Patrolling Web 2.0


As the internet grows more complex, districts need more than a conventionalfilter to protect tech-savvy students from unsafe online content.

SecurityAS RECENTLY AS 10 years ago, school computers were the purview of office administrators and limited library use. Most districts didn’t have a website, and few anticipated a day when students would be toting laptops from class to class.

Today, districts not only provide students with internet access, they expect the students to leverage it to perform educational research and complete assignments. But while school districts have become more technologically sophisticated, most schools remain a step behind students—and external threats to student well-being.

Students today are a generation raised on Google, e-mail, and instant messaging. In 2005, Pew Internet & American Life Project published a report that said more than 87 percent of American kids ages 12 to 17 were using the internet, and we can be sure that number has increased in the interim. And, of those roughly 21 million kids, 78 percent, or about 16 million, said they were using the internet at school. They are the early adopters and the tech savvy, using their knowledge to access Web 2.0-based content and tools that teachers and parents have no idea exist, and that have little or no value to education.

Sure, most schools have some sort of internet filter to block access to unsafe and inappropriate material, per the Children’s Internet Protection Act, which mandates that federally funded schools filter the internet to protect children from online predators, pornography, hate sites, and other unacceptable content while at school. But at Denver Public Schools, we discovered that basic CIPA-compliant technologies, such as rudimentary filters, are not enough. It takes more than just blocking harmful sites to keep students from accessing them.

The Risks of Social Networking

Making the work of IT administrators harder is that students are interested in less obviously dangerous internet applications such as peer-to-peer programs and sites like MySpace and YouTube. According to top internet tracker Hitwise, in July 2006, MySpace received the most hits of any website, accounting for 4.5 percent of all internet visits. A Pew Internet Project report published in January said that more than half of all online American youths ages 12 to 17 use social networking sites. MySpace isn’t just an irritant for school IT staff and teachers, who have to constantly check that students aren’t wasting school time surfing the site and chatting with friends. The site is sheer trouble. Sexual predators lurk on MySpace and other youth-oriented online communities in search of children who have inadvertently included personal information about themselves, such as where they live, where they work, and where they go to school.

So what’s the remedy? Simply blocking access to social networking sites won’t suffice. At Denver Public Schools, despite the presence of an internet filtering solution, more than 150,000 attempted visits to MySpace were made in both September and October of 2006 (see “Spaced Out”). Like most rebellious generations before them, today’s tech-smart kids don’t take no for an answer, and will often do their very best to surmount the protective wall constructed by school staff to keep them safe. One way they do so is by using anonymous proxies. By configuring their home computers as proxy servers, and then tunneling into them, students can get around a standard filter and gain access to just about any site imaginable. Therefore, it is essential to deploy technology that is able to prevent proxy tunneling and is capable of keeping a record of users who try to evade the filter and access inappropriate sites via proxies and other work-around methods.

Students are skilled enough to use anonymous proxies to get around a standardfilter. By configuring their home computers as proxy servers, and then tunnelinginto them, students can gain access to just about any site imaginable.

Denver’s more than 72,000 students and 16,000 computers, dispersed across 120 schools, deepen the need for comprehensive monitoring of staff, teacher, and student school internet use. After careful consideration of many filtering tools, the district chose the R3000 from 8e6 Technologies. The program’s unique proxy pattern blocking keeps users away from sites that offer free anonymous proxy services and prevents them from bypassing the filter if they try to use unencrypted web and client-based proxies.

Beyond Filters

Many IT administrators only focus on the filtering aspect, namely, blocking inappropriate content. But web filters can’t stand alone in an effective online safety strategy. At Denver Public Schools, the filter is complemented by a reporting tool that allows adminstrators to generate individual usage information. By reviewing web logs, DPS can identify trends, react to web usage, and identify the top sites our users are going to. We have instant access to forensic data outlining who was on what sites at what time. Armed with the necessary facts, we can take action when a situation calls for it.

The district doesn’t fish for bad behavior; instead we use the reporting tool to respond to requests from teachers and administrators when a child’s inappropriate internet use becomes a problem and is in violation of DPS’ acceptable use policies. Equally helpful is the tool’s ability to generate for every administrator a report that shows the top 25 websites viewed each month in the top 10 categories. The report acts as an indicator of how our students, teachers, and staff are using the internet in school, and helps us set and modify our acceptable internet use policy.

Safety First

SecurityLike it or not, districts are ultimately responsible for where teachers, staff, and students spend their time online while at school. To protect students from the risks associated with social networking sites, a first step is the creation of an acceptable internet use policy that dictates where each and every constituent is and is not allowed to go online. The most effective policies are those that are created and agreed upon by the administration, understood by the students, and then monitored and enforced by robust filtering and reporting tools.

At Denver, we’ve also asked parents and teachers to discuss with children the hazards that exist on the internet, and we have coordinated parent and student education programs to address online safety. In addition, the data our reporting tool generates enables us to formulate a comprehensive policy on how to handle our most commonly accessed sites. And we work with teachers and administrators to determine the websites that they most need to be given access to.

No system is fail-safe, particularly when we’re operating in territory where the kids are likely to be a step ahead of the adults. But making the safety of the school’s online experience a priority can pull us even, and ultimately help us get ahead in the drive toward ensuring our students are safe from the risks and dangers lying in wait on the internet.

Robert Losinski is an information security administrator forDenver Public Schools.

This article originally appeared in the 03/01/2007 issue of THE Journal.