Presentation is loading. Please wait.

Presentation is loading. Please wait.

Internet Safety – School Security Ellenville, NY April 26, 2004 Copyright 2001,2002 Lower Hudson Regional Information Center (LHRIC).

Published byScot Evans Modified over 8 years ago

Similar presentations

Presentation on theme: "Internet Safety – School Security Ellenville, NY April 26, 2004 Copyright 2001,2002 Lower Hudson Regional Information Center (LHRIC)."— Presentation transcript:

1 Internet Safety – School Security Ellenville, NY April 26, 2004 Copyright 2001,2002 Lower Hudson Regional Information Center (LHRIC).

2 Copyright 2001,2002 Lower Hudson Regional Information Center (LHRIC). Open Meetings Law FOIL & E-Document Policy Employee AUP’s CIPA & E-Rate Student Safety Domain Names Security & Hackers Internet Safety – School Security Managing Risks Resources

3 Copyright 2001,2002 Lower Hudson Regional Information Center (LHRIC). Managing Risks  Establish an educational forum –Not an open forum  Policy and Practice must align –Supervise, Monitor, and EnforceEnforce  Insure AUP is signed – affirmative  Engage a third party security audit

4 Copyright 2001,2002 Lower Hudson Regional Information Center (LHRIC). Managing Risk  Managing Risks In-Depth Slide 5

5 Copyright 2001,2002 Lower Hudson Regional Information Center (LHRIC). Managing Risks-Enforcement  Insure due process –Notice, student response, parental meeting –Missouri suitMissouri suit –Arkansas suitArkansas suit –Ohio suitOhio suit –Pennsylvania expulsion upheldPennsylvania expulsion upheld

6 Copyright 2001,2002 Lower Hudson Regional Information Center (LHRIC). You can't stop a kid from creating a personal web site critical of your schools: Missouri school district becomes the latest to learn the hard way From eSchool News staff and wire service reports February 1, 1999 Sending a clear signal to educators everywhere, a federal judge ruled Dec. 28 that Woodland School District in Marble Hill, Mo., violated a high school student's free speech rights when it suspended him for posting a personal web page criticizing his school. The ruling makes clear that schools have no jurisdiction over what their students do in cyberspace, provided it's done on their own time and from their own computers. U.S. District Court Judge Rodney Sippel issued a preliminary injunction that prohibits the district from using the suspension against student Brandon Beussink in grade and attendance calculations. It also bars the district from punishing Beussink or restricting his ability to post his home page on the internet. "Dislike or being upset by the content of a student's speech is not an acceptable justification for limiting student speech," Sippel wrote in his opinion.

7 Copyright 2001,2002 Lower Hudson Regional Information Center (LHRIC). Newslines--Arkansas district settles lawsuit over student’s sexually explicit web page eSchool News staff and wire service reports October 1, 2000 Arkansas’ Valley View School District has settled a lawsuit involving a student’s internet site so it could begin the school year without the distractions of a court hearing, a school district attorney said Aug. 18. Dan Bufford said the court case was causing too much disruption. “We were looking at sending six to eight teachers, seven to eight students, and three sets of parents from Jonesboro to Little Rock to testify,” Bufford said. “The distractions and the expense of that was just too much.” The American Civil Liberties Union sued the school district, contending the district wrongly suspended Justin Redman for 10 days. He was suspended for producing a web site that mirrored the school’s official web site, but included sexually explicit photos and text, some of which named other students and administrators. John Burnett, the ACLU’s state legal director, said the settlement doesn’t mean the organization agrees with the district’s actions. “Every school board and every school board attorney in the state is going to know about this case,” he said. “The schools are going to have to come to realization that, just as they cannot visit discipline on students for something they said at a weekend party, they cannot do it because of something a student said on the world wide web.”

8 Copyright 2001,2002 Lower Hudson Regional Information Center (LHRIC). District must pay teacher-bashing student $30K: Court overturns suspension and upholds protection of student speech on the internet Gregg W. Downey May 1, 1998 A school district will pay $30,000 to one of its students who was suspended for making fun of his band teacher on the internet, according to the Associated Press (AP). In return, the student will drop his half-a-million-dollar lawsuit against the district for the 10-day suspension, AP reported. Superintendent Beverly Reep of the Westlake school district in suburban Cleveland was ordered in March by a federal judge to reinstate16-year-old Sean O'Brien. O'Brien had been suspended for using his home computer to create a web site disparaging a band teacher. The superintendent said the district suspended O'Brien for violating a policy forbidding students from showing disrespect to employees. A federal court told the school district to stop trying to restrict O'Brien's right to free expression.

9 Copyright 2001,2002 Lower Hudson Regional Information Center (LHRIC). Pennsylvania judge: Expelling student for web site threats is OK From eSchool News staff and wire service reports September 1, 1999 A Lehigh Valley, Pa., school district did not violate a student’s constitutional right to free speech when it expelled him last year for allegedly threatening a teacher on his personal web site, a Northampton County Court judge ruled July 23. Justin Swidler, now 15, was expelled in August 1998 after Bethlehem Area School District officials saw his web site, in which he allegedly asked for donations to hire a hit man to kill Nitschmann Middle School math teacher Kathleen Fulmer. Swidler’s family described the site as an attempt at satirical humor, not a terrorist threat. The long-since-dismantled web site reportedly had a heading saying “Why She Should Die” above a sentence reading, “Take a look at the diagram and the reasons I give, then give me $20 to help pay a hit man.”

10 Copyright 2001,2002 Lower Hudson Regional Information Center (LHRIC). Open Meetings Law  Electronic distribution of Board packets:OK  E-mail between members considered a written memo and is discoverable.  Interaction via e-mail, bulletin board, chat, instant messaging, or video conference most likely constitutes a meeting and is in violation.

11 Copyright 2001,2002 Lower Hudson Regional Information Center (LHRIC). Open Meetings Law  Resource:  Robert Freeman –Committee on Open Government –www.dos.state.ny.us.coogwww.htmlwww.dos.state.ny.us.coogwww.html –opengov@dos.state.ny.us

12 Copyright 2001,2002 Lower Hudson Regional Information Center (LHRIC). FOIL & e-Document Policy  Are e-mail, web logs, spreadsheets & word processing documents considered records under FOIL? –Web site logsWeb site logs –Policy directives –Correspondence and memos related to business –Work schedules and assignments –Agendas and minutes of meetings –Drafts of documents circulated for comment –Any document that initiates, authorizes or completes a business transaction

13 Copyright 2001,2002 Lower Hudson Regional Information Center (LHRIC). FOIL & e-Document Policy  Administrators must plan for and design a filing structure that can adequately support operational needs and record keeping requirements.  Generally, records transmitted through e-mail and electronic systems will have the same retention periods as records in other formats.  e-Mail addresses of officers and staff & computer access codes are exempt. –Can be used to gain unauthorized access to a computer or transmit a virus.

14 Copyright 2001,2002 Lower Hudson Regional Information Center (LHRIC). FOIL & e-Document Policy  Resource:  State Archives and Record Administration (SARA) –www.archives.nysed.gov/services/recmgmt.ht m

15 Copyright 2001,2002 Lower Hudson Regional Information Center (LHRIC). FOIL & e-Document Policy  Parents & Public can access Web Logs –Exeter SchoolsExeter Schools –Indiana SuperintendentsIndiana Superintendents  E-Mail is discoverable in litigation –Utah lawsuitUtah lawsuit  School Board’s e-communications may be in violation of state’s Sunshine Laws –South Carolina, Pennsylvania,South CarolinaPennsylvania,  Create an Electronic document policy –SampleSample

16 Copyright 2001,2002 Lower Hudson Regional Information Center (LHRIC).

17 Superintendents’ use of school computers questioned From eSchool News staff and wire service reports March 5, 2001 An investigation of computer records from 49 Indiana school districts by the Indianapolis Star has raised questions about what constitutes appropriate use of computers by administrators. In a Feb. 18 story, the Star reported that superintendents who are in charge of enforcing their districts’ web-surfing policies often violate their own rules. While many school internet policies say web surfing should be for educational use only, some Indiana superintendents are shopping for cars, planning trips, and looking for other jobs on their district-issued computers, the Star reported. In fact, one superintendent’s internet records reportedly included two sites with pornographic material—an apparent violation of common school district internet policies, and one that cost former Hamilton Southeastern Superintendent Robert Herrold his job in September. It was Herrold’s example that prompted the Star’s investigation. The Star’s review of 6,691 web sites on superintendents’ computers showed that half of the sites clearly were education pages. But 3,000 other sites—some of which also could have been viewed for educational purposes—ranged from the popular Amazon.com shopping site to more obscure sites.

18 Copyright 2001,2002 Lower Hudson Regional Information Center (LHRIC).

19

20

21

22 Employee AUPs Personal Use Improper Access Harassment Copyright Teacher Web Sites Teacher Links Confidentiality Advertising Politics Fundraising

23 Copyright 2001,2002 Lower Hudson Regional Information Center (LHRIC).

24 N.J. district sues teacher for allegedly viewing web porn

25 Copyright 2001,2002 Lower Hudson Regional Information Center (LHRIC).

26 Judge upholds teacher’s suspension over sexually explicit eMail

27 Copyright 2001,2002 Lower Hudson Regional Information Center (LHRIC).

28 Alleged software piracy could cost LA schools $4.8 million LAUSD school board settles software piracy charge LA Times and Washington Post sue web site for copyright infringement

29 Copyright 2001,2002 Lower Hudson Regional Information Center (LHRIC). us

30 Copyright 2001,2002 Lower Hudson Regional Information Center (LHRIC).

31

32

33

34

35

36 Middle school principal suspended for eMail violation

37 Copyright 2001,2002 Lower Hudson Regional Information Center (LHRIC).

38

39 Security & Hackers  Internal Attacks: Students and Staff Hackers Internal Attacks: Students and Staff Hackers  External Attacks: Internet & e-Mail External Attacks: Internet & e-Mail  Parasitic Attacks: Bandwith, Storage, Processing Parasitic Attacks: Bandwith, Storage, Processing  Physical Security: IP Surveillance Physical Security: IP Surveillance  Common Security Issues Common Security Issues

40 Copyright 2001,2002 Lower Hudson Regional Information Center (LHRIC). Internal Attacks: Student & Staff Hackers  Denial of Service –Web server attacks  Unauthorized Intrusions –Admin server accounts –SASI Id’s  Anonymous surfing –Port 443

41 Copyright 2001,2002 Lower Hudson Regional Information Center (LHRIC). External Attacks: Internet & e- Mail  Spamming and Smurfing –Rejected e-mail  e-Mail Viruses –ILOVEYOU, Melissa, Anna K, Sircam –Back Orifice  Worms –Code Red –Nmda –Polymorhic worms

42 Copyright 2001,2002 Lower Hudson Regional Information Center (LHRIC). Parasitic Attacks  Bandwith –School T1 used fully 24 hours a day –Wireless access  Resource consumption –.exe files –Music, Videos, Games – Adware, IE Hijacker, Foistware,TrojanAdwareIE HijackerFoistwareTrojan

43 Copyright 2001,2002 Lower Hudson Regional Information Center (LHRIC). Physical Security  IP Surveillance cameras –Easy access to stored video –Motion detectors and alarms  Wireless access for Administration and Police –Quicker assessment and access

44 Copyright 2001,2002 Lower Hudson Regional Information Center (LHRIC). Common Security Issues  Kids used to maintain parts of network – (ie web server)  Virus subscription not purchased  Security patches not up to date on servers and workstations  Firewall: None, poorly configured, not up to date on patches  Web server inside or outside Firewall  Applications and/or servers not set up correctly (leaving Guest ID’s, Anonymous users, FTP)

45 Copyright 2001,2002 Lower Hudson Regional Information Center (LHRIC). Common Security Issues  No disaster recovery and backups are not rigorous  No restrictions on desktops for students –Floppy access, FTP, loading software  No policy for security: escalation, passwords, etc.

46 Copyright 2001,2002 Lower Hudson Regional Information Center (LHRIC). Student Safety  Improper Access –Pornography & Hate sites –Inadvertent access – Ladybug, White House.govInadvertent access – Ladybug, White House.gov –“How to build a bomb” in backpack  Harrassment –Student to StudentStudent to Student –Mr. Bungle  Impersonation –Prodigy case (Boy Scouts) –Spoof web sites (Norwich Schools)Spoof web sites

47 Copyright 2001,2002 Lower Hudson Regional Information Center (LHRIC). Student Safety  Revealing Personal Information –Bathroom walls incidents –Spoof web site with girls alleged sexual activities –Geocities site with all senior class pictures  Chat Rooms –71 Felony convictions by Westchester D.A. –Profiles, strangers, pedophiles  Illegal Use –Purchases of alcohol and tobacco, threats –Secret Service  Inappropriate speech –Obscene, defamatory, discriminatory

48 Copyright 2001,2002 Lower Hudson Regional Information Center (LHRIC). Student Safety  Invasions of Privacy –Students accessing other students files and e- mail, sometimes tampering  Teacher assigned links  Club web sites –Religious prayer club, date rape listserv

49 Copyright 2001,2002 Lower Hudson Regional Information Center (LHRIC). Domain Names  Norwichschools.org vs Norwichschools.com –Purchase all available names  Maintain all school domain names rigorously –Porno site appears under school name –High cost of re-purchase  Legitimate third parties have put up school web sites that many parents believe is the “official” school site. –Irate e-mails that school didn’t respond

50 Copyright 2001,2002 Lower Hudson Regional Information Center (LHRIC). CIPA & E-Rate  Must certify that all users are protected from inappropriate materials  Must have public meeting  Must have AUP

51 Copyright 2001,2002 Lower Hudson Regional Information Center (LHRIC).

52

53

54

55

56

57

58

59

60

61

Download ppt "Internet Safety – School Security Ellenville, NY April 26, 2004 Copyright 2001,2002 Lower Hudson Regional Information Center (LHRIC)."

Similar presentations

A Reliable and Secure Network TM105: ESTABLISHING SANE TECHNOLOGY POLICIES FOR YOUR PROGRAM.

A Reliable and Secure Network TM105: ESTABLISHING SANE TECHNOLOGY POLICIES FOR YOUR PROGRAM.
MADISON COUNTY SCHOOLS ACCEPTABLE USE AND INTERNET SAFETY POLICY.

MADISON COUNTY SCHOOLS ACCEPTABLE USE AND INTERNET SAFETY POLICY.
Northside I.S.D. Acceptable Use Policy 2009-2010.

Northside I.S.D. Acceptable Use Policy
Hart District Acceptable Use Policy Acceptable Use Policy.

Hart District Acceptable Use Policy Acceptable Use Policy.
Woodland Hills School District Computer Network Acceptable Use Policy.

Woodland Hills School District Computer Network Acceptable Use Policy.
 October 30, 2012Office of Student Services 1.  Melissa FiggeWelcome & Introductions  Becki Cohn-VargasBest Practices  Break  Didi HirschSocietySuicide.

 October 30, 2012Office of Student Services 1.  Melissa FiggeWelcome & Introductions  Becki Cohn-VargasBest Practices  Break  Didi HirschSocietySuicide.
AUP Acceptable Use Policy Summarized by Mr. Kirsch from the Sioux Falls School District Technology Plan.

AUP Acceptable Use Policy Summarized by Mr. Kirsch from the Sioux Falls School District Technology Plan.
The Woodlands High School

The Woodlands High School
Acceptable Use Policy (or Fair Use): For Users of Computers and other technology.

Acceptable Use Policy (or Fair Use): For Users of Computers and other technology.
INTERNET SAFETY and Social Networking

INTERNET SAFETY and Social Networking
Uintah School District Acceptable Use for Computer and Network Access.

Uintah School District Acceptable Use for Computer and Network Access.
Boyertown Area School District Acceptable Use Policy.

Boyertown Area School District Acceptable Use Policy.
Acceptable Use Policy (AUP) What does it actually say? Why is it necessary?

Acceptable Use Policy (AUP) What does it actually say? Why is it necessary?
Phoenix Union High School District Governing Board Policy In-Service Technology Usage Electronic Information System (EIS) 2014/2015 School Year.

Phoenix Union High School District Governing Board Policy In-Service Technology Usage Electronic Information System (EIS) 2014/2015 School Year.
Riverside Community School District

Riverside Community School District
Access to Electronic Media Acceptable Use Policy August 8, 2011 Meece Middle School.

Access to Electronic Media Acceptable Use Policy August 8, 2011 Meece Middle School.
Acceptable Use Policy (AUP) What does it actually say? Why is it necessary?

Acceptable Use Policy (AUP) What does it actually say? Why is it necessary?
Duxbury’s Acceptable Use Policy Do they really expect me to read all of that stuff? Nicholas Tam Do they really expect me to read all of that stuff? Nicholas.

Duxbury’s Acceptable Use Policy Do they really expect me to read all of that stuff? Nicholas Tam Do they really expect me to read all of that stuff? Nicholas.
VISD Acceptable Use Policy

VISD Acceptable Use Policy
INTERNET and CODE OF CONDUCT

INTERNET and CODE OF CONDUCT

Similar presentations

Ads by Google