Security

Firstly, the computers your learners use in school will almost certainly be connected to a local server – another computer that stands between the classroom computers and the outside world. This server may be located in your school or it may be somewhere else, for example in a local authority’s IT department or in a private company that provides this service to the school.

Wherever this server is, it will be presided over by an IT technician or a whole department of them whose job it is to protect their system and make it secure.  Any software that goes on that server, any website it accesses and anyone using that server potentially threatens its security.  In the IT department’s ideal world, their servers would have no contact with any other computer and no users. This is always their starting point, which is great for them, but terrible for innovative teaching in the twenty-first century.

IT department staff are programmed to say ‘No’ to almost everything, then negotiate from there.  Mostly, their trump card is to say “No! It’s a security issue.” – leaving the poor teacher who asked the question convinced that whatever the request was, it will lead to something terrible happening to their pupils. However, most of the time what the IT gatekeepers actually mean is that what you asked for potentially threatens the security of their computer system, NOT the safety of learners.

The sort of things they worry about are: viruses, worms, bots and phish (The IT equivalent of cold-callers, con-artists and woodworm), whether there will be so much traffic that it will chew up their bandwidth and their system will crash (for instance, if every user was downloading a full length feature film at the same time), spam mail clogging up their server and comments appearing, un-moderated, on sites, unauthorised people hacking into their system, using ways into their server that bypass their firewall (more about this in a minute) and  uploading  programs that cause other things in their system to go awry.  All of these are quite reasonable concerns from an IT perspective but not a lot to do with learner safety – which is where your interest lies.

As an example, take Skype.  A whole lot of IT departments refuse to support Skype – that is, they won’t let teachers download it and they won’t install it either.  This is a great shame because it is a truly wonderful tool in the classroom.  The IT police will tell you it is a ‘security risk’. You will think that your learners will be at risk and back off.  What they really mean is that Skype (which runs on the internet but not the web) uses a different ‘port’ on the computer that is their server and this has implications for how their server is configured, how their firewall is set up and so on. They are also worried that every learner in every school will want to send emails or have Skype conversations at precisely the same time and their whole system will go into meltdown. Again, not really your problem.

There has been a debate running for years about whether Skype actually does have security risks and the general conclusion is that it doesn’t.  However, that argument does not concern you – from a teacher’s perspective it is completely safe. Most schools will probably just use a few Skype addresses or, at most, have one for each class. The only person using that address will be the teacher.  Random callers on Skype are few and far between and all have to be ‘accepted’ before they can call or leave a message – neither of which will be seen by children anyway.

Apart from disallowing particular applications, IT departments also create firewalls that dictate websites you are allowed to see and those that are banned because the content might be undesirable.   Sometimes this ‘decision’ is made automatically by the installation of software that detects, for example, images, which have over a certain percentage of flesh tones, or sites that contain certain words  (our colleagues working in ADULT Education are driven crazy by this). Sometimes the decision is made by people working in the IT department who work on the principle of allowing access to as few sites as possible and then adding others on request.  This is tantamount to frisking teachers on their way into school every day to make sure that the paper based material in their briefcases is, in their opinion, suitable.

Whilst this approach may appear to keep learners ‘safe’ it does have its own dangers, such as preventing children from learning by blocking them and their teachers from innovative teaching and learning opportunities. It also stops children from learning about the dangers – and cases of children falling foul to online dangers out of sheer ignorance are appearing with alarming regularity on the news, in the press and, ironically, on line.

Make a stand – what learners may or may not have access to should depend on the professional judgement of the teacher.  Having your lesson sabotaged because the firewall objected to Botticelli‘s Venus having no clothes or not being able to show pictures of a pregnant woman’s stomach as part of your carefully prepared health education talk is really unacceptable. (By the way, both of these examples actually happened!) We’ve all heard people say, smugly, “Even if there is only a tiny risk it’s not worth it!” But experience has shown time and time again that the greatest risk to children’s safety is ignorance – not recognising danger, not knowing how to avoid it or not being equipped to deal with it before it escalates.

So, if ‘security’ is mainly about computer systems, what are properly the concerns of the teacher?  As we said above, we have broken these down into ‘Safety’, ‘Privacy’ and ‘Protection’.  This is not a particularly technical breakdown and other people might not make the same distinction but we think it’s useful.

This post is also available in: Dutch, German, Italian, Spanish, Portuguese (Portugal), Romanian

One Response to “Security”

  1. Hendrik Claessens January 24, 2014 at 07:55 #

    Security in schools has always been a big issue mainly because the problem has not always been defined. We still believe that the computer must do anything everywhere at all times. On the other hand we are convinced that what we are doing by ourselves is always done better.
    The first issue is the server. In this fast moving world it is a myth that security can be handled by one person, even by a group of informatics in a school. We have, as a school, to admit that synergy can only achieved when working with companies who offer those services on a large scale.
    Why do computers have always to be connected to the internet? A lot of applications do not need this possibility.
    So in my view the department of informatics in a school must be focused on organizational issues not on security. It has to handle the problems of what computer can do what on what time by whom => as the four Wheels of a car.
    In doing so we will smoothly go forward.

Leave a Reply

This blog is kept spam free by WP-SpamFree.