Last week, we were joined by Samuel Carter from NC State’s Friday Institute for Educational Innovation to talk about how North Carolina built a statewide cybersecurity program for its public schools, spanning 1.5 million students, 250,000 staff, and 349 public school units, with the help of runZero.
Naturally, we started with some barbecue banter, as Texans and Carolinians are wont to do, and quickly moved into a conversation about what it means to defend a state’s worth of classrooms with almost no dedicated security teams.
The Challenge: 2,700 schools, countless devices, minimal staff #
In many districts, the “IT department” is a science teacher, a bus driver, or whoever once fixed the printer. Budgets are tight, technical expertise varies widely, and infrastructure runs the gamut, from modern data centers to aging laptops doubling as servers.
Each school’s network is its own microcosm:
IoT and OT devices everywhere: cameras, HVAC systems, door controllers, vape sensors, even robot vacuums.
Shadow IT galore: teachers purchasing routers or smart devices to “get the job done.”
Legacy systems: Windows XP machines, outdated firmware, and devices that can’t be patched or replaced.
With threats like ransomware and new CISA emergency directives appearing routinely, the question was simple, but massive:
How can one state see and secure everything without adding complexity to school administrators who are already stretched thin?
The Solution: Agentless, scalable, and centralized #
Sammie’s team needed something that could run anywhere and require almost nothing from the schools themselves. runZero’s agentless discovery fit perfectly.
With a single statewide account divided into 350 organizations, the state gained a unified view of every school’s environment while allowing local teams to manage their own networks. One lightweight runZero Explorer per site was enough.
Now, even districts with minimal staff could see their full inventory: laptops, cameras, thermostats, smartboards, and all the “doohickeys” that make up a modern classroom. That visibility became the foundation for everything else.
Why runZero worked so well #
- Lightweight by design.
Agent-based tools didn’t scale. “It’s hard enough to keep one laptop running,” Sammie said, “let alone install agents on every device—or the thermostat.” runZero’s zero-agent approach eliminated that barrier. - Centralized visibility, local control.
The Friday Institute can scan ~100,000 external IPs every three days for statewide risk trends, while individual schools schedule internal tasks around their realities—like pausing during exam week. The model keeps operations local but insight global. - Fast, human support.
When a district admin hit an SSO snag, runZero resolved it in four minutes—before Sammie could even reproduce the error. When the state needed longer event history to investigate an issue, the runZero team pushed a hot patch within hours. “I thought it was just for us,” Sammie said. “Turns out it shipped to everyone.” - Built-in intelligence that saves time.
runZero’s Findings and Risk Dashboard let schools focus on what mattered most—whether that was a critical Cisco ASA vulnerability or banned hardware from the FCC Secure Networks Act list. We added that query directly to the product after Sammie’s team flagged the need.
Results: Big-picture insight for small teams #
With runZero, North Carolina can:
See every device across 2,700 schools.
Spot risky connections and misconfigurations early. (Like a Siemens HVAC unit quietly tunneling traffic to a support network in Vietnam.)
Detect exposures before other tools. runZero identified vulnerable Cisco ASA devices before other scanners did, giving schools a head start.
Coordinate response across hundreds of networks. One shared view turns a handful of state-level defenders into a multiplier for hundreds of local teams.
And sometimes, the wins are small but telling—a “missing” Chromebook that turned up in a neighboring district, located in seconds with a single cross-org search.
The takeaway #
When you’re running security for thousands of schools on shoestring resources, success isn’t about perfection — it’s about visibility, simplicity, and speed.
North Carolina’s program shows that scalable, agentless exposure management can make even the leanest teams act big. Because in cybersecurity (especially in schools) you can’t protect what you can’t see.
Watch the webcast replay #
And check out the in-depth case study to learn how North Carolina scaled visibility statewide.
