Tag: online safety

Some thoughts on web filtering

Have been given school based web filtering some thought recently with a particular focus on how lots of things in life are part of a continuum, where the polar opposite extremes are often viewed as what we want to achieve, or not achieve, yet are impossible to actually get to.   We tend to end up achieving a position somewhere in the middle.

Take web filtering, which is all about safeguarding;   we clearly want to achieve total safety for our students online, one extreme, and want to avoid putting them in a situation where they a presented with everything inappropriate, and potentially damaging, the internet has to offer, the other extreme.  I don’t expect anyone to be able to argue with, or to want to argue with, the above.   Why wouldn’t we want to achieve safety online for our students?

The issue is this isn’t possible without preventing them from having any access to technology and the internet, and we want to provide students access to tech to help in preparing them for the world we all now live in, a world filled with tech.   Now I know some schools ban devices however I believe this simply shifts the problem in that students either will do their experimentation at home or will do it in the next phase of their education or life, in Further education, Higher education or in the working lives.   We therefore won’t have prepared them or equipped them with the skills to remain safe, which I think is a key element of safeguarding.    We won’t have prepared them for the future and in fact we may be setting them up for problems when they suddenly find themselves outside the insulating bubble of the school, and having to deal with technology, social media, etc, all on their own.

Let’s assume that we have decided that preparing students for a technological world is important and therefore we allow them ready access to mobile devices, computer labs, etc, around school.   Now how do we approach the filtering situation?

One approach might be to have aggressive filtering and monitoring with a view that this will make students safer.   Sadly, this isn’t as easy as it once was.    Technology designed to support privacy of data including HTTPS and VPNs, to name but two, make it increasingly more difficult to monitor activity.    It is now more difficult to argue with students as to why they shouldn’t be using a VPN when VPNs are now routinely advertised on TV and radio as a measure to protect personal data.   This issue is even more evident where devices belong to the students and the organisational control which can be exercised on school owned devices either cannot be applied or can be easily removed by students.   We also have the challenge of student mobile phones which can be used as a personal hot spot for internet access via the phone service provider thereby bypassing the school network and its protective measures.   There is also the potential issue of devices, such as iPads, with 4G capability in addition to normal Wi-Fi and with the introduction of 5G this is also on likely to become more common.

The other concern I have with filtering is that it might be viewed as a compliance issue and therefore once set up some may consider the issue of online safety addressed.  Internet filtering is however never perfect, plus some of the tools available which are generally positive, can be misused leading to negative outcomes.  There is also the issue that the internet services which are available are constantly changing.   This therefore requires ongoing review along with a more holistic view of how online internet safety is managed including awareness, support for students and support for, and engagement with, parents.

The need to keep students safe online is clear and something few can disagree with.   The challenge is how we actually implement this safety.   This is not so simple.    It isn’t a simple compliance matter of blocking certain categories or sites.   We want to provide students access to the internet and its services so they can learn the skills they will need for the future, so we can’t block everything, yet we want to block as much inappropriate content as is possible, in a world where monitoring and blocking is becoming increasing difficult and/or ineffective.

For me, it is up to schools to decide the best approach for their own setup, their own infrastructure, students and culture.   It is also key that schools continuously review their approach to assume it keeps pace with changes in student habits and in the technologies available.   Although there isn’t one single solution for all schools, for each school there is a solution.

Online safety and home infrastructure

Technology has become an important part of the life we now lead.    Social media, games consoles, smart phones and voice recognition systems like Amazon’s Echo are now all part of normal life.    This technological change has brought many benefits however there are already some indications of the implications of technology use.

We have already seen discussions about technology addiction.    We have also seen discussions around unforeseen implications arising from technology use, such as the impact of parents posting their children’s every move on social media; How do they feel when adult photos of their every childish endeavour and mishap are easily found on Facebook?

Then we have the issue around cyber or online safety.   This is an issue that I find of particular interest.  There has been a particular focus around being careful in relation to passwords in particular, and to the information shared on social media, however this seems to take for granted that the infrastructure we are using our technology to access is secure.

In the home will have a Wi-Fi network connected to which there may be a wireless printer, a laptop, a couple of phones and maybe some other internet connected devices.    But have sufficient security precautions been taken?

Maybe the Wi-Fi network was setup straight from the box it was supplied in, with little adjustment of its configuration.    As such the default Wi-Fi SSID may give away the make of the router which would help anyone wishing to compromise the network.    Has the default admin password for the router been changed and has Wi-Fi access to the administrative interface been disabled?    If not then malicious access is all the easier.      Has WPS been disabled and has the appropriate security features such as WPA rather than WEP been enabled?

The games console has fathers credit card details entered in it for purchasing and downloading games, however the password is shared with his Gmail account, Facebook account and a couple of other services.       As such should any service be compromised then all services are likely to be compromised given the common email address and password used across accounts.

A new wireless printer has been set up, but again has been left configured as it was in the box it arrived in.   As such the admin password is set as the default.    Should someone gain access to the network they can therefore easily use this device to gain a permanent foothold within the network.

The laptop doesn’t have any anti-virus software on it and the windows firewall is turned off.  Also windows updates haven’t been carried out in over a year leaving the operating system seriously out of date.

The growth of technology in modern life is very much related to its ease of use, however the technology itself is far from simple.    Although the default configurations and setups get things going, they are generally not the best solution in terms of safety and security yet the majority of users neither have the understanding or the skills necessary to make the required changes.   With this in mind I think it is important to not only teach our students about safety in relation to end client devices and apps, but also about the safety aspects of setting up and maintaining your home infrastructure.