Staying safe in the digital learning environment
Ed Macnair, chief executive officer at CensorNet
The use of tablets and laptops in the education sector is providing students with an enhanced learning experience and the flexibility to extend their learning outside of the classroom. Alongside this, the introduction of bring your own device (BYOD) into schools is seen as a key learning development tool.
While this trend offers a multitude of benefits for educational establishments, at the same time it is by no means problem-free. “It is a known fact that pupils will bully, threaten and intimidate each other using the school’s IT infrastructure. It is also a known fact that pupils will threaten each other with violence by passing e-messages in the classroom. Similarly, attempts at extortion have also been discovered which take place in the classroom and with the teacher present, through the vector of e-messaging using the school’s equipment. The psychological, emotional and developmental damage that can be done to a child in such circumstances is likewise recognised.”*
In addition, the internet can expose pupils to inappropriate material – including images of extreme adult material, images of violence and material encouraging self-harming and eating disorders (to name but a few).
The implementation of BYOD in learning environments therefore requires a platform that can secure, unify and deliver content to various devices and operating systems. If schools are not set-up with a robust web and content-filtering solution that supports BYOD, it is possible for some tech-savvy students to find ways to bypass school web-filters, spreading the knowledge fast among peers.
The following seven steps tips help you keep on top of the problems:
Web security: A school’s IT department must start by implementing a robust web and content-filtering solution to manage internet access both inside and outside the classroom. This web-filtering solution must support multiple mobile devices, isolating BYOD from the rest of the network via a VLAN (virtual local area network) or separate subnet. This ensures any malware on BYOD is kept away from internal servers and computers.
With pupils’ safety being key, the web-filter must enable education-friendly settings such as Google Safe Search. A good web-filter should enforce safe search on YouTube to allow students access to suitable content for educational purposes.
If the web-filter is unable to enforce safe search, IT staff need to consider standardising on an education-friendly search engine instead.
Security synchronisation and alignment: It is important to ensure the firewall is working in harmony with the web-filter. In some cases, IT administrators fail to block direct web access via the firewall and rely simply on group policy or browser restrictions to enforce proxy use. It might be a simple mistake, but it could also create a window for a savvy student to bypass the block and find a direct route. Although, if the firewall is configured so that direct web access is only allowed via the user profile of the proxy, then this gap can be closed.
Reporting: Regularly reviewing trend reports using a web-filtering product will often highlight sites that have slipped through the net. For example, if pupils are able to find a way to access an inappropriate site, generally, it will shoot to the top of the “top sites” trend report. To ensure web-filters are working effectively it is key not to “install and forget”, rather someone needs to own and monitor it regularly.
Rule-setting: Online communication sites such as Skype and Facebook are notorious for bypassing filters if they can find a direct route out to the internet. For IT administrators to block access to these sites on BYOD requires the enforcement of strict rules. Although in some cases, IT employees add a lazy rule, granting pupils access to far more sites than intended.
It is therefore important to establish specific bypass rules, rather than using the general rule book. To block access to Facebook involves adding www.facebook.com or a path name, if it is a sub-section of a site that demands control. However, with a lot of sites now using SSL (https), sometimes blocking the standard URL does not mean the secure URL will be blocked as well. Schools should remember for example that applying the rule “www.facebook.com” may not necessarily prevent access to “https://www.facebook.com” as it is dependent on the filter.
Implement the latest security policies: Implementing the latest security policies will greatly protect students. For example: restricting student access to communication sites such as Skype, while connected to the school network, can eliminate the likelihood of exposing students to offensive online material.
Leverage a URL reputation database to categorically block access to inappropriate sites such as adult content, games, gambling, social networking, hacking, anonymous proxies, drugs and self-harm to mention just a few categories. Stop proxy abuse by tech-savvy students who look to bypass a school’s security measures by researching anonymous proxies to access blocked or unauthorised sites via backdoor URLs.
Limit web-browsing in class hours: To encourage productive and educational use of the internet, tutors should specify times when students are allowed to browse the internet in class to support their studies.
Educate staff: As BYOD in the class room gains momentum, pressure on IT departments and teaching staff will continue to mount. Ensuring that staff is educated on e-safety and the latest security policies, as well as raising awareness and understanding teachers’ personal liability in the event of breaches or incidents affecting students, all make for a safer online learning environment.
While educators are responsible for controlling Wi-Fi internet access for students, it is impossible to oversee pupils’ activity online when using their own mobile data connection. Parents need to take responsibility too and choose what they are allowing their children to access, as well as ensuring specialist web-filtering tools are installed on all devices – mobile and desktop.
South Africa’s leading value-added distributor, Networks Unlimited, distributes CensorNet solutions throughout southern Africa. For more information, please contact Angela Bethell, channel manager: CensorNet at Networks Unlimited at email@example.com.