November 19th, 2013

Computers and the Internet are indispensable facets of modern education

Computers at school

In the modern era of public education, computers and Internet usage have become ubiquitous. You know as well as I, however, that the Internet isn’t the safest of places for children. That’s why public schools must take every necessary precaution to protect children when using these important instructional tools. In this post, I’ll explore modern public school Internet security.

Public School Internet Security is the Law (sort of)

Although there are no Federal laws requiring a specific level of general filtering or Internet security, schools are nonetheless still regulated, to some degree, by The Children’s Internet Protection Act (CIPA) of 2000. CIPA established pre-defined minimum filtering levels in order for schools to qualify for the government’s E-Rate program. E-Rate provides discounted Internet access to eligible schools around the United States. If a school opts out of CIPA compliance, they can’t receive funding for Internet access through E-Rate. Simply stated, CIPA requires schools to provide certain levels of protection to students from unwanted, obscene or otherwise detrimental Internet content. CIPA is funded through a tax collected on every phone bill in the United States.

Intranets and Firewalls: The Base of Compliance

CIPA compliance generally starts with the deployment of an “intranet.” An intranet is an internal, Internet-like computer network; however, whereas the Internet is an unrestricted, world-wide network of interconnected computers, servers, and other computer-related hardware, an intranet is restricted to the computer infrastructure of a single institution. The intranet of any given school corporation connects only the computers of the schools and other buildings that are part of the corporation. An intranet establishes a robust basic layer of Internet security. Schools then add a “firewall” to their internal networks as a second security layer. A firewall is a system of software and/or hardware implementations which work to prevent others outside an internal network from gaining access. Schools also use firewalls to allow trusted entities and websites to make it in. If a student tries to access a questionable site, the firewall is designed to block access to the site.

CIPA Compliance: A Step Further

CIPA compliance requires another layer of protection and filtering beyond intranet deployment and firewalls. I spoke with the head of a local school corporation’s IT Department for this post, and he told me his district uses a specialized server called an “appliance” to achieve CIPA compliance. Using a built-in software layer, the appliance monitors all data attempting to leave or enter the corporation’s intranet. The appliance is supplemented by a cloud-based database of sites identified as dangerous or questionable. The database works similarly to the databases used by virus- and malware-protection programs that recognize malicious software based on previously-encountered threats filed into the database.

Security through Hardware Restriction

Another way schools keep their networks secure is by allowing only equipment owned by the corporation to access the network. Although this trend is beginning to change, most corporations still don’t allow students to use personal hardware to access internal networks. The obvious advantage of allowing students to use their own smartphones, tablets and laptops to access a school’s network is a savings in equipment usage and cost. The downside, however, according to the IT professional to whom I spoke, is that a plethora of hardware means a dizzying array of software and an equally vast array of threats to the network. “At this point,” the IT professional told me, “We simply wouldn’t have the resources to deal with all the threats. It’s so much easier to have equipment and software that’s uniform across the district. It keeps everyone on the same page and greatly limits the threats to our network.” Students themselves routinely try to breach network firewalls and filters, too, presenting yet another challenge for IT Departments. “There are always students trying to bypass the filter,” the IT professional said. “So you have to stay one step ahead of them, too. Keeping personal hardware off our network helps in that regard.”

Security in the Cloud and Group Policy

Another measure corporations are turning to in greater and greater numbers to enhance school Internet security is cloud storage. By using a cloud-storage service with built-in protection against malicious software, schools effectively add another security layer to their networks by storing potentially-infected files off-site, in “the cloud.” Group policies are formal rules established to define how given groups or types of users can use or modify a computer resource. When a student logs onto the network, for example, a group policy would automatically block off or allow access to certain parts of the computer and to the network, thereby preventing the student from making detrimental changes to the machine or downloading forbidden content.

Conclusion: A Constant State of Change

According to the IT professional to whom I spoke, a filter with 100 percent effectiveness simply doesn’t exist. One of the biggest reasons for this is the dynamic nature of the Internet itself. The Internet, he said, is constantly changing, with new pages being added every day, and new software and code – malicious and legitimate – continuously being written. School Internet security, he added, is an ever-evolving process. The key is to avoid complacency and to remain abreast of both emerging trends in security and new security threats.

By Frank Winston, SoftActivity

Photo by Scott Woods-Fehr (Flickr)