Available through the ClassLink Management Console, Security Center brings together new and distinct security modules at no additional cost. The 'Security Events' module within the Security Center provides a central place to find, track, and catalog security events and suspicious activity, making it easier to take action and protect your data.
What Is a 'Security Event'?
- 'Events' include suspicious activities and potential threats (such as compromised accounts, usernames, and passwords found on the dark web)
- When surveyed at CLON'24, 96% of customers wanted ClassLink to provide notice of Security Events
- ClassLink continually searches for potential security threats, including monitoring the dark web. When we find something related to your school, we will post an event to your Security Events module, and you'll receive a notification like this email
- You can access Security Center from the ClassLink Management Console
We Have Security Events - Now What?
If you receive a Security Event notification from ClassLink, it means ClassLink's security team analyzed text files produced by two dark websites. The text files contain usernames and passwords from your user directory used to authenticate to ClassLink LaunchPad.
- Visit your Security Center
- Evaluate the accounts that have been compromised and track when you've addressed each account
- Deactivate or change passwords for affected accounts
- Enforce password length and complexity requirements
- Implement a password rotation policy
- Avoid using generic passwords for groups of users (i.e., schoolmascot23 for all 5th-grade users)
- Require MFA for accounts accessing protected data
NOTE: Security Events are NOT ClassLink incidents. The compromised credentials, some of which are not found in ClassLink, were likely obtained from phishing, malware, or possibly from third-party vendor websites.