September 2002
Redwood City, Calif -- Securing a district network is no easy
task, according to Clint Walker, Network Specialist at Sequoia
Union
High School District (SUHSD) in Redwood City, California. While
others in the district are responsible for educating students
on proper use, Walker makes sure that the resources are available
and secure. In addition to the challenges that a typical business
organization might face, schools have limited budgets, few
personnel resources, a patchwork of systems, and very curious users.
Sequoia Union High School District (SUHSD) is located in the center
of the San Francisco Peninsula in San Mateo County, California,
and consists of four comprehensive high schools, a continuation
high
school, and an adult school. With over 2,500 computing devices
across the enterprise, the 7,300 students and 700 staff members
have access
in all classrooms and throughout campus to network services.
Responsible Students
The first and most effective line of defense is to enlist students
as network advocates. They are often the most sophisticated users
in a community and share an interest in keeping the resources available.
"It's very easy to cause problems on an IP network," says
Walker. "They
could do it with a laptop and they don't. If one person breaks
it, everyone suffers, and God forbid if they figure out who broke
it!" Walker
knows many of the students and they offer proactive support,
notifying him if the network has problems.
According to District Technology Coordinator Robert Fishtrom,
teachers model behavior for students and set the boundaries for
ethical
use. They need to monitor use to make sure that students do not
go into
chat rooms or to inappropriate sites. When teachers illegally
copy software, students follow their example. In his instructional
technology
district workshops and university courses, Fishtrom preaches
ethics and safety.
"I recommend that teachers have a set of bookmarks and a
worksheet for an online lesson so that the time is constructive," says
Fishtrom. "If you have a more directed exercise it's easier
for the teacher to monitor. Also, students need to know when
they use sources on the web, how to properly cite them."
Desktop Vulnerability
The next stop on the security tour is the desktop. Without
staff to secure systems at the backend, a school district should
invest
in as much desktop security as possible. The most vulnerable
place on the network is the logged in desktop when a teacher
or authenticated
user walks away. Automating backups, anti-virus software upgrades,
monitoring, and other security measures provides some measure
of prevention.
While Fishtrom is an advocate for technology in the classroom
and the student-centered approach to teaching it offers, he
is concerned
that technology has become available faster than teachers have
been educated to use it. "Teachers don't have time," he
says. "Between
aligning to standards and preparing for tests, technology has
taken a back seat. Educating the teachers is where we will
start improving
security."
SUHSD is testing Altiris Vision software as a desktop management
and security tool. With this software installed, teachers can
take control of desktop screens to model lessons, shut off
keyboards, blank out monitors, and even remove network access.
Data Security
As districts move to electronic storage of student records,
testing information and other confidential data, they must
protect the
information from tampering, corruption, and theft. Like most
districts, SUHSD
operates a hybrid network across several campuses with a variety
of operating systems, equipment, and software applications.
A single program or technical solution will not protect their
unique
combination
of equipment.
Technicians and programmers have customized the district's
information systems to add layers of security from both external
and internal
threats. For example, a leading student information system
uses an open format for the data files. If someone gains access
to
the directory,
he or she can move the files into an excel spreadsheet and
view or alter them. SUHSD programmers added an authentication
system
to verify
users and protect the directories. They also customize their
filtering software to prevent access to hacking sites.
The Human Condition
Although the district does not have a formal safety curriculum,
they do have policies regarding student information and acceptable
use.
Student information cannot be published on the web without
consent from the student and their parents. Pictures and names
never
appear together. The district does not allow chat, but they
do enable
student to access their own email accounts from the school
district network.
If students violate the acceptable use, they lose their privileges
and are held accountable.
"Students are enthusiastic and savvy about technology because
it is all around them and they want to know," says Walker. "When
they see me working on stuff they come up and ask questions.
I try to encourage them in a safe and positive way. I consider
myself
a
lucky person to do what I do for a living. It's so much more
fun than what most people do."
|