Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.
Be CyberSMART! Addressing Safe and Appropriate Technology Use in Northside Administrator Institute  July 26, 2006   Kelly ...
Ripped from Recent Headlines! <ul><li>Students behind grade changing </li></ul><ul><li>Employee fired for data breach at h...
CyberSMART Principles   <ul><li>S     =  Security </li></ul><ul><li>M   =  Manners </li></ul><ul><li>A     =  Acceptable U...
Scenarios for Discussion ( print version ) ( print version ) Classroom Scenario <ul><li>What kind of issues does Mr. Carte...
S = Security M   =  Manners A     =  Acceptable Use R     =  Responsibility T     =  Training
Security:  Why Worry? <ul><li>Security breaches can compromise: </li></ul><ul><ul><li>student and staff safety and vulnera...
Security:  Why Now? <ul><li>NISD is a “digital school district” </li></ul><ul><ul><li>Data-driven, information-rich, “open...
Security:  Your Role <ul><li>Understand the risks </li></ul><ul><li>Understand the policies </li></ul><ul><li>Make securit...
Passwords and Security
Passwords and Security <ul><li>Passwords can be the weakest link or strongest defense in our data and network security ars...
Passwords and Security <ul><li>Why so many passwords?!? </li></ul><ul><ul><li>Life online  means living with--and managing...
Protect that Data! <ul><li>Data on mobile equipment (e.g., flash drives, laptops, PDAs) – exercise extreme caution! (TEC-1...
Student Safety <ul><li>Internet filtering in place – see online document for more information (CQ Legal & Local, TEC-01) <...
S     =  Security M = Manners A     =  Acceptable Use R     =  Responsibility T     =  Training
Effective E-mail Netiquette Source:  TEC-08 DISTRICT E-MAIL USAGE REGULATION   <ul><li>Treat all electronic messages the s...
Effective E-mail Netiquette Source:  TEC-08 DISTRICT E-MAIL USAGE REGULATION   <ul><li>Include the most important fact / i...
Discussion Break Let’s discuss those scenarios! Great idea! What do you think about Mr. Carter?
S     =  Security M   =  Manners A = Acceptable Use R     =  Responsibility T     =  Training
<ul><li>Digital Citizenship  = The expected standard of behavior with regard to technology use  </li></ul><ul><li>We shoul...
Digital Citizenship at Work: Principle #1 <ul><li>Access to all District technology is made available to employees  primar...
Digital Citizenship at Work: Principle #2 <ul><li>Employees are  responsible at all times for their use  of the District’s...
<ul><li>There are  consequences for NOT being a good digital citizen  (i.e. violating acceptable use policies) </li></ul><...
E-mail Acceptable Use
<ul><li>Do not send or forward e-mail messages or images that are abusive, obscene, pornographic, sexually oriented, threa...
<ul><li>Do not send or forward chain e-mail messages or images.  </li></ul><ul><li>Use the e-mail system’s proxy capabilit...
<ul><li>Open e-mail on a regular basis (at least daily, if possible) </li></ul><ul><ul><li>delete unneeded items </li></ul...
<ul><li>E-mail messages, created or received in the transaction of official Northside Independent School District business...
S     =  Security M   =  Manners A  =  Acceptable Use R = Responsibility T     =  Training
<ul><li>Increased electronic systems    increased access to data (i.e., “open” environment)  </li></ul><ul><li>Confidenti...
Know the Acceptable Use District Policies & Regs  <ul><li>CQ Legal and Local, TEC series </li></ul><ul><li>Other important...
Educate Others  <ul><li>Provide acceptable use training for all  staff and students  under your supervision </li></ul><ul>...
Report Incidents / Violations  <ul><li>Treat all acceptable use incidents / violations seriously and report them as approp...
Manage the Paperwork <ul><li>Collect and manage student acceptable use agreement forms promptly  </li></ul><ul><li>Ensure ...
S     =  Security M   =  Manners A  =  Acceptable Use R  =  Responsibility T = Training
Online Acceptable Use Class <ul><li>Available  to all employees  </li></ul><ul><li>Required  for all new employees with ac...
Discussion Break Let’s discuss those scenarios! Great idea! What are some important points?
Classroom Scenario Points  <ul><li>Monitor students when using computers (gum, software installation, flash drives) </li><...
Office Scenario Points  <ul><li>Don’t use others’ passwords (access to certain applications such as Winocular must be limi...
Be CyberSMART! Addressing Safe and Appropriate Technology Use in Northside Administrator Institute  July 26, 2006   Kelly ...
Upcoming SlideShare
Loading in …5
×

Cybersmart

1,850 views

Published on

  • Be the first to comment

  • Be the first to like this

Cybersmart

  1. 1. Be CyberSMART! Addressing Safe and Appropriate Technology Use in Northside Administrator Institute July 26, 2006 Kelly Smith Assistant Superintendent for Technology Services
  2. 2. Ripped from Recent Headlines! <ul><li>Students behind grade changing </li></ul><ul><li>Employee fired for data breach at health care facility </li></ul><ul><li>Teen who hacked into school files takes deal </li></ul><ul><li>Consultant hacks way into FBIs computers; even director's password was obtained </li></ul><ul><li>Identity theft victims tell of job loss, red tape that follows when someone assumes your ID, spends in your name </li></ul><ul><li>Tipster leads FBI to laptop loaded with veterans' files; personal data on the stolen device apparently wasn't accessed, VA told </li></ul><ul><li>Franklin schools chief suspended for 4 days: further action possible after complaint about e-mails </li></ul><ul><li>Teacher charged with corrupting minors; allegedly had sex with a student in his truck and sent explicit e-mails to another </li></ul><ul><li>Arrest sought after fight; police pursue a warrant linked to a fight shown on myspace.com </li></ul><ul><li>Tougher laws urged for web predators; AG expresses concerns about repeat offenders who solicit minors </li></ul><ul><li>Employee fired over blog; private blog wasn't; man fired for blasting boss </li></ul>
  3. 3. CyberSMART Principles   <ul><li>S = Security </li></ul><ul><li>M = Manners </li></ul><ul><li>A = Acceptable Use </li></ul><ul><li>R = Responsibility </li></ul><ul><li>T = Training </li></ul>
  4. 4. Scenarios for Discussion ( print version ) ( print version ) Classroom Scenario <ul><li>What kind of issues does Mr. Carter need to be aware of regarding safe and acceptable use of technology in the classroom? </li></ul><ul><li>As a CyberSMART teacher, what kinds of things can Mr. Carter do to protect himself and his data? </li></ul><ul><li>How can Mr. Carter address the parent's fear of pornography? What should he tell his students to do if they accidentally encounter it? </li></ul><ul><li>What are some specific actions Mr. Carter could / should take to address what has happened? </li></ul><ul><li>What kind of penalties should students face for misuse of school technology? </li></ul>Office Scenario <ul><li>What kind of issues does Ms. Gates need to be aware of regarding safe and acceptable use of technology in the workplace? </li></ul><ul><li>As a CyberSMART employee, what kinds of things can Ms. Gates do to protect herself and her data? </li></ul><ul><li>What options are there for the Winocular and Groupwise situations? </li></ul><ul><li>What are some specific actions Ms. Gates could / should take to address what has happened? </li></ul><ul><li>Has Ms. Gates done anything wrong for which she could be reprimanded or fired? </li></ul>
  5. 5. S = Security M = Manners A = Acceptable Use R = Responsibility T = Training
  6. 6. Security: Why Worry? <ul><li>Security breaches can compromise: </li></ul><ul><ul><li>student and staff safety and vulnerability </li></ul></ul><ul><ul><li>the district’s ability to function </li></ul></ul><ul><ul><li>public support and legitimacy </li></ul></ul><ul><ul><li>liability </li></ul></ul>
  7. 7. Security: Why Now? <ul><li>NISD is a “digital school district” </li></ul><ul><ul><li>Data-driven, information-rich, “open” environment </li></ul></ul><ul><ul><li>Inviting target for hackers of all kinds, even students! </li></ul></ul>
  8. 8. Security: Your Role <ul><li>Understand the risks </li></ul><ul><li>Understand the policies </li></ul><ul><li>Make security a high priority – be proactive! </li></ul><ul><li>Educate employees and students </li></ul><ul><li>Treat all security incidents / violations seriously and report them promptly </li></ul><ul><ul><li>Students  Technology Services </li></ul></ul><ul><ul><li>Staff  Human Resources </li></ul></ul>
  9. 9. Passwords and Security
  10. 10. Passwords and Security <ul><li>Passwords can be the weakest link or strongest defense in our data and network security arsenal </li></ul><ul><li>Choose strong passwords (TEC-02) </li></ul><ul><li>Don’t share passwords (TEC-01, TEC-02) </li></ul><ul><li>Change passwords frequently, at least every 120 days (TEC-01) </li></ul><ul><li>Password protect mobile devices, too! (e.g., flash drives, laptops, PDAs, etc.) (TEC-10) </li></ul>
  11. 11. Passwords and Security <ul><li>Why so many passwords?!? </li></ul><ul><ul><li>Life online means living with--and managing -passwords (work, bank, personal e-mail, online newspaper, shopping, etc.). </li></ul></ul><ul><ul><li>Using the same password for multiple sites and applications compounds the likelihood that someone will take control of your accounts! </li></ul></ul><ul><ul><li>If you record your passwords, recognize that there is truly no safe location to store passwords. One idea : an encrypted password-protected Word or Excel file (Tools > Options > Security) </li></ul></ul><ul><li>Technology Services is working to “synchronize” NISD user-IDs and passwords, where possible. The vision  one user-id and password to access many different systems at work </li></ul>
  12. 12. Protect that Data! <ul><li>Data on mobile equipment (e.g., flash drives, laptops, PDAs) – exercise extreme caution! (TEC-10) </li></ul><ul><li>Physical security, especially for mobile equipment (TEC-10, PUR-03) </li></ul><ul><li>Lock workstation (TEC-02) </li></ul><ul><li>Be wary! </li></ul><ul><ul><li>Keyloggers </li></ul></ul><ul><ul><li>Dumpster diving </li></ul></ul><ul><ul><li>Phishing </li></ul></ul><ul><ul><li>Social engineering / pre-texting </li></ul></ul>
  13. 13. Student Safety <ul><li>Internet filtering in place – see online document for more information (CQ Legal & Local, TEC-01) </li></ul><ul><li>Employees with students under their supervision must educate them about safety and security issues and actively monitor them! (CQ Legal & Local, TEC-01) </li></ul><ul><li>Social networking websites may put students at risk for exploitation and harm (e.g., MySpace, Xanga) </li></ul><ul><ul><li>Visit NISD Web Warning website </li></ul></ul>
  14. 14. S = Security M = Manners A = Acceptable Use R = Responsibility T = Training
  15. 15. Effective E-mail Netiquette Source: TEC-08 DISTRICT E-MAIL USAGE REGULATION <ul><li>Treat all electronic messages the same as written, hard copy communications in regard to decency, courtesy, and openness </li></ul><ul><li>Be professional and exercise good taste! </li></ul><ul><li>Avoid misunderstandings – remember electronic text is devoid of any context clues which convey shades of irony, sarcasm, or harmless humor </li></ul><ul><li>Make subject headings as descriptive as possible </li></ul><ul><li>Restate the question or issue being addressed or include the original message in your response </li></ul>
  16. 16. Effective E-mail Netiquette Source: TEC-08 DISTRICT E-MAIL USAGE REGULATION <ul><li>Include the most important fact / idea / issue first or very near the top of the message </li></ul><ul><li>Proofread / edit each message and use the system’s spell check prior to sending a message </li></ul><ul><li>Check the facts in your message before sending it; do not spread rumors via e-mail </li></ul><ul><li>Think twice before CC’ing and forwarding (privacy issues, need to know, inbox clutter, etc.) </li></ul><ul><li>Remember the human – don’t hide behind e-mail (or voicemail)! </li></ul>
  17. 17. Discussion Break Let’s discuss those scenarios! Great idea! What do you think about Mr. Carter?
  18. 18. S = Security M = Manners A = Acceptable Use R = Responsibility T = Training
  19. 19. <ul><li>Digital Citizenship = The expected standard of behavior with regard to technology use </li></ul><ul><li>We should all teach, model, and expect exemplary digital citizenship! </li></ul>Acceptable Use: AKA “Digital Citizenship”
  20. 20. Digital Citizenship at Work: Principle #1 <ul><li>Access to all District technology is made available to employees primarily for instructional and administrative purposes in accordance with Board Policies and District Administrative Regulations. </li></ul>
  21. 21. Digital Citizenship at Work: Principle #2 <ul><li>Employees are responsible at all times for their use of the District’s electronic communications system and must assume personal responsibility to behave ethically and responsibly, even when technology provides them the freedom to do otherwise. </li></ul>
  22. 22. <ul><li>There are consequences for NOT being a good digital citizen (i.e. violating acceptable use policies) </li></ul><ul><ul><li>Access to technology denied </li></ul></ul><ul><ul><li>Reprimand </li></ul></ul><ul><ul><li>Termination </li></ul></ul><ul><ul><li>Legal action </li></ul></ul>Digital Citizenship at Work: Principle #3 System use is electronically monitored.
  23. 23. E-mail Acceptable Use
  24. 24. <ul><li>Do not send or forward e-mail messages or images that are abusive, obscene, pornographic, sexually oriented, threatening, harassing, damaging to another’s reputation, or illegal. </li></ul><ul><li>Users may not send or forward any e-mail messages that are for personal-profit use. </li></ul><ul><li>District-wide e-mail broadcasts must be approved by the Executive Director of Communications. ( Use the BC field .) </li></ul><ul><li>Campus/site-wide e-mail broadcasts must be approved by the campus Principal/Site Administrator. </li></ul>E-mail Acceptable Use Source: TEC-08 DISTRICT E-MAIL USAGE REGULATION
  25. 25. <ul><li>Do not send or forward chain e-mail messages or images. </li></ul><ul><li>Use the e-mail system’s proxy capabilities whenever out for extended periods of time only if someone needs access to your e-mail. The Helpdesk can provide assistance. </li></ul><ul><li>Send e-mail to appropriate (i.e. need to know) parties only. </li></ul>E-mail Acceptable Use Source: TEC-08 DISTRICT E-MAIL USAGE REGULATION
  26. 26. <ul><li>Open e-mail on a regular basis (at least daily, if possible) </li></ul><ul><ul><li>delete unneeded items </li></ul></ul><ul><ul><li>file items needed for future reference appropriately to prevent filling up your mailbox </li></ul></ul><ul><li>Refrain from storing attachments in the mailbox (i.e. spreadsheets, slide shows, documents, pictures, etc.) </li></ul><ul><ul><li>Attachments should be saved to your network home directory, hard drive, or external storage media </li></ul></ul><ul><li>Comply with mailbox size limits, as determined by the District due to technical requirements </li></ul><ul><li>Do not waste mail system resources (i.e., spamming, distribution of videos or photos, etc.) </li></ul>E-mail Acceptable Use Source: TEC-08 DISTRICT E-MAIL USAGE REGULATION
  27. 27. <ul><li>E-mail messages, created or received in the transaction of official Northside Independent School District business, can be categorized as public records based on the content and topic of the message, and therefore are subject to Texas Public Information Act </li></ul><ul><li>Each user is individually responsible for maintaining the public accessibility of his/her own incoming and outgoing e-mail messages as required by law (See http://www.nisd.net/its/records ) </li></ul><ul><li>Another reason to “be professional” in e-mail correspondence! </li></ul>E-mail as a Public Record Source: TEC-09 DISTRICT E-MAIL RETENTION REGULATION
  28. 28. S = Security M = Manners A = Acceptable Use R = Responsibility T = Training
  29. 29. <ul><li>Increased electronic systems  increased access to data (i.e., “open” environment) </li></ul><ul><li>Confidentiality of data is addressed in FL (Legal) Student Records and DH (Exhibit) Employee Standards of Conduct </li></ul><ul><li>An employee shall not reveal confidential information concerning students or colleagues unless disclosure serves lawful professional purposes or is required by law </li></ul><ul><li>Avoid sending e-mail to colleagues or parents that contain personally identifiable information about students </li></ul>Model and Emphasize Data Confidentiality
  30. 30. Know the Acceptable Use District Policies & Regs <ul><li>CQ Legal and Local, TEC series </li></ul><ul><li>Other important topics </li></ul><ul><ul><li>Copyright </li></ul></ul><ul><ul><li>Campus, classroom/teacher, extra-curricular and student websites </li></ul></ul><ul><ul><li>Personal hardware and software </li></ul></ul>
  31. 31. Educate Others <ul><li>Provide acceptable use training for all staff and students under your supervision </li></ul><ul><li>Enlist the help of your campus technologists, technology teachers, librarian, & district technology trainers </li></ul><ul><li>Lots of great NISD-developed resources are available online </li></ul><ul><li>Promote and model Digital Citizenship! </li></ul>
  32. 32. Report Incidents / Violations <ul><li>Treat all acceptable use incidents / violations seriously and report them as appropriate </li></ul><ul><ul><li>Staff  Human Resources </li></ul></ul><ul><ul><li>Students  Technology Services </li></ul></ul><ul><li>Administer consistent consequences, especially for students’ inappropriate use </li></ul>
  33. 33. Manage the Paperwork <ul><li>Collect and manage student acceptable use agreement forms promptly </li></ul><ul><li>Ensure that the AUP data is entered into the Region 20 student system by September 1, 2006 (10 days after the first day of school) </li></ul><ul><ul><li>Direct your Library Assistants to help the Attendance Secretaries perform the AUP data entry at middle schools and high schools (optional at the elementary schools) </li></ul></ul><ul><ul><li>AUP data is automatically “pushed” nightly to populate several other systems </li></ul></ul><ul><li>Professional and classified staff will acknowledge and agree to acceptable use online, with the online handbook process. Auxiliary staff will complete and submit the paper form to their supervisor. </li></ul>
  34. 34. S = Security M = Manners A = Acceptable Use R = Responsibility T = Training
  35. 35. Online Acceptable Use Class <ul><li>Available to all employees </li></ul><ul><li>Required for all new employees with access to technology, within 3 weeks of employment </li></ul><ul><li>Online, takes 45 minutes to complete </li></ul><ul><li>All users will receive an e-mail in August with specific instructions </li></ul><ul><li>Online course completion will be tracked and reported in ERO (Electronic Registration Online) </li></ul>
  36. 36. Discussion Break Let’s discuss those scenarios! Great idea! What are some important points?
  37. 37. Classroom Scenario Points <ul><li>Monitor students when using computers (gum, software installation, flash drives) </li></ul><ul><li>Be aware of keyloggers and safeguarding password (grades). Change password; report it. </li></ul><ul><li>Don’t e-mail IEPs (wrong recipient; confidentiality) </li></ul><ul><li>Be able to explain how Internet filtering works in NISD; if inappropriate material is viewed accidentally – move on immediately and tell teacher </li></ul><ul><li>Refer student and parent to Web Warning; counsel student </li></ul><ul><li>Harassing e-mail – forward to [email_address] and report it to supervisor </li></ul><ul><li>Follow Student Code of Conduct for students who violate AUP </li></ul><ul><ul><li>more serious examples: cyberbullying; hacking and other malicious activity; purposely accessing materials that are abusive, obscene, sexually oriented; proxy avoidance </li></ul></ul><ul><ul><li>less serious example: non-school related Internet use </li></ul></ul>
  38. 38. Office Scenario Points <ul><li>Don’t use others’ passwords (access to certain applications such as Winocular must be limited to administrators/supervisors) </li></ul><ul><li>Be professional in e-mail correspondence (Hr policy situation) </li></ul><ul><li>Report acceptable use violations to supervisor (co-worker wasting time and resources – maybe it is business related) </li></ul><ul><li>Don’t respond to the phishing scam; forward message to [email_address] </li></ul><ul><li>Do not forward jokes; could be offensive; waste resources </li></ul><ul><li>Keep laptop physically secure; encrypt data </li></ul><ul><li>Don’t share GroupWise password; grant proxy if you want someone else to keep up with your messages </li></ul>
  39. 39. Be CyberSMART! Addressing Safe and Appropriate Technology Use in Northside Administrator Institute July 26, 2006 Kelly Smith Assistant Superintendent for Technology Services

×