IE 11 Not Supported

For optimal browsing, we recommend Chrome, Firefox or Safari browsers.

Iowa Offers Schools Free EDR, 24-Hour Monitoring Services

The state Department of Management Division of Information Technology will provide K-12 schools with 16 months of endpoint detection and response services, including 24-hour monitoring and incident response.

A person typing on a laptop with symbols hovering over the keyboard like a lock and login screen to indicate cybersecurity.
K-12 schools in the Hawkeye State are getting a temporary but much-needed data protection boost from Iowa’s Department of Management Division of Information Technology, officials announced recently.

Every district can sign up for endpoint detection and response (EDR) services, including 24-hour monitoring and incident response. The free subscriptions are for 16 months, and the number of licenses available to each district depends on its size. Those with student populations under 1,000 can receive four licenses, with the rate increasing incrementally up to 77 licenses for districts of more than 3,500. Additionally, all districts can purchase more licenses at an annual cost of $98.88 per device, according to a recent news release.

This initiative comes 10 months after a cyber attack forced Des Moines Public School District, Iowa’s largest school district with more than 30,000 students and 5,000 employees, to close for several days. Three smaller Iowa districts — Cedar Rapids, Davenport and Linn-Mar — were attacked by cyber criminals in 2022. The series of attacks prompted a statewide K-12 cybersecurity summit in which data protection experts advocated for two-factor authentication measures.

In recent weeks, national nonprofit agencies have stepped up public information campaigns to help schools find free and affordable data protection measures. For example, the K12 Security Information eXchange (K12 Six), a nonprofit information-sharing center, released a series of best-practice advisories for the remainder of the 2023-2024 academic year. Topics include implementation standards, self-assessment measures, and a list of “what leaders need to know” regarding data protection measures.

“It can be daunting and a bit overwhelming to navigate the labyrinth of cybersecurity frameworks, guidelines, and best practices, especially in K-12,” David Mendez, information security manager at Region 10 Education Service Center in Texas, said in a news release from K12 Six last month. “However, the K12 Six Essential Cybersecurity Protections, with its simplicity, clarity, and actionable guidelines, provides a robust starting point toward bolstering the resilience of our school districts’ ever evolving cyber risks.”

The Consortium for School Networking (CoSN) also published a free guide for school IT leaders and educators that provides dozens of resources entrenched in five key steps in the fight against cyber attacks — identify, protect, detect, respond and recover.

K12 Six reports annually on the number and scope of cyber attacks on schools, and its website features an interactive map where users can click on a location to learn about specific cybersecurity incidents. According to the map, there have been 1,619 incidents between 2016 and 2022. The organization expects to release 2023 information early next year.