Case study: How one large school district said “never again” to ransomware

When it comes to writing customer case studies, I always look for the human angle — a personal experience that readers can relate to. It’s not always easy to find, but when I spoke to Lacey Gosch about her experiences as Assistant Superintendent of Technology at Judson Independent School District, the human angle on her story was front and center.

You see, just 20 days after Gosch was hired at Judson, the 31-school district, serving 26,000 students, was struck by a devastating ransomware attack. Vast amounts of data and equipment were destroyed — including their tape-based backup system, meaning that a lot of critical data simply couldn’t be recovered.

Gosch and Judson were fortunate that the attack took place as the school year was ending, but it still was incredibly challenging to get even basic systems like email back up and running in time for the beginning of the fall term. It was a real trial by fire.

Making lemonade

But the attack did have one upside. Gosch had big ideas for modernizing and upgrading the district’s IT and security systems, and she expected to have to fight for the budget and approvals she would need. But, she says,

“After that ransomware attack, there was no debate about the fact that we needed to make some major upgrades to our IT infrastructure. I frankly took it as an opportunity to push through some major changes, including a complete migration to Microsoft 365 and a significant redeployment of workloads to the Azure cloud.”

One factor that may have left Judson vulnerable to the attack was that someone on her staff had been automatically renewing Judson’s license on the very outdated Barracuda Spam Filter appliance that was protecting their on-premises Exchange server — without consulting Gosch or even responding to their Barracuda rep’s repeated attempts to contact them about upgrading. Once Gosch reached out to us,

“Our Barracuda rep was happy to roll back our license and apply what we’d already paid to our new Barracuda Email Protection subscription. And with all our servers down, we couldn’t even generate a proper order or process payments, but Barracuda was willing to help us get everything set up and worry about billing on the backside. There were not many vendors willing to work with us like that.”

Earning trust, earning business

Long story short, Gosch and her team started with Barracuda Email Protection including Cloud-to-Cloud Backup for Microsoft 365 data and a full stack of advanced capabilities. Then they added Barracuda Backup to protect data hosted on-prem and in Azure. And finally, they replaced their existing network firewalls with Barracuda CloudGen Firewall appliances.

Why did Gosch stick with Barracuda for not just email security but also data protection and network security? Here’s a clue: She routinely attends conferences where she presents on her and Judson’s experiences with ransomware and recovery. And, she says,

“I always make a big point of sharing how helpful Barracuda has been, and how reliable and effective the solutions are. And I especially stress how incredibly helpful and responsive they are from a customer service and support perspective. I basically tell them that Barracuda is a top vendor that they should absolutely take a good look at as they get into upgrading their security.”

Here's a clip from her video testimonial about Barracuda putting it even more concisely: