Sandwich Public Schools

Sandwich Public Schools provides Chromebooks for all students grades 1-12.  Students are required to use their school issued device during school hours to ensure that all students and staff have access to the necessary tools and applications required for our curriculum and state testing.

Accidents happen, but if it is determined that a Chromebook was damaged due to negligence it is the student's responsibility to repair or replace the device.

From the Handbook/ Chromebook Agreement...

Cost of Repairs:
Students will be held responsible for all damage to their mobile device including, but not limited to: broken screens, cracked plastic pieces, interoperability, etc. Should the cost to repair exceed the cost of purchasing a new device, the student will pay full replacement value. Lost items such as cables will be charged the actual replacement cost.

Required Replacement:

Families agree to pay all associated costs relating to device replacement not to exceed $250.00 (per device) should the device be stolen, lost, or damaged in any way. A signature from parents/guardians of agreement to this plan is to be submitted to Sandwich Public Schools before a student is allowed to receive a device. In the event of damage, loss, or theft, parents/guardians will be responsible to pay for the replacement cost.

Sandwich Public Schools offers in-house repair for school issued devices.  Pricing for in-house repair is listed below for supported Chromebook models.

Replacement Charger     Tier One     Tier Two
$20                                     $65              $185
*Note pricing may vary from device to device.

Need to report an issue?  Please click here to submit a helpdesk ticket!

• FCC Lifeline Program
• EveryoneOn
• Verizon Lifeline Program
• Comcast Internet Essentials

Making your home network more kid-friendly

The toughest part of securing a home network is that almost off of our networks are setup differently so there is rarely a "one size fits all" solution.  With that said, there are some tools that can help.  For these purposes we will try to handle this in two ways:

1. Securing the whole home network
2. Securing individual devices

Wired.com - How to Child-Proof Your Devices and Apps 

Securing the whole home network

When securing the whole home network, there are a couple of different ways to look at solving the problem.  "The problem" here is primarily limiting access to unfavorable sites on the internet.  This isn't always 100% effective since the internet is a constantly shifting thing, but it works very well for the 99%.  We will look at accomplishing this in two ways:

Adjusting devices you already have in your home

Many of us on the Cape get our internet access from Comcast.  They offer a couple of way to secure your home network using the devices they provide with you sign up for service.  This includes the ability to block certain site or keywords that you would prefer devices not have access to on your network.  More information about this can be found at the links below or by contacting Comcast support (Xfinity Support).

• Set Up Parental Controls for the Internet
• Protect Your Children While Online

Another way to limit access to devices is through DNS.  DNS, the Domain Name Service, is the tool that the internet uses to send you to the right website when you type in an address in your browser.  There are lots of DNS directories out there for you to use.  Right now you are probably using the one Comcast provides, assuming you are on Comcast's network, but you aren't required to use theirs.  One alternative is OpenDNS.  They provide the same directory service as Comcast, but through their Family Shield product they also provide built-in protection for malicious phishing & malware domains and parental controls that protect every device in your home.  The best part is that it is free and not terribly difficult  to setup.  More information about OpenDNS can be found here.

Adding extra security devices to the home

 Another way to limit access and monitor your child's access is through a security device that you add to you current network. One example of that is Circle. They provide a device that limits access to pages and certain content, but also have an app that allows you to see what sites your child visits.

Securing individual devices

Instead of adding security to your networking tools you could also choose to manage the individual computer, phone, or tablet that your child uses to help limit access to the internet.  Here are some links to the major manufacturers about how to secure their devices and add parental controls:

Windows

Apple laptops/desktops

Apple phones/tablets

Android

Bark.us for Schools

Our District uses Bark for Schools to help us monitor school-issued accounts and devices for signs of digital dangers. When potential issues like cyberbullying, suicidal ideation, and threats of violence arise, Bark sends us a notification. Now that these devices are at home more than the classroom we wanted to pass along the opportunity for parents and guardians to receive these alerts as well. This is totally optional and the service is offered at no charge.  More information about Bark can be found here:

Sandwich Announcement of Bark

Bark.us Website

Bark for Schools is free for both our school and for you. For even greater coverage, you can also sign up for Bark for Families, which monitors texts, chat, email, YouTube, and 30 social media platforms for potential safety concerns. We have secured a 20% discount for Bark for Families — you'll only have to pay $7.20 per month to cover an unlimited number of accounts, devices, and children.

Sandwich Public Schools is a member of the Student Data Privacy Consortium (SDPC), an unique collaborative of schools, districts, divisions, regional, territories and state agencies, policy makers, trade organizations and marketplace providers addressing real-world, adaptable, and implementable solutions to growing data privacy concerns. The Consortium also leverages work done by numerous partner organizations but focuses on issues being faced by “on-the-ground” practitioners.

More information about the Student Data Privacy Consortium (SDPC) can be found here.

It is important that we have up to date contacts, emails, and sign-offs for all students in our buildings.

To fill out these forms, please follow these steps:

1. Log into the PowerSchool parent portal.

2. Once you are in the portal, click the student name on the top blue bar...

3. Then click Forms in the left hand navigation. 

4. Click the Enrollment tab at the top.

5. Once in the Forms section, find the “Returning Required” section and the form titled “Returning Student Contacts Update”.  Complete this form and then return to the forms section to complete the remaining forms:

• Returning Student Health Information Update & Medical Authorizations

• Returning Student Permissions/Agreements and Acknowledgment of Completion

Please note: Each child will have their own set of forms so you will need to complete these for each of your enrolled students.

If you encounter issues completing the forms, accessing the PowerSchool Parent Portal, or need assistance creating a portal account, email help@sandwich.k12.ma.us and someone will get back to you as quickly as possible. When emailing for help on your account or with the registration forms it is helpful to include your student's name and a full description of the problem for us to better understand your issue.

If you would prefer a paper form to fill out please contact your child's school.

Sent to all families and staff January 8th, 2025:

Dear SPS Families and Staff:

Late yesterday afternoon our school district was informed about a national/worldwide cybersecurity incident in late December involving our student information system (SIS) provider, PowerSchool. Our IT staff has confirmed that Sandwich student and staff information, along with potentially millions of others across the country, has been accessed by an unauthorized user. While we have limited details from PowerSchool at this time, we do know that social security numbers were not part of the information accessed as they are not stored in the compromised system.  From the information we do have, the issue initiated from compromised access to a PowerSchool support website that in turn allowed access to student information systems that they manage. Our district took all possible precautions and, unfortunately, could not have prevented unauthorized access of this nature as our data is hosted by PowerSchool.

This news, and the delay in which it was reported to us, is extremely concerning. Please know that we are actively working to gather more information and will provide updates as they become available. Our IT Director and his staff will be participating in a PowerSchool hosted webinar at 3 pm today, and I will communicate any/all news to you in very short order.

Sincerely,

Dr. Joseph Maruszczak

Superintendent of Schools

What is the District Doing to Respond?

Upon being notified by PowerSchool we immediately launched an internal, and ongoing, investigation. Based on the indicators of compromise that were shared, we were able to verify that the reported unauthorized access occurred and we have found no evidence of further unauthorized access. We continue to monitor and investigate and are also awaiting further information from PowerSchool and the CrowdStrike incident report expected in mid-January.  We will be closely analyzing all of this information, and we will share information with families and staff after the incident report is released.

Cybersecurity, in general, has been an ongoing focus of the district. Some of the key steps we have taken in recent years include implementing multi-factor authentication, upgrading our endpoint protection, and perimeter firewall improvements.

Sandwich Public Schools partners with other privacy-focused districts in the Student Data Privacy Alliance (SDPA) to negotiate data processing agreements with software vendors and an agreement is in place with PowerSchool. The SDPA is aware of this incident and is engaging with PowerSchool regarding their contractual obligations under the agreement.

We are committed to ongoing and transparent communication regarding this incident. We will continue working with PowerSchool to understand the ongoing investigation and response, and will share any relevant information as it becomes available.

What Data Was Accessed?

PowerSchool has reported that the unauthorized access was limited to the data fields in two database tables in PowerSchool SIS, and our internal investigation is consistent with this finding. The data that was accessed will vary by district due to differences in data collection practices.

What we know for sure is that Social Security Numbers were not part of the information stored in that data and none were accessed. The information that was accessed included: student names, home addresses and phone numbers, demographic information, parent/guardian and emergency contact information, custodial information for some students, contact information for physicians, medical “alerts” or notes (for example a food allergy), and school operational information, such as grade, year of graduation, student ID numbers and usernames, home room, and bus numbers.

The accessed staff information included names, contact information, home addresses and phone numbers, email addresses, staff ID numbers/usernames, and possibly some demographic information.  Again, Social Security Numbers were not part of the information stored in that data and were accessed.

We do not believe that any student assessment results, grades or academic data, report cards, full health records, IEPs, or records pertaining to attendance, discipline, or behavior were accessed. Lastly, we do not store student or staff Social Security numbers or financial information in PowerSchool SIS, and no password related information was accessed. 

Sent to all families and staff January 28th, 2025:

Dear Sandwich Families and Staff,

I am reaching out to provide an important update regarding the recent PowerSchool cybersecurity incident that may have impacted our school community as well as thousands nationwide. 

Here is the latest on what you should know:

• Identity Protection and Credit Monitoring Services: PowerSchool has engaged Experian, a trusted credit reporting agency, to offer two years of complimentary identity protection services for all affected students and educators. Additionally, adult students and educators will receive two years of complimentary credit monitoring services if desired. Please keep in mind that the Sandwich Public Schools has not- nor will at any time in the future- collected Social Security numbers as information to be stored in PowerSchool.
• Upcoming Notifications: In the coming weeks, PowerSchool will be sending direct, individual notifications to those affected. These communications will include details on the specific data involved and instructions on how to enroll in the offered protection services.

For additional details and ongoing updates, please visit PowerSchool’s official incident response page at PowerSchool's Official Response Page

PowerSchool is handling the notification process and will provide further information soon. We want to assure you that they have taken immediate steps to investigate and mitigate the impact of this incident.

Thank you for your patience and cooperation.

Sincerely,

Dr. Joseph Maruszczak

Superintendent of Schools