It’s a story we’ve heard time and again. Public school budgets are smaller than ever, and the funds devoted to improving technology (and security) get cut in half, and then cut in half again. Network administrators at schools are forced to piece together legacy hardware and out-of-date software with some clever work-arounds in order to keep kids protected from malware, phishing and unsafe content.

Unfortunately, this often results in security loopholes and inconsistent filtering policies for kids (who are usually tech smart enough to figure out how to get around them) and a whole heck of a lot of work for network administrators.

OpenDNS is changing all that. With OpenDNS, schools can can turn filtering and malware protection into cost-savings initiatives instead of cost centers, and they can ensure that protection is universal across an unlimited number of locations. And this isn’t just speculation on our part – we shared a new milestone this morning that proves it’s reality. We announced that 90 percent of public K-12 schools in Maine are using OpenDNS. For us, it’s a huge honor and privilege to be given the responsibility of protecting nearly every kid in Maine. But for the state of Maine, it’s a lot more.

We tip our hat to Maine for being on the cutting-edge of technological innovation, lifting the burden of appliance management and limiting the dangers of security loopholes. And we send a very big congratulations to the team at Networkmaine, the organization that operates and maintains all network infrastructure for Maine’s K-12 schools and libraries, who identified that using OpenDNS would not only allow the state of Maine to significantly improve the security it uses to protect kids, but that universal deployment would put them at the forefront of keeping kids safe online.

Last year we announced that 1 in 3 public K-12 schools in the U.S. were using OpenDNS, and although we celebrated the milestone, we went to work right away to make OpenDNS the choice of all schools. We added the academic fraud category for content filtering and created the K-12 forums in our community section. And we’re not done yet. If you have ideas for how to make OpenDNS better for schools, tell us what you need. David and our engineers are closely monitoring the IdeaBank, where you can share suggestions for product improvements, and we’re always listening at Success@OpenDNS.com.

Today we announced that Shea Homes, the largest privately-held homebuilder in the U.S. has deployed and is experiencing great success with OpenDNS Enterprise. J.F. Shea Co., its parent company, is also using OpenDNS Enterprise. For us, its hugely exciting that the company America trusts to build our homes and engineering marvels has trusted OpenDNS Enterprise with the task of protecting its networks and employees from malware and unsafe content.

It’s no easy task to be one of the nation’s largest and most respected homebuilders and civil contractors. Aside from a strong commitment to excellence and customer satisfaction, and building global landmarks like the Golden Gate Bridge and Hoover Dam, it also means a constant and significant amount of corporate growth. For Shea Homes and parent company J.F. Shea Co, keeping up with that rapid growth meant purchasing, deploying and managing new malware protection and content filtering appliances for its various networks every time a new office was added, or more bandwidth was needed. The company and its subsidiary were stuck in an ugly cycle of appliance management, a story that’s all too familiar for many rapidly growing organizations. But escaping the cycle was not only easy, it resulted in significant savings of both time and resources.

The J.F. Shea Co. and its divisions were early adopters of cloud-based services like OpenDNS Enterprise because the move let the companies free up significant IT budget and time, and downsize datacenters across their distributed locations. This was especially significant during the economic downturn that left the building industry particularly hard hit. Notably, J.F. Shea Co.’s cloud-based evolution was rooted in the transition to OpenDNS Enterprise. Shea Homes soon followed by adopting OpenDNS Enterprise for all of its North Carolina locations. The organizations not only leverage OpenDNS Enterprise for its unique ability to block malware and botnets at the DNS level, but also for the added protection the organizations receive by filtering malicious sites that are frequently the sources of such malware.

Using OpenDNS Enterprise afforded J.F. Shea Co. a savings of more than $25,000 and gave Shea Homes the ability to downsize its datacenters and let its IT team focus more closely on proactive maintenance. We’re excited to say that OpenDNS Enterprise does this each day for companies large and small. And we love spreading those stories, helping other SysAdmins around the world learn how OpenDNS Enterprise can do the same for them. If you have questions about OpenDNS Enterprise, or want to learn how it can help your business stay safe from malware or inappropriate content, join our webinar next Wednesday, Oct. 26.

If you’re using OpenDNS at work and want to share your success story, email Success@OpenDNS.com.

Editor’s note: EDUCAUSE, an organization that helps advance higher education by promoting the intelligent use of Information Technology, hosts its annual conference this week. And we’re celebrating by introducing you to one of the many bright students studying Information Technology, Richard Wang. Richard is finishing his senior year studying Computer Science at Cal State Long Beach, and shares some insight on transitioning into life after college.

OpenDNS: Did you always know you wanted to work with computers?
RW: No, as a matter of fact, I originally wanted to be in theater. It was after I was infected by my first malware that I wanted to learn more about computers and work with them. No one wants malware on their machine — that’s why we use OpenDNS – but If it wasn’t for that malware, I would probably be on stage somewhere pretending to be someone’s grandma.

OpenDNS: How are you using OpenDNS today?
RW: I discovered OpenDNS when I read an article where Dan Kaminsky was discussing a security vulnerability targeting DNS servers. When I learned that OpeNDNS was the only DNS provider not affected by the vulnerability, I set it up right away. I love OpenDNS for the faster Internet, typo correction and phishing protection. But, I also have a younger brother and cousin who bring their friends over, and those friends bring their laptops as well. I provisioned OpenDNS at the router so any device that comes onto my network still adheres to the standards I set. Thanks to OpenDNS, I have not gotten in trouble with anyone’s parents.

OpenDNS: You’re interning at a pretty neat company. How does your real world experience differ from the classroom?
RW: The pressure and stress is definitely greater. If I mess up on a school project it means a failing grade. But, if I mess up on a real-world security project, the consequences could be much more severe. One of the most interesting adjustments is that that outside the classroom the development process is much more dynamic. There are always numerous tests, designs, revisions, approvals and implementation phases to go through. But, just knowing that real customers will use my work makes me proud. Oh and the fact that I get to use Linux a lot more at work than at school is awesome!

OpenDNS: You’re nearly finished with school. With technology changing so fast how will you keep your education up to date?
RW: I try to read as many blogs and forums as possible. There are so many smart people out there who learn something about an appliance, software or service just by playing around with it! The OpenDNS blog is one of my favorites, since it explores real issues related to Web security. YouTube is a great resource, too. I like watching Google Tech Talks when I have time to spare.

OpenDNS: It’s said that if you do what you love it’ll never feel like work. What are your plans for when you’re done with school?
RW: After I am done with school, I want to do system administration or software development. I do not mind either one as long as I get to play around with Linux at work — playing with Linux at home is not enough to satisfy me.

Confusion reigns over a new partnership between the UK government and the region’s largest ISPs. What we know is that Sky, British Telecom, TalkTalk and Virgin have teamed with Prime Minister David Cameron to make it easier for parents to block pornography.

What we don’t know is whether filtering of pornographic websites will be on by default, with the option to be disabled, or off by default, with the option to be turned on. We also don’t know how, technically, the filtering will be executed. And related, how difficult it is to bypass. We don’t even know how “pornographic” will be defined.

Even without knowing any of that, I can say with relative certainty that this is an idea that won’t work and shouldn’t be done. More on that in a moment, but first, a comment on how some people use OpenDNS.

Something we don’t talk about often is the dual nature of OpenDNS’s benefit to our 30 million-plus customers around the world. While a good portion of those folks use OpenDNS to filter content and keep their kids safe online, many people in countries like Algeria, Egypt and Turkey use OpenDNS for an entirely different and even opposite reason. Those countries happen to be three of the top government-imposed Internet-censoring countries in the world and our customers who live there are often able to use our service to access the wide-open Internet. It allows them to quickly and easily bypass government-imposed filters that are done through the DNS. We fully support that and believe that people should control their own means of accessing the Internet.

Back to this UK porn filtering idea. We believe filtering should happen at the edge. The edge means the “last mile” where your home or computer connects to the Internet, or where your office connects to the Internet. Doing filtering at the ISP level is what I would describe as “the core.” We don’t think ISPs or Government should mandate what you can and cannot access, nor should they modify or censor packets that leave your network. We’re thrilled to be the choice of millions of people who want to block malware, botnets, and sometimes even pornography on their network, but we would never want usage of OpenDNS to be mandated by the Government. We prefer when our customers choose us and when our customers set us up themselves.

OpenDNS has become part of the discussion in the UK today because many have pointed out that we do what Cameron is trying to do with the new filter. There are important differences though. It’s true, OpenDNS can be enabled today in every household in the UK with children, empowering parents to block what they deem unsafe or inappropriate for their family. But OpenDNS can be configured differently for each household, as opposed to a blanket filter, which it appears is what is being proposed by the UK government.

Our stance here is simple: We think parents should have the tools to keep their kids safe. For some parents that means having access to content filtering tools, but for other parents it just means a conversation with their kids. That’s a choice best left to parents, and we don’t think that any form of government intervention is appropriate here.

Editor’s note: October is National Cybersecurity Awareness Month here in the U.S. so we’re catching up with Thomas Mitchell, a Managed Service Provider who deploys OpenDNS Enterprise on nearly all the networks he manages, for a few tips on improving Web security and avoiding costly IT disasters.

OpenDNS: You work as an OpenDNS ambassador of sorts, recommending and installing it for your customers. Why did you choose OpenDNS over competitors?
TM: I discovered OpenDNS because I was looking for a way to keep my family safe online. After further exploring OpenDNS business solutions, I realized it was ideal for many of my clients. Appliance-based systems are costly to set up and maintain. We had experimented with proxy-based web filtering, but that brought other issues. And the last thing we wanted to do was roll out software to end user devices because we’re now seeing a myriad of smart phones and tablets in addition to desktops and laptops. OpenDNS was quick to set up, easy to maintain and a single dashboard allows us to look after all our clients from the same place. It really was a simple decision and one we would make again.

OpenDNS: You must inherit disasters of all sorts. What’s the ugliest thing you’ve seen?
TM: We recently took on a new client and all the users on their network were complaining of performance problems and other random issues. The network had over 200 viruses and a ton of malware. This was mostly because there wasn’t a comprehensive preventative security strategy in place. As expected, when we put proper precautions in place, including OpenDNS, there was an immediate improvement.

OpenDNS: What’s the best tip you can offer to computer and Internet users for avoiding costly IT repairs?
TM: Security. If you make sure your machine is patched with the latest updates for your software and a current anti-virus installed, and add OpenDNS to the mix, you’ll find most problems are prevented in the first place. Beyond that, I’d advise not to install applications or free software that you don’t need.

OpenDNS: What about a tip for small businesses who can’t afford an in-house IT person?
TM: Find a local IT support company that offers proactive, unlimited support. This way you get the benefit of having a whole team of specialists to look after your IT. Just make sure the service is unlimited. That way your IT support team is motivated to prevent issues rather than wait and charge by the hour for fixing the inevitable.

OpenDNS: What’s one thing people should do before picking up the phone to call their IT guy when they think there’s an issue?
TM: Turn it off and on again. It probably seems too simple to work, but you’d be amazed the amount of people who call us with problems that a simple reboot would fix. Going beyond that, a search in Google often finds a solution in no time at all. Just remember to be specific in your search, type in the exact error you are seeing. The odds are someone will have seen it, and fixed it before.

Thomas Mitchell runs TechSolvers, an IT and Managed Services support consultancy in the UK. Want to answer five questions for OpenDNS like Thomas? Email your OpenDNS success story to Success@OpenDNS.com.

Attention Managed Service Providers: OpenDNS can protect your clients, too. Click here to learn more.

We love hearing stories from our users about how they’re using OpenDNS, so much in fact, that we frequently ask our Facebook friends and Twitter followers to tell us about their experiences. And when Dustin Springman, network director for the South Georgia Regional Information Technology Authority (SGRITA), recently told us a story, we thought it was so humbling and inspiring we just had to share it with you.

It’s no secret that we think OpenDNS has the absolute best users of any security company out there. And, that while we work hard to spread the word, it’s the users themselves who are our best ambassadors. But Dustin has taken it to the next level. Working with SGRITA, Dustin has universally deployed OpenDNS across networks that serve more than 15,000 people.

After dealing with the unreliable DNS offered by his local ISP for too long, Dustin set up OpenDNS and never looked back. He loved the service so much that he began sharing his success with friends and neighbors, even going the extra mile to set it up on their machines.

But his passion for OpenDNS didn’t stop there. At the time OpenDNS announced it was offering a cloud-based content filtering solution, Dustin was working for SGRITA and advising many K-12 schools on Web security. He quickly realized the dramatic impact OpenDNS could have on K-12 schools that face limited IT resources yet still need to meet CIPA compliance. Springman educated local school districts on the benefits of using OpenDNS and deployed the service universally across all of the school networks SGRITA managed.

When we announced OpenDNS Enterprise to protect businesses from malware, Dustin once again sensed that OpenDNS was reading his mind. SGRITA was troubleshooting an alarming amount of malware and botnet activity for the business networks it served, and he knew DNS level malware prevention was a unique solution. Dustin advocated that all the business networks SGRITA served explore and institute OpenDNS to cure their malware woes.

Today Dustin is an active participant in the OpenDNS community: Tagging domains in the Domain Tagging system and helping make OpenDNS Web content filtering more effective, submitting ideas in IdeaBank about ways OpenDNS can be even better and more feature-rich, helping other users by answering questions in the Forums. Plus, he’s following Facebook and Twitter for the latest updates and ensuring OpenDNS is set up on all the networks SGRITA manages.

And we know that there are thousands more OpenDNS users just like Dustin. So to all of you who have convinced your CTO to deploy OpenDNS across your company’s network, educated your local school board on OpenDNS so your kid was as safe at school as she is under your roof, or simply installed OpenDNS for your parents, we say: Thanks a million. We hope that as we continue to add features and products that will benefit your colleagues, friends or community you’ll help us spread the word and create a safer Internet for everyone.

Give us the chance to thank you for spreading the word on OpenDNS: Email your story to success@OpenDNS.com.

Nope, that’s not a typo in the headline, we had our best week ever, for the last two weeks running. It’s a great pleasure to run a company that has grown consistently since its inception five years ago. Being able to watch important metrics climb up and to the right is a joy not all companies are afforded, and we don’t take this success for granted. We’re focused on innovation and improving the status quo when it comes to DNS and security — we owe it to each of you.

In our kitchen we have a KPI (key performance indicators) dashboard that every employee at OpenDNS can see. It covers an array of important metrics that provide critical insight into the health of our business even including our day to day financials. I’ve always run OpenDNS with a keen focus on numbers and I believe we can run the best company by sharing the numbers widely. Being able to see the numbers causes everyone to think about their contribution to the metrics that matter and how they can have a positive impact on the company (less support requests, improved performance, better traffic engineering, etc.) I believe looking at the numbers can guide a business unfailingly — Numbers don’t lie (though their interpretation is often a good fodder for debate!).

Today I’m delighted to report some exceptional numbers. OpenDNS has recorded its two biggest weeks on record. We are now regularly handing over 32 billion requests per day during the week (some of you seem to take a break on weekends). Best of all we’ve done this with zero downtime, as we’ve never had downtime in our entire company history.

I believe in our mission unwaveringly of making the Internet safer, faster and more reliable. And I can’t thank our users enough for their support of that mission. Also can’t wait to share more the cool stuff we’re cooking up.

PS — Some of you have already asked me about what we’re using for our KPI dashboard. We built it ourselves and I’m going to suggest the engineer who created it write a post about how it works.

OpenDNS runs PhishTank.com, the largest clearinghouse of phishing data on the Internet. So we’re often the first to see new, particularly sneaky phishing attacks. The one we’re sharing with you today is both of those things.

At the surface, this scam looks like hundreds of thousands of others we’ve seen over the years. It impersonates an HSBC Bank website and encourages people to enter their login credentials, which would then, presumably, be stolen and used nefariously. While any kind of phishing is gross, it’s what’s happening behind the scenes here that’s particularly alarming.

Simply put, the scam actually turns 404 errors into phishing websites. So this phishing website returned 404 headers to your browser, which normally tell your browser that the website you’re trying to load is down or can’t be found. Instead of saying a page couldn’t be found, their “error” page just looked like HSBC Bank’s website to visitors.

The reason this is especially crafty is that it completely circumvents one of the primary ways PhishTank tests if a phish is still live and functional, which is watching for 404 errors. Normally a 404 would only be returned after the offending website was fixed, indicating the content is no longer available. However, a website administrator can put whatever content they want on their 404 error page. This is exactly what we saw happen. By returning a 404 error, but still rendering the phish, the website administrator avoided being caught by Phishtank. But not for long.

Our exceptional community of security researchers, IT professionals and academics, quickly identified the phish and verified it, blocking it for more than 30 million people around the world instantly. And OpenDNS engineering is working now to update the way PhishTank works to make sure we catch these types of phishes without delay going forward.

The moral of the story here, and the moral to every story about Internet security: the bad guys are crafty and constantly trying new ways to trick Internet users. Security companies like OpenDNS need to be vigilant and work with the security community to quickly react to threats and always stay ahead of the bad guys. You can bet we will continue to do just that.

Update: The phishes referenced in this post were submitted by PhishTank community member Michael Molsner, who works for Kaspersky Lab.