Month: September 2022

Online safety: are we mitigating the risks?

I think few would argue that the online safety risks which students are exposed to these days have gone down.   But the big question is, has the effort of schools in protecting students changed in step with increased risk exposure?

But first some good news

Before I go any further, I need to be clear here that this post looks very much at the negative side of things in relation to online safety however in doing so I run the risk of painting a purely negative picture.   I therefore think its important to point out the positives of technology.    Communication, collaboration, friendship and many more areas of life can see a benefit from appropriate use of online technologies.   An Ofcom 2022 report identified that 80% of the children surveyed used online services to find support for the wellbeing, that 53% felt being online was good for their mental health and that 69% of children thought being online helped then feel close to their friends and peers.   It is important that we appreciate these positives as for me this highlights the focus should not be about blocking and filtering, which is increasing ineffective, but about discussion and engagement of students around risks and behaviours.

New Apps and Technologies

And now for the risks;    I would suggest most students now have mobile phones with internet access, with access to apps such as snapchat, Instagram and the very popular TikTok.   The Ofcom survey found that 90% of children owned a mobile phone by the time they reached the age of 11.   This access to technology and every changing and evolving app space represents a risk in the explosion of inappropriate content and contacts which students can access via the device in their pockets.   As adults and educators we cannot truly know the implications, and this is important to acknowledge, as the situation when we were children was significantly different.   There is also a risk here in relation to the increasing use of AI or machine learning within apps to feed users with the content they appear interested in, reinforcing these interests or curiosities even when exposure to such content may be inappropriate or even dangerous.

Pandemic

The pandemic accelerated things pushing everyone more online than ever before as we had to learn through online contact with teachers, maintain relationships with friends and families again through online solutions and occupy our time without leaving our homes, an issue which online games and other platforms where all too happy to address.   It wasn’t so much a case of “should we” engage with technology, online tools and online spaces, but a case of what other choice do we have.   This has both increased the need to use and also the use of technology, including all its benefits but also risks.

IT Curriculum

We have also seen a decrease in time in schools where digital citizenship, its risks and issues can be discussed.   Yes online safety should appear across the curriculum and as part of keeping children safe in education, however there are lots of other competing topics and requirements.  Previously the GCSE IT provided an opportunity for specific time to be allocated to discussions of digital citizenship and online safety however with its removal this opportunity has been lost.   Now some may say the Computer Science GCSE is still available, however it doesn’t have the same number of students studying for it plus as a subject has a decidedly different slant than the old GCSE IT, which doesn’t lend itself to quite as much discussion of digital citizenship.   Now I will note the GCSE IT wasn’t without its problems as a course, however I feel a redesign would have helped rather than its removal.  Looking forward, I see similar risk of lost opportunity in the planned defunding of the BTec qualifications which include a number of IT qualifications.

Conclusions

I think all schools will likely be able to point to what they do in relation to online safety.   My concern though is this hasn’t changed much over the years.    Celebration of internet safety day, annual talks or presentations, digital councils and/or digital leaders meetings involving students, etc, these are not new, yet the risks and exposure of our students to technology and these risks has grown significantly, and even more so over the last two or three years, driven by the pandemic.   The risks are growing yet the mitigation measures largely remain the same.  There is a clear inbalance.

I think one of the biggest challenges continues to be time.   The curriculum is already full of content and various competing requirements, with most offering value.   The question therefore is one of identifying where there is the greatest value and I would advocate that time allocated to digital citizenship is critical.   The challenge here is I don’t feel education is particularly good at this prioritisation, instead trying to do everything, and in doing so this causes workload issues, greatly subdivided focus and other issues.

Technology use is only going to increase so the more we can prepare our students, and get them to evaluate and consider how, when and where they use technology, the better.     Digital citizenship needs to occupy a bigger part of student studies, both in preparing them for the future, but also equipping them to deal with technology risks both now and in the future.

Compliance and training

In schools we have a fair number of “compliance” matters which we need to deal with especially around training.   Safeguarding including Online safety, Data Protection and Health and Safety to name but a few.   But sometimes I wonder whether we sometimes can’t see the wood for the trees.    I wonder if sometimes we become that focussed on the compliance measure that we may lose sight of the reason the compliance requirements are there in the first place.

Let us take data protection as an example.   We must comply with the legislation and as part of this we need to make sure that staff have received the relevant training.   So, the compliance measure is to ensure that staff have had training.    So, we attack this requirement with an annual training session likely a short session within inset at the start of the new academic year.    If we do this correctly, we will have a nice register of all the attendees at the session, which will match the list of staff, thereby showing all staff have been “trained” and we are compliant.

But why do we have the training?    The training is not the outcome or objective, it is the vehicle.   What we are really trying to achieve is that staff understand data protection, understand what they should and should not be doing with data and what to do when things go wrong.   So, taking my compliance to the next level (is there such a thing?   Do I not comply or not comply?   Maybe a separate question!) I now want to check understanding.   So, I send all staff a quiz to answer based on some of the content of the training.    If most, let’s say 80% of staff, get the answers correct I am happy that the training has developed the understanding I seek.  If the score is less, then I need to review the training materials and amend accordingly.

But again, this has flaws.   Is a quiz sent out after the training a good measure of understanding?   Or is it just a test of short-term memory where staff who may score well immediately after the training, will have forgotten most of the information two or three weeks down the line?   At this point I may revise my compliance measure again, releasing different short quizzes at the end of each term to get a better view for how the understanding is retained over time.

At this stage I may decide that the single training session isnt enough, as I want to go beyond basic understanding and look to change the culture in relation to data protection.   I am now looking at a multi-modal approach with a big training session, maybe weekly short facts, termly quizzes, smaller training sessions with targeted departments, on-demand video training, etc.  In looking to change the culture I am clear that this will involve lots of little changes and activities now and over a longer period of time although the prevailing culture is unlikely to show any signs of change until some time in the future.   I am accepting that changing culture is the long game.

Conclusion

The issue with all of the above is that I feel we often get stuck at the top, at the simple measure of the number of people who attended an annual training session.   I don’t feel we always question and explore our compliance.  I don’t feel we go beyond the simple and easy to measure.   

What if, in accepting the need to comply with training, we accept that our complex approach of briefings, training sessions, standing agenda items, etc forms the training and that this is better than a one-off training session, even with a quiz.   In doing so we can demonstrate training through details of our approach and evidence to support each part of it; We can provide copies of briefings, PowerPoints from presentations, meeting minutes, etc.    Isn’t this enough to prove compliance should a relevant authority ask for such proof?   Yes, we won’t be able to provide a nice simple list of all staff having signed attendance at an annual training session, but was that ever the point?

Reflections: One week down

So that’s the first week of term done so, having shared some start of term thoughts previously, I thought it might also be interesting to share some “1 week down” thoughts from the perspective of a Director of IT.

Manic

The first week of a new term is always rather manic with issues identified as students and staff return to classrooms, plus last minute requests.   I think my team saw around 130 calls raised on Monday alone and that doesn’t include student and staff walk ins.   The question I often find myself asking is how might we make this period less manic and make things smoother?   The problem as I see it is that I am not sure we can ever achieve this.   A new academic year brings with it new staff, lots of new students and a period of time where teaching staff and students have been away from school, where things have been forgotten but where technology changes, updates and upgrades have continued unabated.    I suppose the one consolation is things quickly calm down and recede towards a more normal level of busy.

Printing

The week started with an issue with our main high volume Multi-Function Device (MFD) at a time when there were lots of booklets and other items in need of printing.  Not a great start however was sods law that the unit would fail on day 1.   My hat goes off to my colleague in reprographics who ploughed on in the face of the challenge, using the slower units we had to get all that needed done, done.

But this got me thinking, in a world of technology and OneNote should we be seeing print volumes in schools declining.   Now my gut reaction to this is yes, clearly we should be seeing volumes declining but this reminded me of last academic year where I saw a massive spike in printing in the last term.    The problem with the concept of “paper-less” in schools is simply the fact that the key outcomes continues to be terminal exams conducted in the final term, with the vast majority of these exams being conducted on paper.   How can we expect students to go into these exams without having the experience working on paper in the months and years leading up to them?    When will the exam boards catch up with technology?

Third Party Software

And printing wasn’t the only challenge to hit on day one.   We had some software issues which appear to trace back to a third party changing some of how their platform operates specifically in relation to its Application Programmers Interface (API).   The API is the link point which allows us to integrate different solutions such that they work together and share data, etc.    In this case the vendor made changes with these changes lacking proper documentation plus being buried in release notes, with these release notes having to be sought out rather than being communicated.    The issue didn’t just catch us out, it also caught out at least one software provider who integrated with this vendor.

The challenge here is how much control we have over third party vendors when we might be a single voice in sea of voices, or where this is at least what the vendor uses as an excuse!   Additionally there is the risk that as we more tightly integrate a number of different solutions, which is a good thing, we build an over solution which is inherently more complex but therefore more fragile.   There is a balance to be reached here I suspect.   And as to control and third parties I noted reading something recently which suggests schools use of EdTech solutions puts the responsibility on the schools, however provides the school little power in terms of controlling or guiding the vendor, other than the ability to cease using them.

Cyber and Students

I have the opportunity to speak with our sixth form students across two presentation this week, discussing cyber security with them with particular reference to recent events.   My presentation has included mention of the recent Apple vulnerability as well as the alleged TikTok data breach.   In asking the students questions regarding cyber security it seems that students are getting better at updating their devices and applications however still continue to make use of common passwords across most internet services, plus don’t commonly enable MFA even when it is available.    My hope is that my presentations will have at least convinced some students to improve their cyber habits although this is something I want to work on throughout the year;  A single presentation will never do the cyber risk justice.

Running

I hadnt done any running during August having achieved 300km across the 3 months of May, June and July.   What I failed to consider as I got my running shoes on during this week was the negative impact that a one-month period, such a short period of time, would have had.   I really found myself struggling to manage 5km and I certainly wasn’t managing it at any great pace.    I quickly found myself having to adjust my expectations, ignoring my progress up to the end of July 2022, and focussing more on where I was now.    I suspect it will be a good few weeks or months before I can build back up to where I was including re-establishing the correct habits, etc.   This just goes to show how important habits, consistency and resilience can be.

TikTok

Am not sure how many times I have deleted TikTok but once again it has been deleted.   During the summer period I had re-installed it, and with each short video I was convinced the value in the video was worth it given the short length of the video.   But I failed to consider the cumulative time spent on flicking through the videos.   It was eating up time, with this time growing, and I hadnt noticed.    It was only with the manic nature of week one that I found myself at home evaluating the amount of time spent (or maybe lost?) on TikTok.   So once again I am TikTok free.  For now, at least!

Conclusion

It’s been a busy week with a fair few challenges.   It has been great to see the campus buzzing again and great to once again be interacting with our students as they go about their school days.   Although very busy and a bit stressful as a result, I am confident that things will settle down into their more normal pattern of school life in the comings weeks.   As such, I look forward to what the rest of the 2022/23 academic year has to offer.

A new academic year

And so a new academic year begins.  The students are back and the school is once again buzzing with activity at the start of the usually hyper busy first term.  As the autumn term and the new academic year begins I thought I might share some of my plans for the weeks and months ahead.

Data

This is definitely one of my projects for the year ahead, looking at how we as a school might better store, process and present data.   The key for me is the use of Microsoft PowerBi in order to allow data to be easily explored by end users, in a way that is more user friendly and intuitive than a large complex spreadsheet.   Now a key here, and likely the hardest part of the process is ensuring the data is appropriately structured, and in the resultant need to clean up existing data ahead of then starting to analysis it.

Embedding technology

I would like to spend more time with teachers using technology in the classroom this year.   I have become a little disconnected from this in the last year as I focussed on the infrastructure, systems, cyber security, etc.   As such it would be good to spend time with those teaching diverse and different subjects, to allow me to review and evaluate my thoughts and practices in relation to teaching.    Hopefully, it will also allow me to identify areas where I can help and support technology use, especially where technology can make things easier, quicker, more effective or generally better for teachers and students.

Digital Citizenship

This is a particularly important topic in my view, in the need to discuss the risks and benefits of the internet, technology, social media, etc.    We don’t truly know the long term impact of the technologies we are using today, in particular the impact of social media, so in the absence of an answer, we need to at least promote discussion.    One of the challenges here is finding time within the busy school curriculum for this to happen in a way that goes beyond the often superficial discussions which currently happen.    It is my hope to work with students this year in discussing digital citizenship, plus also possibly to look at developing some content which can be used across schools.

Virtual Reality

Now this is a bit of an experimental project, looking at how VR kit might be used more within schools and also hopefully examining how schools can create their own VR content.    For me this ability to work within VR and to create your own VR content is key as otherwise you are reliant on the content of others, such as the VR hardware vendors.   Over the years I have seen a number of technologies fail to live up to their promises where they are reliant on content created by the vendor or third parties.

Running

I was doing well in May, June and July, managing to run 300km however this fell to near zero in August so as the new academic year begins I hope to pick up where I left up.   Given I am at 500km for the year so far, it would be good to get to at least 750km for the year so that means I have 4 months to achieve 250km, so that’s around 65km per month.

Conclusion

Now the above are only 5 areas which jump to mind for the year ahead.   The board in my office has many post-it notes relating to projects and tasks which I will be addressing in the year ahead.

I look forward to it being another busy, challenging but worthwhile academic year.    All that remains is for me to wish everyone all the very best for the 2022/23 academic year.   Onwards and upwards….