News

HCPSS staff are going above and beyond this year. Share appreciation for your colleagues and bring a smile to their face by completing a brief online form. Once the form is completed, a digital certificate is generated automatically and emailed directly to their inbox. Access the P2P Recognition form (Google log in required).

Visit the Community and Workforce Engagement Canvas page to learn more about additional staff recognition opportunities.

As we move into the holiday season, it is imperative that staff be on the lookout for cyber scams and phishing attacks. Attackers take advantage of the busy season to trick unsuspecting people into providing sensitive information, including social security numbers, banking information, and other personal or business confidential information.

! Call to Action: Review the below tips that will help you avoid being a victim of a cyber crime.

• Don’t reveal personal or financial information in an email.
• Check the security of a website before entering sensitive information. It should start with https.
• Pay close attention to the website’s URL. Attackers often create URLs that are similar to legitimate websites. For example, they may just use the number zero in place of the letter 0 in the URL.
• If you are unsure if an email is legitimate, contact the company using contact information obtained from a verified source and not the email.
• Keep your computer and other mobile devices up-to-date. Updates frequently contain security improvements.

Find more information regarding how to identify cyber scams and phishing attacks by reviewing the resource published by the National CyberSecurity Alliance.

If you suspect an email to be fraudulent, do not proceed with the directions provided in the email. Employees are encouraged to forward any suspected phishing emails to abuse@hcpss.org, and then delete the email. If assistance is still needed, contact the Technology Support at TechSupport@hcpss.org.

At times IT Department support specialists will remote into HCPSS computers assigned to staff to help resolve an issue. It is important for staff to be able to identify sanctioned remote support access sessions and malicious attempts to gain entry into your system to steal data, spread malware/ransomware, or other nefarious activities.

! Call to Action:
Review the resources for Remote Support Access Information on the Technology Resources Canvas community to:

• Learn about approved remote access methods that correspond with your computer type to view and understand the ways IT staff legitimately remote into those computer types.
• Review how remote access scams work to learn how malicious individuals attempt to convince victims to allow them access to their computer.

! Important: HCPSS IT staff only initiate remote support access sessions after end-users report an issue with their assigned device. If you receive an unexpected call or email requesting remote access or a pop-up browser window asking you to call a number do not follow the directions provided.

If you suspect an email to be fraudulent, do not proceed with the directions provided in the email. Employees are encouraged to forward any suspected phishing emails to abuse@hcpss.org, and then delete the email. If assistance is still needed, contact the Technology Support at TechSupport@hcpss.org.

All staff are reminded to never transmit sensitive and/or confidential data via email and to use the BCC field when emailing a large number of people.

Once items are sent via email, the communication cannot be rescinded and access to the information cannot be revoked. Staff should make every effort to maintain the privacy of those they are emailing, and secure student and staff data. When it is necessary to share sensitive and/or confidential data, staff should save the file in a secure location and provide access by granting permissions to only the necessary staff members. Staff are provided access to confidential data based on their official responsibilities. At no time should a staff member share confidential data with other staff members who do not already have access to the same data.

! Call to Action: Staff can store files in their HCPSS G Suite account and provide access to the intended audience. This procedure allows staff to revoke access to the information when necessary. Review the G Suite Sharing Guide and Electronic Communications Best Practices to learn more.

! Warning: Staff are reminded to verify intended recipients' email addresses prior to sending emails or sharing files. Staff email addresses can be verified by searching and finding a person in Workday (see attached). Once you have reviewed the staff member’s job title, location and/or picture, click on the email icon under their picture to see their HCPSS email address.

Using the BCC field allows the receipts of the email to keep their email addresses private from others receiving the email and prevents a reply-all mistake. A greeting (i.e. Greetings Principals and Assistant Principals, etc…) at the beginning of an email or a BCC line at the end of an email (BCC: Parents of students enrolled in JumpStart) can be added to indicate the audience. 

If you have any questions about how to use the sharing permissions in G Suite or using Workday to verify a staff member’s email address, contact Technology Support at techsupport@hcpss.org.

As we adjust to working remotely, it’s important for all staff to be aware of steps you can take to create a secure home working environment.

! Call to Action: Please take some time to review the steps below and implement technology security best practices. Find detailed information about each of the below security practices on the Technology Resources community in Canvas.

1. Maintain a healthy level of suspicion to avoid falling victim to phishing or other cyber scams.
2. Ensure your home network is secure.
3. Create strong passwords.
4. Do not allow family or friends to use your work devices.
5. Make sure your devices and applications are running up-to-date software.

If you suspect an email you have received to be fraudulent, do not proceed with the directions provided in the email. Employees are encouraged to forward any suspected phishing emails to abuse@hcpss.org, and then delete the email. If assistance is still needed, contact the Technology Support at TechSupport@hcpss.org