigating Compromised Accounts

Written By Doug Levin

Previously released as a member-only resource, K12 SIX is pleased to make available to the wider K-12 community new guidance entitled, “Mitigating Compromised K-12 Google Workspace/Microsoft 365 for Education Accounts.”

When K-12 user accounts are compromised, it takes more than a password reset to ensure the ongoing security and privacy of your school system’s data and IT systems. Developed by K-12 IT practitioners for K-12 practitioners, this checklist and accompanying guidance can help direct your response.

In responding to a reasonable belief of an account compromise, K12 SIX advises IT staff to:

  • Act with Urgency: Time is of the essence to minimize the impact of a compromised account.

  • Document Your Work: Thoroughly document every step and evidence found for analysis and possible legal action.

  • Preserve Evidence: Avoid unnecessary changes that might taint evidence, especially if legal action seems likely. Consult experts if needed.

  • Follow Best Practices: Recognizing that some steps may change based on your license or configuration.

To learn more and access this new guidance, visit https://www.k12six.org/essentials-series.

Doug Levin
Previous

Call for Speakers, Registration Opens for 3rd Annual National K-12 Cybersecurity Leadership Conference
Next

K12 SIX Submits Comments on Proposed K-12 Cyber Incident Reporting Regulations