Camas School District staff outline tools that helped stop a ransomware hit and guard student data

District technology staff told the Camas School District Board on April 8 that a suite of cybersecurity tools and practices has reduced the district’s vulnerability to data breaches and helped the district recover from a recent ransomware incident.

Megan, a district technology presenter, summarized why schools attract attackers: older devices, high user density, and sensitive student records that make districts reluctant to remain offline. "So why are school systems easy targets?" she said, listing outdated technology, large numbers of users and the pressure to restore essential services quickly.

Sherman Davis, who works on the district technology and facilities team, described the district’s layered defenses: automated weekly patching, separate backups that allow fast rollback, endpoint protection that isolates infected machines and multi-factor authentication. "We have home folders that are backed up every 7 seconds," Davis said, noting that separate backup zones let the district restore systems quickly.

Davis also described an email-threat detection product staff recently added that looks for spoofed messages that impersonate board members and other insiders. He said the software flagged an email that used a board member’s name but did not originate from their account.

Board members asked about staff training and routine reminders about phishing and other scams. Megan said the district uses targeted communications and periodic training, and that the district also hires outside experts every two years to audit practices and recommend improvements. That outside review, she said, helps catch issues the in‑house team might miss.

The presentation emphasized that the district’s investments are meant to keep schools operating and protect sensitive data. The board did not take a formal vote; staff said they would continue to report back on security practices and potential needs for future funding.