Internet Filtering

There was a time when safeguarding in relation to technology use was simple.    I remember when this was the case, when I was teaching IT in a secondary school as well as acting as the IT coordinator.   The only devices with internet access which the students had access to were in the school, the technologies to allow bypassing of filtering or which might make filtering difficult were few and far between, plus generally only for techie types rather than users in general.  Back then it was simple; Your internet filtering kept students from harmful content plus allowed you to monitor what students were doing online so you could tick the compliance box in relation to online safety.

The world isnt as simple anymore.

Although you still have your filtering in place you cannot consider this enough anymore.    Firstly students now are likely to have a mobile phone with data connectivity;   The filtering of internet access on your school network is of little use here whether students are using their connectivity for themselves or even sharing it as a wi-fi hotspot for their friends.  And in some schools students will even be bringing their own devices to school to actively use in lessons.

Tools for maintaining user privacy have also changed significantly.  15 years ago, in the secondary school I taught in, students would attempt to bypass filtering using web proxies.  These were easy to identify and therefore easy to then block.   Students used these as it was easy for them to use, simply requiring only the web address of the proxy.    Today students have access to all manner of tools from VPNs, which are now advertised on TV in relation to personal data security, to the ability to setup a dark web site with only one or two clicks.    Some services even market the fact they don’t keep logs.   Disposable email and social media accounts can easily be created as and when needed, or maybe even spin up a virtual PC in the cloud, use it then destroy in when done, taking with it any evidence of what it was used for.    The tools schools have to keep students within a safe internet bubble havent changed much, but the user-friendly tools which students have access to in order to bypass any restrictions have grown significantly.

Next the increasing need for privacy and security online is moving all sites and services towards systems which are less easy to monitor.   First it was almost all sites moving from HTTP to HTTPS.   The next step seems to be a move to DNS over HTTPS.   Given DNS requests are a key feature of filtering solutions, the encryption of these requests will render filtering solutions unable to see which sites students are actually visiting.    A solution here is SSL decryption which would allow filtering solutions to decrypt and then re-encrypt DNS requests as well as data however this in itself has its implications;   Is it acceptable to break a fundamental security measure built into sites in the interests of safeguarding?     By breaking the fundamental security of website traffic could we put student data at risk as it traverses our filtering solutions, and if so, is this risk acceptable?    And, is all of this effort worth it if students can simply hop onto their 4G/5G signal and bypass all of these precautions at will?

For me, what was very much a simple compliance measure in the need for a filtering solution has now changed significantly.    We need to therefore stop looking at this issue in terms of simply having filtering/monitoring in place and consider it from a broader risk point of view.   What are the benefits of how we use technology in our school?   What are the risks?   How do we reduce/mitigate these risks?  Do any of our mitigation measures limit potential positive uses of technology and is this acceptable? 

For me it is all about a balance between an open network allowing students to explore the breadth of potential positive uses of technology, along with the corresponding risk, versus a closed environment where technology usage is limited in the name of safety but equally this limits potential beneficial uses of technology.     Each school needs to identify where it stands on this continuum, what it supports in terms of technology use and what mitigation measures will be put in place.   This then needs to be regularly reviewed in relation to new technologies and also new or changing uses of technology within school.

Safeguarding in relation to technology use is no longer simple;  It is no longer a simple compliance tick box, or simple internet filtering box but instead a larger conversation around the benefits and risks of technology use in school, by staff and by students.

Advertisement

Remote Learning TweetMeet

school-3765919_1280Last nights Microsoft TweetMeet focussed on Remote Learning.   It was certainly a busy session with my tweetdeck updating faster than I could think; it was a blur of activity.   Overall it was an excellent session and probably the best TweetMeet I have been involved in so far.   I therefore thought it might be useful to summarise the key messages I took away from the event:

  • We are all human

I think this is very important; to recognise that we, teachers, our students, their parents/guardians and the wider school community are all human.  This is a difficult time; unlike anything we have experienced before and for many the unfamiliar circumstances we find ourselves in can be very scary.  Add to that concerns relating to the health and wellbeing of loved ones, of family and of friends plus for some the actual loss of people close to them and we find ourselves significantly outside our comfort zones.  We need to recognise and accept this, and to ensure we consider it when interacting with others.   We need to ensure we provide space and time for these concerns to be shared and discussed and we need to support each other.   High expectations are great but may need to be considered carefully in the current context we find ourselves in.   As we seek to use remote learning to continue children’s education we must maintain our focus that the most important thing in times like this isn’t the curriculum, assessment, EdTech, etc, but is in fact our teachers, students, their parents, families, and the wider school community;  What matters most is people.

  • We are better together

Related to the above is the fact that as humans we are social animals.   We are designed to be at our best when working with others and in this time of isolation this is no different.  For me the TweeetMeet was a perfect example of this.  There were lots of people involved in the session each individually doing excellent things in relation to remote Learning but by coming together and sharing, discussing and exploring things together we are all the better.    At this time of isolation we need to ensure we build the opportunities to collaborate and to share experiences.   Where individually we identify things that work or don’t work, we should seek to share this.    It may be that ideas shared by others won’t work in your particular context, but by at least considering such ideas you will have gained some insight;  Think Edison and 1000 lightbulbs.    The more we share the better.   My favourite phrase in relation to this being “the smartest person in the room is the room”.   And thankfully we live in a time where we largely have the technology available to achieve this through blogs, vlogs, podcasts, video conferencing, webinars, etc.  The world is a pretty big room!

  • Technology is here to stay

For all the discussion about whether EdTech makes a difference or not, whether we should embrace technology in schools or ban it, we often miss an important fact.   Technology is here, and it is here to stay.   Social media, on-demand TV, sat nav, video conferencing, artificial intelligence, user tracking and many other technologies all exist now and they aren’t going to disappear, in fact they are likely only to continue to evolve and to take an ever greater place in our lives.   Given this world how can education avoid technology;  I don’t believe it can.    Technology provides us many tools which can allow us to do new and exciting things and we need to seek to use it.  Just think where we would be in this current crisis without technology.  How would learning work without it?    So, if technology can act as an enabler of learning in a sudden crisis like the one we find ourselves in now imagine what we might be able to achieve with a bit of time, planning and people working together.  This is what we need to consider in relation to life beyond Covid19.

  • The Digital divides will be our biggest challenge

I have written about this already and you can read my post here.   Our biggest challenge is likely to be the lack of parity which exists in relation to technology.   It isn’t just about access to devices such as laptops or tablets for use by students at home, or access to the internet at home.  We also need to consider the many other divides.   Parents at home may have differing abilities to support their children in using technology at home plus students themselves will have differing abilities.  Schools will have different amounts of IT support available to help out staff, students and parents with issues and problems.   Additionally, schools will have different amounts of professional learning and training resources again for use by staff, students and parents.    There will be different levels of IT equipment in schools with some schools having 1:1 devices while others might be limited to a single IT lab or less.   Experience with the pedagogical aspects of using technology to support learning will also differ across schools or even within schools across departments.  Confidence levels and motivation to experiment, plus the school culture with regards technology is another factor which is inconsistent.    If we are to achieve equal opportunities for all students in relation to the opportunities to use technology in learning, these and many other divides will need to be considered.

  • Safeguarding

The final point that stuck out for me from the TweetMeet related to safeguarding and the need to keep students and staff safe during this period of remote learning.    This is an issue which in my view is very complex and is for individual schools to reach a decision in relation to their own context.   That said I have a particular view on this and in particular on the use of video to allow students and teachers to interact.  I am aware some schools have disabled the ability for video calls to be used citing safeguarding concerns, with the view that by turning off video within the schools technology solution they are protecting their students.   If we accept that we are human and we are social animals, then students will seek personal contact independent of our actions, so by disabling video we force students to use other non-school platforms to achieve the personal contact they seek.   I believe this represents a risk.    I also think we need to consider the fact that learning is a social experience so the more social we make remote learning the more successful the learning will be.   Removing the use of video complete with the various visual cues it presents reduces the impact of learning.  I will acknowledge that there is a clear safeguarding risk where video is enabled, however life is never without risk.   For me, it is about engaging parents, students and staff about managing the risk as much as is reasonably possible while still enabling the best learning opportunities possible.

When I started writing this piece my plan was a short summary of the TweetMeet session;  Failed on that one as this isn’t exactly short.   I also must admit this post also only covers the highlights of the session as I saw it and most likely missed loads of other excellent points or discussion threads.   That said, and in acknowledging point 2, I thought I would share.  I hope the above is helpful and look forward to reading any thoughts or comments people may have.

 

EdTech Summit, Brighton

EdTechTitleSlideI had the opportunity to present at the Brighton ISC Digital EdTech summit during the week.  My talk, “Common Sense Safeguarding” focussed on the need for schools to take a broad and more risk based view of online safety as opposed to the previous more compliance driven approach.    Given the number and range of technologies students have access to and also the tools available to bypass protective measures put in place by a school, or even the ability to negate them totally through using 4G, online safety is no longer as simple as it once was.    This therefore needs a broader view to be taken.

In addition, I identified that in our dealing with Online Safety we are not yet effectively addressing the issues which are growing with our increasing use of digital resources and services.    Cyber security, big data, profiling, artificial intelligence and bias, ethics of IT systems and similar broad topics don’t yet have a key place in the general curriculum albeit opportunities exist across different subjects.    We need to ensure these issues are discussed with all students.   It was to that end that I proposed a cross school discussion group focussed on Digital Citizenship.

Overall my view is one that we need to be more aware of the limitation of preventative measures such as web filtering plus need to focus more on user awareness and having discussions with students regarding the wider implications of staying safe and being successful in a digital world.

If you are interested in being part of a group of schools discussing Digital Citizenship please fill out this Microsoft Form and to access my slides from the EdTech Summit please click here.

Digital Citizenship Questions

digiquestionstitleI think it is so important that schools ensure that discussions in relation to living in the digital world are encouraged throughout the school.   It is only through discussing the positives and negatives of the increasing digital lives we live that we can prepare our students for the world they live in and the world yet to come.

To that end I recently started creating some slides with questions to be used as a stimulus in discussing digital citizenship.

Here is my first set of slides:  Some digital citizenship questions.  I do hope you find them useful and please do let me know your thoughts and any suggestions as to how I can build on or improve them.

 

Safeguarding: A need for a broader focus

girls-3481791_640Cyber security has very much adopted a “not if, but when” mentality to signify the need for a risk management approach in relation to cyber security risks as opposed to the older compliance driven approach.    It is my belief that we also need to take a similar approach when it comes to online safeguarding of students.

There was a time when having internet filtering on school computers and an acceptable usage policy was enough to check the safeguarding compliance boxes and be satisfied that a schools had sufficiently met its safeguarding needs.   I remember these days when I would check the schools net history on a weekly basis to adjust the filtering and restrict student access to game sites in particular.

Today we find students have phones and other mobile devices which they bring to school, some due to a school BYOD policy and some due simply to the fact that having a smart phone is now part of normal everyday life.   These devices all come complete with internet access, including access to social media.   Where a school might employ monitoring technologies students can make use of proxy servers, VPNs or an onion browser among other methods to attempt to bypass such technologies.   I recently came across a site which would allow anonymous hosting via the Tor network with little to no technical knowledge required.   Student might even simply revert to 4G or even 5G to totally circumvent the schools network and any precautions which may the school may have put in place.     In the near future, DNS over HTTPS may become the norm which would further make it difficult to block and filter.

In this world we need to accept that no matter what technical measures a school puts in place, students will be able to find a way around such measures.    The resultant cat and mouse game between staff and students, with students finding work arounds and then staff seeking to negate them serves no-one, only consuming time and energy on both sides.   It is also unlikely to be successful, so we need to accept that in attempting to safeguard students, preventing their access to certain sites and services is likely to be ineffective.   Given this the safeguarding focus needs to significantly shift towards awareness and education.      We need to seriously look at the discussions in relation to safeguarding which are happening in schools.   The opportunities already exist in various subject areas to discuss the implications of big data, cyber security, artificial intelligence, fake news and data profiling to name but a few.    We need to ensure that such opportunities are taken and that all schools are confident that they have addressed safeguarding and that thorough discussion with students has taken place.   The current political campaigning for example represents a great opportunity to discuss how social media may both report the news but also shape and create it, even influencing peoples decision making.

Online safeguarding used to be a more simplistic compliance exercise, and to some extent these requirements still exist (and the safeguarding guidance certainly still points towards this approach), however we need to take a more holistic view and broader focus.   Simply filtering or monitoring specific keywords or categories or banning devices is not enough.

 

%d bloggers like this: