"When implemented effectively, technology can make teachers’ jobs easier."
But with any new way of working comes fears. From bring-your-own-device policies, where students can take personal laptops and mobiles into the classroom, to school management platforms which store economic, administrative and personal data – concerns about privacy and security can be very real and pressing.
I’ve spent more than a decade working with schools to implement technology in a safe and secure way. During that time it’s become clear that the benefits far outweigh the risks - when implemented effectively, technology can make teachers’ jobs easier. However, if schools are inhibited by security fears, then technology may be bought but not used – being seen as cumbersome and difficult to manage or even just a wasted expense.
Along the way, I’ve found that there are some very basic steps that schools can take to ensure that they’re using classroom technology in a safe and secure way. Here are my top three considerations if you’re looking at virtual or online technologies for your own school.
1. Choose the right partner
A VLE, or any online learning tool, should be a service that is adaptable, safe and can evolve within an agile ICT environment. If it’s actually a burden or a security risk, then it’s not doing its job. I believe that reassurance is required from the outset. Schools need to know that they’re working with technology partners that can keep them protected from reliability or security issues.
Put simply, cloud computing or managed services are appealing because you’re not security experts. And while managed services can simplify your IT operations, because external companies take care of the day-to-day running of various parts of your network, you must trust your technology partners absolutely. When outages in service are no longer within your own ability to fix, or data leakages aren’t within your remit to control, then trust is paramount. When selecting a partner, ask those tricky questions about redundancy, uptime and reliability – and make sure that you know they have robust disaster recovery procedures in place should the worst happen.
2. Get the basics right
It sounds basic, but start by thinking about access. Access to information stored in a VLE should be limited to authorised staff, students, governors and PTAs, and a password policy should be enforced so that strong passwords must be used. These should be changed at regular intervals.
"It’s important to remember that responsibility must be shared across the entire school."
It’s crucial that user privileges (for teaching staff, administrative staff and pupils) are set appropriately so all users can access the facilities they require while minimising the potential for deliberate or accidental misuse of the network.
And the same goes for accessing these systems from home. Approaches like the flipped classroom revolve around the principle that learning should be done any time, any place. But in return for such freedom, schools must vigorously encourage parents to support the school’s computer security policy at home.
Furthermore, a school must make sure that all users, staff and pupils understand their e-security obligations and responsibilities through appropriate user education and training. Keeping up-to-date with training, education and policies is vital. As is an open approach to data collection and storage. It’s a school’s responsibility to tell all interested stakeholders about how they keep, store and share information on students and staff. Make sure policies are up to date and properly shared.
3. Assign responsibility – and keep it logged
Many schools I’ve worked with are lucky enough to have an IT manager who can dedicate their time to making sure systems are working effectively and securely. But it’s important to remember that responsibility must be shared across the entire institution to make sure that networks are kept safe and secure. Schools must ensure the importance of and responsibilities for maintaining e-security are acknowledged by everyone from class teachers to senior school managers and governors that any Acceptable Use Policy (AUP) for IT is up-to-date and addresses online security sufficiently.
In addition to this and above-and-beyond online services like a VLE, schools must keep and maintain inventories of all hardware and software used in school that also describe how these are to be configured, reviewed and kept up-to-date. It is strongly advisable to lock down the configurations of all hardware and software to prevent intentional or accidental misuse. In short – be organised and stay organised.
There’s a lot more I can say about security in schools, and tips and tricks for making sure you’re using technology safely. But really and simply, it’s about being organised, considered and making sure that security is seen as critically important right across your institution. Get the basics right and you’ll be free to enjoy the real benefits of the technology you buy.
How do you handle e-safety in your school? Let us know below.