Onsite Assessments


  • Physical Security Assessment

    An assessment and gap analysis of physical security and security controls.

  • Emergency Preparedness Assessment

    An assessment of emergency procedure, policy, and preparedness, paying particular attention to students and staff with special needs.

  • School Security Drill Assessment

    A review of live drills and drill records to ensure compliance with state law and recommend industry best practices.

  • Technical Vulnerability Assessment

    Assessment of Information Technology in place to identify vulnerabilities and work to mitigate the risks associated.

Compliance and Operations Reviews


  • Policy and Procedure Review

    A review of policies and procedures to ensure compliance with state law and recommend industry best practices.

  • Information Security Policy Review

    Review of information security policies to ensure compliance with state and federal law and recommend industry best practices.

  • IEP Safety Assessments

    Review of information pertaining to special needs students as included in their IEP.

  • Vendor Management

    Review and assess vendor ability to protect the sensitive information of students and staff and protect school from the risks associated.

Investigations


  • School Misconduct Investigations

    Discrete, confidential investigations into alleged misconduct, violence, or sexual misconduct with recommendations for further action.

  • Employee Background Due Diligence

    Open Source Intelligence investigation into current or potential employees to protect school from reputational or legal risks.

  • Cyber Crime Investigations

    Investigation into cyber incidents to identify threat actors, recover missing information, and advice schools of regulatory reporting requirements.

Training


  • Staff and Administrator Training

    A half or full day training on various security awareness topics to better prepare schools for security challenges.

  • Incident Response Tabletop Exercises

    Stress test of incident response to uncover gaps and give recommendations to address them.

Vendor Management and 3rd Party Vendor Management


  • Data Protection Risk-Based Assessments

    Analysis of information security and data privacy practices, to determine the likelihood and impact of an adverse cyber security event affecting business continuity and operational obligations.

  • 3rd Party Vendor Management Risk Program

    Development of a custom program to mitigate organizational risks through a review of internal processes, contractual obligations, and insurance coverage.

  • Datafy – Committed to Protecting Student Data

    Identification and assessment of Information Technology vendors to benchmark security and data privacy requirements for third party access to high-sensitivity student data. Vendors receive a unique link to a powerful platform that will guide them through the information gathering process. By monitoring vendor progress during the assessment process we can aggregate and analyze responses and collect supporting documentation through an intuitive dashboard.