Tag:

security

New Cybersecurity Resources for School Administrators

by Lori Gracey July 1, 2024

written by Lori Gracey

The National Initiative for Cybersecurity Careers and Studies (NICCS) has released some new, free resources for school district leaders who are charged with overseeing cybersecurity. In a recent study, cybersecurity remains the biggest concern among district ed tech leaders, with nearly all 981 survey respondents reporting that they are working to improve protections. The new resources from NICCS can help.

Cybersecurity Resources Available

The first step in securing your district’s data is to assess your current security level. The website offers an online assessment that that will recommend the improvements you need to make to improve safety and security within your school community. You can access the free tool here.

Once you’ve identified any security issues, you can begin to address them using the many resources that NICCS has collected. These include:

Of course, these steps are best supported by offering ongoing training for staff. The NICCS website lists a number of free and low-cost cybersecurity training options. (You should also consider having your staff complete the TCEA online course Network Security to help protect both their own and district data.) The site also provides information on how best to report incidents within your district if the worst does happen. Finally, NICCS offers a number lesson plans for K-12 educators who want to include cybersecurity in their teaching.

The website is one you should bookmark and use frequently as you lead your district in being safe from cybersecurity attacks.

July 1, 2024 0 comment

Chromebooks CTO/CIO Cybersecurity Digital Citizenship Google Tips and Tricks

Update Your Browser Now: Seven Tips for Securing Google Chrome

by Miguel Guhlin August 22, 2022

written by Miguel Guhlin

“Update now! Multiple vulnerabilities patched in Google Chrome.” It’s a headline that you encounter with surprising regularity. Here are a few more from May to July 2022. Each is sure to chill any IT Director’s heart:

Let’s explore some steps you can take to avoid Google Chrome issues and keep your browser secure.

Did You Know?
In August, 2022, a new Gmail attack was announced that exploits Google Chrome and Microsoft Edge browsers. “SHARPEXT is a malicious browser extension,” reports Volexity.com. The threat? It can bypass two-factor or multi-factor authentication on Gmail. This means that even if you do have two-factor authentication, your Gmail may be accessed by nefarious individuals seeking to steal your data. Follow the suggestions in this blog entry to avoid SHARPEXT.

Use a Secure, Chromium Alternative

Want to keep working in the Chromium ecosystem but are worried about the headlines? Then consider getting one of the following Chromium-based browsers that are hardened for security:

You might also try Microsoft Edge as an alternative browser. It supports the Chrome web store but enjoys Microsoft’s ongoing support. Of course, Google will tell you to use Chrome, and Microsoft will say browse securely with Edge, but it’s up to you to choose.

If you would rather not deal with Chrome/Chromium browsers at all, then consider Firefox. These Firefox-based browsers get the job done and enjoy increased security:

For the best compatibility with websites, Firefox works great while safeguarding your privacy. If you need more intensive protection, get Firefox Focus. Both work on mobile devices, too. Of course, LibreWolf offers even more stringent protection on the desktop.

What’s the main problem with Google Chrome that these alternate browsers address? A wide variety of permissions and settings set to “open” or “allow.” It’s like leaving the doors and windows of your domicile open when there are criminals around.

Let’s see how you can secure Google Chrome, especially if you have to use it for work purposes.

Securing Google Chrome

A Google Chrome browser design flaw could allow malicious websites to record audio or video. This could occcur without alerting the user. The user would not get any visual sign that they are being spied on. (Source: The Hacker News, 2017)

Here is a list of suggestions that Zaafir (@zaafirsalam) provides, and I’ve shared a video or image with each one. Let’s explore each one at a time.

Tip #1: Set Site Permissions

Google Chrome may be set to allow access to your location, camera, and/or microphone. To limit what Chrome makes available to websites you visit, follow these instructions:

Go to Settings in Chrome.
Select Privacy and Security.
Click Site Settings.
Disable access for location, camera, and microphone.

Here’s a no-audio video walkthrough on how to do that:

Tip #2: Secure DNS and Connections

A lot of websites fail to secure their connections with your browser. That is, they allow connections that enable malicious folks to steal your password. Think of it as writing your bank account and password on a postcard. It’s not the best way to send confidential information.

Google’s Chrome browser allows both secure and insecure connections. You can restrict that by follow these steps:

Tip #3: Restrict Pop-Ups and Redirects

Ever visited the wrong website by accident? If the site is malicious, it may attempt to open countless pop-up windows. These will open up faster than you can close them. A malicious site may also redirect you to a series of inappropriate websites. Combined with unstoppable pop-ups, you may find yourself a long ways away from where you began.

Only allow pop-up windows for sites you trust. Here’s how you can restrict pop-ups and redirects in your Site Settings.

Note that you can allow specific, or custom, websites to send you pop-ups that are allowed. This can be handy on government and education websites that require pop-ups.

Tip #4: Disable Third-Party Cookies

As you may know, cookies are bits of code that store information about your internet use in your browser. Worse, these cookies can track you across websites. Websites like Facebook use these cookies to track your interests. Then, based on your interests, deliver tailored advertisements. Do a search on baby formula, you will soon see advertisements for diapers and baby stuff.

Here’s how you can disable third-party cookies via your Privacy and Security Settings:

Tip #5: Enable Enhanced Protection

You can turn on an additional layer of protection. The purpose of enhanced protection is to provide more protection. What’s more, it enables you as the user to flag suspicious content to Google. This helps everyone reduce the risks of malware spreading to others.

Here’s how you can turn it on:

Tip #6: Stop Background Apps

Wondering why your computer is running slow? It may be that Google Chrome is taking up memory. This happens even when you’ve “closed” Chrome. It’s closed for you, but Chrome continues to work in the background of your computer. It uses up valuable resources other programs may need. Turn it off completely.

To do that, go to System in the Settings and turn off “Continue running background apps.”

Tip #7: Conduct a Safety Check

Want to conduct a safety check? Access your Settings, looking for Privacy and Security. Select “Check now” to run a safety check on your browser.

Ensuring Browser Security

If you want to avoid making these changes, consider using one of the alternative browsers. They are already locked down. Keep a browser like Firefox or Chrome around. Use them only for legitimate websites that need a less restrictive experience.

Also, consider using these browser add-ons that allow you to turn security on or off as needed per website:

Finally, consider using a Virtual Private Network (VPN) when using the web at home or on the go (work environments may restrict their use). Let me know how your browsing experience changes for the better.

Feature Image Search

Photo by Amol Tyagi on Unsplash

August 22, 2022 1 comment

Announcements/Important Dates CTO/CIO Professional Learning

Technology Leadership Summit: Solutions for Your District

by Kristy Breaux October 30, 2019

written by Kristy Breaux

The expertise and leadership of chief technology officers and other district leaders is invaluable in today’s schools. Front-line educators, students, parents, community members, and administrators throughout your district rely on you to build and sustain the best systems in order to make the most of the technology you have. Not to mention, you have an imperative to acquire quality resources at the best price

Reach New Heights at the Technology Leadership Summit

At TCEA, we value that work, and we want to connect you to the most effective practices, tools, and programs to keep your schools secure and successful. We want to help make your job a little easier so that you can focus on the true needs of your stakeholders.

Join other leaders in similar positions for an invaluable learning opportunity, the 2019 Technology Leadership Summit, December 13, at TCEA headquarters in Austin, Texas. You’ll discover new ideas, trends, contingency plans, and resources suited to all of the many roles you have to fill each day.

Intrigued? This event will cover a wide range of far-reaching topics, including (but not limited to) asset management, disaster recovery and business continuity, strategic tech planning, LMS, student information systems, open educational resources, mobile device management, leased versus purchased equipment, and network infrastructure planning.

The Details

Because TCEA believes that this event can provide valuable and critical information to school leaders, registration is complimentary for district technology administrators in the role of coordinator, director, CIO, or CTO. Others may attend and register at the cost of $125. Lunch is provided so that you can network with other leaders and continue the learning.

You can find all the details about this important leadership event and register here. Once you’re ready, you can also register yourself (and your team!). Get the information and resources you need to move your district forward.

October 30, 2019 0 comment

Google Tips and Tricks Microsoft Tips and Tricks Technical Support

TCEA Responds: Google and Student Data

by Miguel Guhlin August 10, 2019

written by Miguel Guhlin

Dear TCEA Responds:

I’m reaching out to you with a question on Google and student data. In your opinion, how safe are we with sharing student names and assessment data on Google? We have a strict policy of not sharing student PEIMS data, but are we safe to assume we can save student names and assessment info?

-Jill

Dear Jill:

As you may know, G Suite for Education employs a higher level of security than the consumer version of Google Suite. Google employs encryption to protect your data while it is stored on their cloud servers. On that count, it is unlikely that your data will be breached by G Suite EDU. However, should a user’s account be compromised (e.g. a successful phishing attack is one common approach), then access to any data stored in the cloud would be in danger.

Two-Step Verification

That is why ensuring you have two-factor authentication (a.k.a. two-step verification) in place is so important. Even in the face of a successful phishing attack, no one would be able to get access to the shared data. Without that in place, it is best to encrypt files or data stored in Google Drive. This, of course, would defeat the convenience G Suite EDU provides. So, I STRONGLY recommend putting two-factor authentication in place.

Encryption

If you have Word or Excel files that will need to be stored in encrypted form in Google Drive, but have no need for others to work on it, then you can use a free cross-platform solution like Cryptomator. If you intend to share a Google Sheet with student names and info, then you are far better off considering two-step verification to protect account login/password and then using G Suite EDU. A solution like SysCloud offers on-the-fly encryption.

Shared Drive Settings

Another key point to keep in mind is that G Suite EDU makes it easy for end users to SHARE data for collaboration purposes. Improper SHARING approaches (e.g. sharing a file/folder to anyone with the link and public on the web) can put sensitive data at risk without any nefarious intent from anyone. Putting confidential data in a SHARED DRIVE (Team Drive) would make it viewable and accessible by all who have been granted rights to that shared drive.

A Response

To respond to your question, you own the data you store on Google and decide how to use it. So long as Google safeguards the data (which it does), then you own the responsibility for protecting it when the only access is via a user account. If you have taken sufficient precautions to protect user account logins/passwords and provided sufficient professional development to staff so they don’t make sharing errors, then there is no reason why you cannot store sensitive data on Google Drive’s encrypted cloud servers.

Did You Know?

TCEA is available to meet your professional development needs. We can provide friendly, education-specific professional learning on cybersecurity and cybersafety that enhances the work of faculty and staff. Reach out via phone at 800-282-8232 or via email to Lori Gracey (lgracey@tcea.org).

Google and Student Data

Protecting student data is even more important today given the many data breaches that have occurred. You must make every reasonable effort to secure student data while maintaining a balance. Fortunately, you need not work alone to accomplish this. Build capacity on your team. You may find the following resources to be of interest.

August 10, 2019 0 comment

Cybersecurity Digital Literacy

Internet Security 101: What Teachers and Students Need to Know

by Guest Blogger April 2, 2019

written by Guest Blogger

As educators, you have a high expectation to provide a quality education for today’s youth. But you know that being an educator means much more than just being a teacher. You’re their mentor, their supporter, and someone they can look up to. Your role is ever-changing.

Over the years, we’ve noticed an increase in threats to both student and teacher safety. One less talked-about threat has caused a serious issue for many schools recently. In 2017, there were 455 reported cybersecurity incidents in the education sector alone, according to Verizon’s data breach survey. This number does not reflect unreported cases of problems such as cyberbullying and identity theft. With the expanding use of technology in classrooms, Internet safety has become an issue —and it’s time we start talking about it.

This article will provide tips to help you encourage safer and more responsible use of the Internet among your students.

Tip #1: Learn Your School’s Policy

The most important step is to familiarize yourself with the policy and regulations that your school has in place. There is likely a section on this topic within your employee handbook or on the district website. If there are resources listed for parents and students, check them out.

Having a strong antivirus program installed and knowing the signs of a phishing attack are some of the best mechanisms to protect your school from a cyber attack.

Ask your administrators the important questions. What disciplinary actions are taken when students or faculty break the rules? Are there materials on Internet safety lessons that are available to you? You should also ensure that your school has proper defense systems in place. Having a strong antivirus program installed and knowing the signs of a phishing attack are some of the best mechanisms to protect your school from a cyber attack.

Tip #2: Incorporate Internet Safety Lessons

Beginning the conversation in the classroom will help encourage responsible use, even outside of school grounds. These conversations need to be had, but limited support exists for teachers. Developing ways to incorporate Internet safety into lessons is often best. Important discussion points include appropriate behavior, protecting their personal information, and chatting responsibly online. There are many sites that offer lesson plans and activities, such as this one from BrainPOP.

Tip #3: Talk About Cyberbullying

It’s hard to always be aware of everything that is happening with your students online. One common issue is cyberbullying. Kids and teens are unfortunately more likely to participate in bullying their peers in an online setting. The Internet can be much more anonymous than face to face. That makes its occurrence more prevalent than traditional bullying. Teaching your children to be kind to one another is the best prevention method. It’s also important to build a relationship of trust with your students. This will help them feel comfortable notifying you when they are being cyberbullied or have witnessed a peer cyberbullying another peer. Be on the lookout for the warning signs by educating yourself.

Tip #4: Protect Your Digital Identity

When it comes to Internet security, children are often most at risk. Because of this, its crucial that they learn to protect their digital identity. The earlier students begin using the Internet, the sooner their digital footprint forms. Over time, a larger profile builds around them which can be revealed with a simple Google search. Future college admissions representatives and employers look into these digital profiles. Students wouldn’t want a simple mistake to hurt their chances of going to their dream school or getting their perfect job. Teach them the importance of being responsible with what they post and knowing how to properly remove anything harmful to their reputation.

Tip #5: Take Your Own Advice

The best way for your advice to resonate is to practice what you preach. Take precautions and protect your devices. When you hear your students talking about the newest craze, whether it’s a social media app or a video game, take the time to research it.

Use strong passwords and create an email address that is more professional than personal. You should also look into the privacy settings on your computer to ensure that you have the right protections enabled.

As an educator, there is a higher need to keep your own information secure. You wouldn’t want your students to access anything that is potentially embarrassing, or information you want to keep private. Use strong passwords and create an email address that is more professional than personal. You should also look into the privacy settings on your computer to ensure that you have the right protections enabled.

Together we can make the Internet a safe, responsible, and fun resource for students to use!

This is a guest blog post by Brent Scott. Brent works in the field of cybersecurity, educating the community on the best ways to protect their digital identity online. His goal is to work with teachers, parents, and educators everywhere to ensure that the Internet is a safe environment for all students to explore.

April 2, 2019 0 comment

Leadership Technical Support

Cyber Liability Insurance

by Fred Smith and Miguel Guhlin March 13, 2019

written by Fred Smith and Miguel Guhlin

Have you read the latest newsflash? School district data breaches are on the rise, and your school district’s Student Information System (SIS) data could be a prime target for hackers. The SIS contains records of minors, representing an unexploited, potential victim. Identity thieves are sharpening their digital knives for the feast. Let’s explore this topic from a cyber liability insurance perspective.

Framing the Discussion

Keep these questions in mind as we step through this relevant topic.

What is cyber liability insurance and how does it work?
Are there any laws about the management of student and employee records?
How susceptible is my school district to a data breach?
How can my district mitigate the risks of a data breach?

What Is Cyber Liability?

Are you looking for an insurance policy designed to manage risks and costs associated with a data breach? Most providers have recognized the growing threat and now offer a policy known as “Cyber Liability Insurance Coverage” or CLIC. Did you know that the average cost of data breach mitigation is $245 per record, which is $45 dollars higher than the worldwide average according to a study by the Ponemon Institute. Ask your school district insurance provider for a rider or enhancement. Learn more about cyber coverage.

What Factors into the Cost of a Data Breach?

This education sector cost takes the following factors into consideration:

Investigation – After a breach, affected parties take several actions. Those actions include a detailed forensic analysis that facilitates identification of three things. The first is how the breach occurred. The second is the number of records affected. The third is how to prevent the breach from happening again. To achieve this, there must be involvement from a third-party security firm and coordination with law enforcement.
Business loss – These are costs associated with data loss recovery, potential district closure, crisis management, and repairing reputation damage.
Privacy and notification – Notifying affected people of a breach can be expensive. You must notify students, parents, staff, and the community. What’s more, credit monitoring may be an extra cost. Those who suffered data loss or theft would typically receive this credit monitoring at no charge to themselves.
Lawsuits and Fines – Your organization will incur legal expenses (e.g. lawsuits, settlements) and possibly regulatory fines. Your district may even have to pay cyber extortion in the case of ransomware.

As mentioned, the cost of legal expenses plays a big part.

Legal Guidance

Did you know you must inform affected parties of a security breach? If a security breach compromises private data, you must say so per the Texas Identity Theft Enforcement and Protection Act. What’s more, you may face fines at $100 per record/per day up to $250,000 per breach.

Need to know more about the law? Read TASB’s compilation of legal information. The Texas Association of School Boards dealt with their own breach back in the summer of 2017 when they exposed sensitive the data of thousands of teachers through their public-facing website. Also explore Texas Data Breach Law.

Assess Your Organization’s Risk Level

No school district wants to place their sensitive data at risk. Here are a few guidelines to aid in the determination of your risk level. What’s more, they will help you identify areas where you may be more vulnerable.

The Attack Vectors

“Attack vector is a path or means through which a hacker gains access to your digital content,” says Amit Kumar Sharma. Here are potential school district attack vectors:

The Student Information System (SIS). This can include systems such as TxEIS or Skyward.
Public Education Information Management System (PEIMS) data stored in your business applications. It resides along with your business applications.
People who work with sensitive data. Each person (e.g. PEIMS coordinators, IT/HR personnel) that handles sensitive data may inadvertently expose it.
Website security protocols and certificates (e.g. outdated Secure Socket Layer (SSL), sFTP)
Offsite placement of sensitive data (e.g. third party vendor)
Unsecured employee email and/or cloud storage

Cyber liability insurance providers need to know you have secured data. They may ask questions such as the following:

If personnel are handling data, are they encrypting it?
Are you accessing confidential data over an insecure connection from a remote location?
How are you sending sensitive data via email, if at all?
Do staff know to not place unencrypted data on USB flash drives for transport?

On August 12, 2016, the largest school district in San Antonio, Texas suffered a data breach. The breach affected almost twenty-three thousand students and faculty. As mentioned above, an unauthorized individual gained entry via an employee email account.

Tips to Protect Against a Breach

Here are some tips to keep in mind:

Never share passwords, period
Enable and use two-factor authentication to access key systems
Secure your workstation and log out when you get up from your desk
Ensure physical/network security for offices, MDFs, and IDFs in server/network closets
Use security protocols for network, vLAN, wireless SSID, and firewall configurations
Verify security for essential services including email, SIS applications, local area network logins, and VPN access
Put strong password policies in place

Hot Tip: Use a pass phrase or a short sentence without spaces instead of a password. Include a number and the punctuation, and you’ve got yourself a very strong password. Example: “KeepAust1nweird!” or “Ilov3mydogSally!” Learn more.

Educate and Protect

Education is key. No district can afford down time due to a cyber security breach. Coach your faculty and coworkers on security best practices and plan ahead for how you will handle sensitive data.

March 13, 2019 0 comment

Chromebooks CTO/CIO Cybersecurity Google Tips and Tricks

Protecting Confidential G Suite Files

by Miguel Guhlin February 11, 2019

written by Miguel Guhlin

“I’m working with a few schools. They only wish to send password protected files. The files will go outside their organization,” says John M., a Google Certified Trainer*. “From a Windows machine, that’s fine. But we’ve moved to a Chromebooks-only environment. How do you add a password to exported files, like DOCx or PDF, that get sent via email?” In this blog entry, we’ll explore several no-cost (free) options for protecting file attachments. Ready to take a closer look at the problem and possible solutions?

The Problem

In organizations with Chromebooks only, how do you encrypt files? On a Chromebook, you can’t run traditional programs available on Windows or Mac. This means you have to find web-based solutions to share files and encrypt. For schools and organizations in Europe, John points out GDPR is a concern. Before we go into possible solutions, let’s review what GDPR is.

GDPR (General Data Protection Regulation) is a new legislation. It applies to all companies who collect, store, and process any data. While focused on data belonging to European Union citizens, it has wider effects since GDPR applies to all companies across the world. This means that it affects Americans, as well as EU citizens. GDPR went into effect on May 25, 2018 (source: video). American companies must comply, even if enforcement in the United States remains unclear.

Exploring Solutions

How do you safeguard sensitive information in a G Suite EDU environment? How do you add password protection to a file and send it via email in Chrome OS? To organize solutions, you first have to ask yourself a few questions:

Do I need to protect the content of the email itself?
Do I need to protect the file attachment?

Let’s look at a few tools you can use.

Protecting Email Message Text

If you need a solution to protect email content, the actual body of the message, use one of the following. Each offers AES-256 level encryption.

g suite encrypt

One solution to explore is Paranoia Works Text Encryption Tool PTE). It is a browser-based tool that makes it easy to encrypt an email’s message text. The interface works in an simple way and safeguards the content with encrypted text. It offers these steps:

Encryption:
1. Set a password.
2. Write or paste a text into the Unencrypted Text area (green bordered).
3. Press the Encrypt button.
4. An encrypted text will appear in the Encrypted Text area (red bordered).
5. Copy the encrypted text and use it however/wherever you want.

Decryption:
1. Set a password
2. Write or paste an encrypted text into the Encrypted Text area (red bordered).
3. Press the Decrypt button.
4. A decrypted text will appear in the Unencrypted Text area (green bordered).

For Chromebooks that can run Android apps, you might want to get the app. The app is Secret Space Encryptor for Android (shown below) via the Google Play Store. See the online tutorial.

An alternative text encryption tool you can use is FourmiLab’s browser tool. This latter tool provides a streamlined view (shown below) without documentation.

g suite encrypt

Your organization should standardize on either PTE or FourmiLab’s solution. Save either tool to the Chromebook for local use, even when not online. What’s more, you can use these within Google Docs, too. That is, you can choose to encrypt the text in a Google Doc, but you will have to copy and paste the content in and out of a Google Doc.

The main benefit of these tools is that they are free, no cost options.

Protecting Email File Attachments

John’s original question focused on files exported from G Suite. This could include DOCx, PNGs, JPGs, PDFs, PPTx, and many other formats. G Suite for Education provides for several via the SAVE AS option. If you want to protect these files in transit via email to external parties, how can you do that? How do you encrypt them so that only the recipient, to whom you’ve provided the password, will be able to see them?

g suite encrypt

One web-based tool you can use includes FileLock.org. This works in a similar way to PTE and FourmiLab. You access a website, select a file on your Chromebook (e.g. DOCx you’ve saved from a Google Doc), and then encrypt it. Then you attach the encrypted file to your Gmail message (as shown below).

g suite encrypt

Note: Be sure to use secure passwords for encrypting text or files. You can use any variety of online tools to create unbreakable passwords. Password Generator, LastPass Password Generator, GRC Generator, or Packetizer will work fine.

Protecting Confidential G Suite Files

As you may imagine, there are a host of commercial solutions you can use to safeguard G Suite files. Both Boxcryptor and Cryptomator offer enterprise level solutions at different prices. You can also take the added step of preventing the sharing of confidential information. The main benefit of the solutions offered here is that they are free, open source, and available at no cost. Combine them with an organizational procedure to support effective use.

*Question adapted with minor readability edits from one posed to Google Certified Trainers (GCT) Google group.

February 11, 2019 1 comment

Free WiFi inside sign with knife and fork on either side

Android Chromebooks Cybersecurity Google Tips and Tricks iOS Tips and Tricks

Secure On the Go Connections

by Miguel Guhlin August 20, 2018

written by Miguel Guhlin

Attending multiple conferences this summer? I have been. A certain fact has come to my notice. Devices people are slipping into their backpacks and sling bags aren’t bulked up computing monsters. You know, the laptop with the seventeen inch screen. Or, the ultra-light Macbook with a weighty power supply. Instead, tablets and Chromebooks predominate. The problem most of us face, unless we use paper (synthetic or natural) and pen, we face a security challenge. We must secure on the go connections. In this blog entry, we will explore several virtual private network (VPN) solutions you will want to invest in.

If the hotspot you’re using…[is] simply unsecured, hackers nearby can eavesdrop on your connection to gather useful information from your activities. Data transmitted in an unencrypted form (i.e., as plain text) may be intercepted and read by hackers with the correct knowledge and equipment. This includes data from any services which require a login protocol (Source).

Wait, What About Securing Paper and Pen Notes?

Keep a pocket notebook? Then you may feel you don’t need to secure your paper notes. That’s because someone would have to mug you, tear the notebook out of your hands. Yet, it’s not hard to imagine that a notebook could be lost or left behind. In that case, a synthetic paper notebook may offer a better solution. In some cases, a small paper notebook like the Rocketbook (read the TCEA blog entry, Write to Remember) may fit your needs. The Everlast Mini, shown in the video below, has me reaching for my wallet.

How does it work? You can write on synthetic paper with a special pen, snap a picture of it using an app. Once the content in a synthetic paper notebook has been captured via the app on your smartphone, you can erase it. Erasure secures your data. Keep your smartphone encrypted behind a passcode, no one will be able to get into it. But you still face the challenge of securing WiFi connections in your hotel room, at a conference, or on a network lacking encryption. Resist the temptation to simply hop onto an open network.

Image Source: How a VPN Protects Your Data

Get and Use a Virtual Private Network (VPN)

Whether in your hotel, restaurant, or conference space, protect your device with a virtual private network. Here are some quick recommendations that you can put in place. Be aware that free VPN solutions offer little protection. Online publishers like PC Mag and CNET suggest NordVPN, StrongVPN, TorGuard, and Private Internet Access (PIA) as the top-rated tools available. This video provides a simple overview of the problem we all face. I urge you to use one of these solutions when on an open, unsecured network.

Not ready to invest in a VPN? Get Cloudflare, which features the Warp VPN built-in. It’s free, works on your iOS and Android smartphone. It will give you some protection while sitting at the coffee shop.

Update: This blog entry had new content added to it on 10/1/2019.

August 20, 2018 0 comment

CTO/CIO Leadership

Panic Alert Pendants: Increasing School Safety

by Miguel Guhlin June 5, 2018

written by Miguel Guhlin

Children huddle in the dark under their desks, door locked. A teacher clutches her chest, having a heart attack. A student is injured on the playground. A weapon is discovered, the wielder prepared to injure. How quick is the response that can save lives? The response is as quick as the teacher punching the button on the panic pendant around her neck. The button will bring help fast. In this blog entry, we will explore several panic pendants, wearables for schools that can mean the difference between life and harm and promote better school safety.

Silent panic alert systems are now required in all Texas classrooms. On Tuesday, Governor Greg Abbott signed “Alyssa’s Law” which should improve emergency response times at schools and save students’ lives (source).

School Safety, An Increasing Concern

The above scenarios have caused many to consider panic pendants an essential purchase for schools. School districts, hoping to provide quick response to emergencies on campus, need a way to improve communications.

**Image Source:** Safety and Security Measures K-12 Schools have put in place, **National Center for Education Statistics**

The red card just doesn’t get the job done. If you have time to send a student with a red card, indicating an emergency, then it’s not an emergency. Another benefit is that your school community may appreciate your school organization’s commitment to student and staff safety.

**Source:** **Texas Education Agency’s K-12 Standard Response Protocol Toolkit**

Panic Pendants

Activated with a touch, panic pendants range from wearable devices that clip to a teacher or hang from her neck to smartphone apps. Since speed of response matters, schools are equipping staff with fast response tools. The School Safety Panic Button Alert Systems describes the function of these devices in this way:

The ability to simply press a wireless button and get help quickly has become an important safety need to all schools today. Cameras are wonderful but they only record information as it is happening and are reviewed after the fact. A hidden panic button only works if you are at your desk. The ability to easily and discretely press a panic button while walking around or attempting to relocate for safety is an important feature to have.

Let’s take a quick look at some of the characteristics of these alert systems. Some scenarios include:

On March 8th, 2017, Rave Mobile Safety’s School Panic Button System helped save the life of a young student at Benton High School who had collapsed on the school´s baseball field. Due to the system’s enhanced location services, first responders were able to locate the student quickly and administer life-saving CPR. (Source: Rave Mobile Safety)

Consider this 2018 news story in New Jersey discussing proposed legislation and the value of panic buttons:

…the panic alarm makes sense because it could be activated without the intruder being aware. In shooting or lockdown situations, he said, some students who are in hiding or playing dead hesitate to use their cellphones to call for help, for fear they’ll be overheard by the intruder. “The panic alarm gives people an opportunity to notify the police directly without exposing themselves,” he said. “It’s not going to solve all the problems with guns, but it can save lives.”

Panic buttons provide individuals with the chance to call for help with limited to no exposure to themselves.

Key Features

Before we look at some of the solutions on the market, let’s make a quick list of key features panic pendants have. Most alert systems have these features:

One-push button to activate alarm, which may notify the school office and/or call 911 for emergency services
Smartphone app alternative to a physical device (pendant)
Speedy delivery of building information (e.g. floor plans, key contacts, emergency response plans) to first responders
Centralized viewing of alerts, including location, incident type, and location’s facility data
Provides actual stories of success

Ready to take a look at a few systems? If you know of one that does not appear in the list, please leave a comment on this blog entry.

Alert Systems

Below, find four alert systems that you may want to explore further. There may be others* available.

Cost

Wondering about the cost of panic pendants? Most vendors will require you to provide detailed information that will vary from district to district or campus to campus. Some vendors, such as Assistive Technology Services, can cost up to $600 for a standard setup. To get more pendants, you will need to pay $99 per panic button. You also need to ascertain how much square footage a system will have to cover. For example, the School Security Duress Alarm will have you fill out a form of information, as does RAVE. It all depends on how many pendants and controllers are needed.

Panic…Delete

While it is a certainty that bad things can happen, ensuring prompt response can mean the difference between life and death in many cases. Panic pendants or panic buttons are but one way to alleviate and reduce panic.

June 5, 2018 0 comment

Educational Trends Good Teaching Uncategorized

Teaching Digital Resilience

by Guest Blogger May 25, 2018

written by Guest Blogger

In today’s world, much of our society happens online. It’s where people socialize, share ideas, and debate. However, it also isn’t without potential dangers. Extremist groups recruit online. Cyberspace has been added to land, air, and sea as the fourth arena of warfare. Just as we teach students how to be safe and healthy and to be good citizens in the real world, we now need to help them develop online life skills.

Keeping Ahead of the Curve

There is so much technology developing so fast that it can seem daunting to keep up. As soon as we’ve figured out one platform students love, they’re on to the next. The revelations about social media sites, privacy, security, and data collection come at such a dizzying pace that it is hard for most adults to put on their own digital oxygen masks, much less help the child next to them.

Fortunately, the technology itself is mostly irrelevant for providing students with the foundation they need to develop digital resilience and be good digital citizens. And it isn’t that different from what we’ve been teaching them all along for succeeding in life.

Developing Digital Resilience

Digital resilience is the technical, emotional, and critical thinking skills students (and educators) need to enjoy the benefits of the internet while still spotting the dangers and managing the risks.

Let’s start by taking a look at the potential risks students may encounter online. They could stumble upon or have risky content shared by others on their social media feeds. This content could include violent or pornographic imagery or pro-suicide or pro-anorexia. They are open to grooming by sexual predators, recruitment by extremist groups, stalking, and bullying. Like adults, they can be subject to identity theft, phishing, and accidentally downloading malicious code.

Keep Things Private

Kids are so adept at snapping, tweeting, posting, commenting, and hashtagging that it may seem they have the technical skills to manage their safety online. But they may not know how, or think to block an online harasser. They may not be checking their privacy or location settings.

A good conversation to have around a popular social platform is “What are the privacy settings? What information am I sharing that I don’t realize I’m sharing? Who is able to see what I’m sharing? Who may be watching me online?”

Keep Communication Open

Kids face the same emotional challenges online that they face on the playground or in the cafeteria. And they tend to have a stronger reaction to online harassment than real life incidents. They also tend to feel more ashamed of and hide online harassment. If you impart just one message to your students about their online lives, encourage them to seek support and help from an adult if they have any online interaction that makes them uncomfortable.

Make Vetting Online Content a Teachable Moment

In this age of doctored photos, fake videos, memes, misinformation, disinformation, and online trolls, each of us needs to sharpen our critical thinking skills on online content. This is really just a fresh source for examples on fact vs. opinion, point of view, and evaluating the source of information. One challenge with using actual content your students have encountered online is it may contain sensitive material. It would be wise to address this with your administration.

Digital Citizenship

The other side of the online coin is digital citizenship. As we teach students about being a good citizen in their real-life communities, it is time to extend those lessons and discussions to include what a good citizen does online.

Be Kind

Just like in real life, good digital citizens don’t bully. They are polite. They think about how their words make the other person feel. People of all ages tend to quickly sink to rude and bullying exchanges online that they wouldn’t in person. Let’s teach our students to think about the person behind that profile picture.

Be a Leader

Good digital citizens are leaders online. They vet information before they share it. They avoid sharing junk information like memes. They lead by example in how they engage with others and refuse to be baited into name-calling.

Be Careful of Your Digital Footprint

Students also need to think about their permanent online record and how the way they engage online now could impact a future job or other opportunities. There is a saying “The internet never forgets.” Even if you delete something, you never know who downloaded it or took a screenshot. With internet archive tools like the Way Back Machine, everything that has ever been posted online is archived and retrievable.

When thinking about how to help your students develop their digital resilience and digital citizenship skills, look to the lessons you are already teaching on emotional resilience, critical thinking, and personal safety. Incorporate examples and discussion of what these things look like online.

More Resources to Teach These Skills

DigCitUtah provides lesson plans on digital citizenship for grades K -12.
CommonSense.org offers a K -12 digital citizenship curriculum.
This is a worldwide concern. Many European countries have excellent teacher resources. These Vodafone digital skills lessons can be easily adapted to an American classroom.
Video – Digital Resilience Toolkit: What is digital resilience?
Video – Digital Resilience Toolkit: Supporting 6 –10 year olds
Video – Digital Resilience Toolkit: Supporting 11- 13 year olds

This is a guest blog by Lydia Snider. Snider served as an educator for nearly 20 years, primarily as a K-5 resource specialist. After leaving teaching, she spent about a decade in the California tech scene and working as a consultant helping companies understand how to use social media for business.

May 25, 2018 0 comment

Newer Posts

Older Posts