By CRAIG FREILICH

Some St. Lawrence County school superintendents are double-checking the security of their data management systems following the recent computer breach at Madrid-Waddington Central School and the arrest of two students for tampering with records.

“We were all aware this had happened, and as superintendents we said now would be a good time to make changes,” Canton Central School Superintendent Bill Gregory said.

By that he meant generally examining their systems for weaknesses and urging people who use and manage the systems to change passwords -- “the same type of cautions you would take with your home computer to protect your identity,” he said.

“We’re going through our policies right now to protect student and adult information,” Norwood-Norfolk Central School Superintendent Jamie Cruikshank said. “We believe our information is secure. We’ve just reviewed policies and procedures, and that bolstered our confidence.”

State troopers arrested 17-year-old Mathew A. Hayes of Madrid and 18-year-old Nicholas K. Ladoceour of Waddington on April 25, charging them with one count each of third-degree computer tampering, a felony.

“Some of the alterations included the deletion of some student discipline files, deletion of some student attendance files, and a change of some students' academic grades,” according to state police Troop B Public Information Officer Jennifer Fleishman. “It is unknown how exactly the teens hacked in, but they somehow obtained the passwords for many of the sites administrators.”

Protection of data is probably not as significant a security concern as other threats schools must defend against, but school security considerations must include assurances that digital data is safe from tampering. Schools maintain records of both ordinary and sensitive data such as student grades and attendance, budgeting and accounting, equipment and supply inventories, and personnel information, among others.

The superintendents were alerted about the lapse in security of data at Madrid-Waddington, where students allegedly breached controls and managed to alter some grades and attendance records and delete some discipline records, according to state police.

“We looked with great interest at what happened at a neighboring school district and if it could occur here,” said Potsdam Central School Superintendent Pat Brady.

“We looked at it closely,” but it did not appear that the circumstances of the M-W incident would occur at Potsdam Central because of safeguards in place there, he said. Among the protections at Potsdam Central is a contract with the Northeast Regional Information Center (NERIC), which looks for potential weaknesses in a data management system and advises on fixes.

Cruikshank said Norwood-Norfolk subscribes to a “policy service” which notifies them as developments arise, “and they suggest changes we can make.”

As another example of action schools have taken to keep records secure, Brady pointed to an attempt by the state Department of Education to keep records from all schools in one place, but they backed down after protests over the weaknesses such a system could engender.