Skip to content
Home » Valentine's Day » NYS Comptroller: Clyde-Savannah CSD didn’t keep network controls secure

NYS Comptroller: Clyde-Savannah CSD didn’t keep network controls secure

A local school district was criticized in a preliminary report issued by State Comptroller Tom DiNapoli.

The Clyde Savannah Central School District was said to have failed on the following points with regard to keeping its technology safe.

“District officials did not ensure that the District’s network access controls were secure,” the report read. It continued:

  • Officials did not regularly review network user accounts and permissions to determine whether they were appropriate or needed to be disabled.
  • The District had the following unneeded accounts:
    • 354 network user accounts (33 percent)
    • 53 generic and/or shared user accounts (53 percent)
    • Five administrative user accounts (19 percent)

“In addition, sensitive information technology (IT) control weaknesses were communicated confidentially to officials. Due to the COVID-19 pandemic, as the District moves to increased reliance on a remote learning environment and administrative operations, protecting IT assets becomes more critical,” the report added.

Proposed solutions included:

  • Regularly review network user accounts and disable those that are unnecessary.
  • Ensure all IT users have and use their own network user accounts to access the District’s network.

The District, which serves the Towns of Butler, Galen, Lyons, Rose and Savannah in Wayne County and the Towns of Junius and Tyre in Seneca County agreed.