Business Motivators
The client was the largest K-12 school district in the state

• Security incidents continued to escalate in frequency and severity.
• The district was paralyzed in their ability to address behavioral issues such as acceptable use.
• There was significant liability concern.
• Defensibility from frivolous lawsuits was marginal.

The Challenge
The Information Security Program operational information security practices were existent, but:

• There was marginal management support
• There was no management framework
• There was no cohesion
• There was no documented diligence
• There was no mechanism to address behavioral issues
• It was perceived as a technical issue

The Solution
An Information Security Management System (ISMS) was designed and implemented to serve as the basis for the Information Security Program. The resultant ISMS included:

• A management framework that was sensitive to the cultural and political environment unique to K-12 education.
• Information security operations standards that clearly defined enforceable and auditable requirements.
• Strategic plans that showed alignment with district goals and a going forward roadmap.
• Incident management capabilities aligned with state guidelines.
• Acceptable use policy, standards, and guidelines to serve as the basis for detective, corrective, or disciplinary actions.

The Result
The deployment of the ISMS resulted in the information security program obtaining the following benefits:

• A minimum baseline of information security throughout the district information systems.
• Clear guidance to information technology employees and users.
• Empowerment through structure
• Defensibility through demonstrated diligence
• Regulatory compliance
• Behavioral enforcement

Return to Case Study List

Note: HotSkills, Inc. launched Orange Parachute in 2007. This case study may predate the Orange Parachute name and launch, but the work was completed by the same consultancy.