The report, issued earlier in January by New York State Comptroller Thomas DiNapoli following an audit performed by his office, found that the Garrison Union Free School District in Putnam County did not adequately secure its online network user accounts and has sensitive information technology control weaknesses.
Additionally, the report found that the district's staff did not have sufficient guidance or plans in place to respond to an unexpected online security disruption or disaster.
"District officials have an increased risk they may not recover data and resume essential operations in a timely manner," the report said.
Other findings detailed by the report included the discovery of 40 enabled nonstudent network accounts that were no longer needed. These accounts could have been used to "to inappropriately access and view personal, private and sensitive information (PPSI) or disable the network," the report said.
Officials from DiNapoli's office also wrote that nine laptops and a printer were not properly recorded in the district's inventory listings.
In addition to these findings, the report also offered several recommendations of actions the district could take, including developing written procedures for disabling unnecessary network user accounts and regularly reviewing user access; maintaining up-to-date inventory; and coming up with an IT contingency plan for security disruptions.
In a letter written to the Comptroller's Office, Garrison Interim Superintendent Carl Albano said the district would go over these recommendations.
"I value the report's comments, suggestions, and recommendations, and we will carefully consider them," Albano said, adding that the district has already begun taking action to remedy the report's concerns.
Click here to follow Daily Voice Rye and receive free news updates.