The Client

Montgomery County Public Schools (MCPS), Rockville, Maryland

The Challenge

"Industry best practices require that all organizations frequently conduct risk assessments to evaluate network security health. The risk assessment process previously performed by MCPS required that one staff member be assigned to the task of using two separate products to scan a wide range of security vulnerabilities, one provided by Bindview, an Internet scanner, and the other by Internet Security Systems (ISS), a network scanner. These two products were only licensed for limited MCPS network segments due to cost and did not provide the capability to evaluate and assess the entire network and all systems connected to the MCPS enterprise." —quote from MCPS Deputy Superintendent for Information and Organizational Systems, October 6, 2006

The Solution

"In FY 2006, MCPS purchased the SAINT scanner at an estimated cost savings of $39,000 and an ongoing yearly maintenance cost savings of $20,000. SAINT dramatically improves MCPS security by increasing identification of and eliminating known vulnerabilities and potential security risks through the ability to conduct frequent scans. Once scans are scheduled, the entire network is scanned automatically at predetermined times. Reports can be stored in a network file directory or e-mailed to designated staff members for review. During the initial states of implementation, the impact of time and tasks to systems engineers and systems administrators increased considerably. However, as vulnerabilities and risk have been mitigated and resolved, there has been a sharp decrease in the necessity for staff to manage the system." —quote from MCPS Deputy Superintendent for Information and Organizational Systems, October 6, 2006