#Edtechchat focuses on Education Technology. Co-founder Tom Murray says #edtechchat "connects us professionally with inspiring educators from all over the world, all of who encourage us to be better every day for the children and families we serve.”
#edtechchat I am a Testing Coordinator and ESL Facilitator at a public school and I am wanting to have some conversation on what is the best way to implement technology for students whose first language is not English. PS. I have never participated in a Twitter Chat before.
A1: I am constantly working on awareness through training - plenty of phishing attempts as example - going the email blast training route this year for #NCSAM#edtechchat
A1 #edtechchat All of the above! :) I do send out emails and videos. I try and embed things using Google Classroom, though, so I can see who I am really reaching, I also do monthly tests for All Staff and Juniors and Seniors.
A1 I think my district makes an effort to thwart phishing attacks by adding an extra layer of notifications in attachments, as well as notifying all users of possible attacks. Students could probably use more support to learn #digitalcitizenship#edtechchat
A1) Great question, I'm not sure! Our tech dept has a blog they send out with tips, etc. Not sure about educating older Ss in our district though - would be good to think about. @TyGorman_BHS#edtechchat
When someone tried to go to those sites, was there a notice as to why the site was blocked, or was it the generic block message? I think that is a great idea, I do block the sites, but haven't figured out how to let people know why they are blocked. #edtechchat
A1 We bring it up during assemblies that discuss cyberbullying, internet safety, and digital citizenship with elementary students, discussing passwords, data mining, terms and conditions, etc. #edtechchat
How many different systems are you implementing it for? Just google and microsoft level services, or other custom software? What did you use? #edtechchat
A1: We do our best to be proactive. We do a training every year with our Business office and it seems we have had an uptick in phishing emails lately and may start doing sessions with the staff as well. We do send out emails to staff (BOLOs) occasionally. #edtechchat
Do you think #digcit is enough to really stay secure? Being a good citizen is much more than just knowing to lock your door. You actually have to lock it :) #edtechchat
Just the MSFT and Google stuff. I think it all runs through MSFT authentication, but I'm really not expert on this topic! Need to get our IT director in the chat. #edtechchat
A1 So many of our sites at school are blocked bow because of viruses and students reach inappropriate sites. We have a program now in middle schools that sends reports of what each student has been visiting. #edtechchat
I think districts have different ways of achieving a a balance between staying inside the house when it rains, or go outside with an umbrella. (To be analogous) #edtechchat
I know my team reads it. We just had a change at the director level so it's behind this school year but in the past has been good info. I think it gets read when it's sent rather than a goto site. #edtechchat
I try to introduce a variety of things because I want them to be prepared. We discuss security questions that they’ll have to answer one day for credit cards and password resets. They love when I tell them about some of the details of Snapchat‘s terms and conditions. #edtechchat
A2: Encourage Ts to change the pwords at times. Current company makes me change it every 90 days. #KeepSecure
I always encouraged Ts to keep track of pwords (even gave them a document to track)
#edtechchat
A2: Our T PW's are forced changed every 60-90 days. Our Ss PW were changed last year to protect student info (they had included birth date)
#edtechchat
A2: this is something we need to get better at. We only encourage our staff to use 2 factor password protection & to change their password every month, but we do not enforce it. #edtechchat
A2: I always point to the old xkcd comic "correct horse battery staple" I also point people to https://t.co/JZmSYXDza7 to check their password complexity. I've had teachers come to me telling me how complex it is. #edtechchat
You can put any safeguard you want on your network, but if you can't keep that one knucklehead from clicking on that phishing email it is all for naught. #edtechchat
A2 Part 2 #edtechchat I no longer require password changes every couple of months. I found it led to less security, because everyone was writing them down and leaving the passwords easily accessible.
A2: Avoid post it notes on computer screens :-) We try our best to implement as many systems with Single/Simplified Sign On-SSO as we can so users are more comfortable with what they need to remember. We recommend creating a convention for passwords to make it easier. #edtechchat
A2: Avoid post it notes on computer screens :-) We try our best to implement as many systems with Single/Simplified Sign On-SSO as we can so users are more comfortable with what they need to remember. We recommend creating a convention for passwords to make it easier. #edtechchat
A2..Encourage the use of a phrase that can be made unique for each site..https://t.co/VbttR7LMXl ..not a fan of forced changes..has been suggested that is less secure in the long run.. #edtechchat
A2 cont... Also interested in rolling out Two-factor authentication but concerned about alienating my staff with the inconvenience. Will likely start with staff with higher levels of access. #edtechchat
@ajpodchaski A1: I’m a preservice teacher so I can’t speak on behalf of a school right now, but in high school our IT specialist would do trainings at the beginning of each year with every class #edtechchat#CCED336
the problem with passwords is that many people use personal type information that can easily be found on your public Facebook ... or participating in those which celebrity are you like based on birth month and dogs name #edtechchat
A1 we are locked into a school server that is constantly being monitored. Our students and staff have to participate in digital citizenship. The parents also have to sign agreements due to the fact that students are allowed to take the technology home in our district #edtechchat
Overall, I think 99% of teachers and students are on mainstream sites and using safe content. Occasionally, we stray. 4 students, criminals might prey on students through gaming sites due to off task behavior. For teachers, it might be downloading 3rd party software. #edtechchat
We have a firewall in place at all our sites with Content Filter, Gateway Antivirus, Spyrware Protection and more from @SonicWall. We also have @Sophos Endpoint Protection on all devices that leave the network. So much overhead, so little time. Oh, and SSLVPN. #edtechchat
I use @LastPass and @ClassLink. LastPass for my machines, ClassLink for the machines that I am just touching to look at something. Both are awesome. #edtechchat
In reply to
@gwsorrells, @ajpodchaski, @LastPass, @LastPass, @ClassLink
https://t.co/Yv4Fm5EPgl Password manager- generates passwords and stores them in a master file online. Apps and extenstions to help manage wherever you are. Can print for emergency. can share blocks of accounts @LastPass is awesome #edtechchat
In reply to
@pnabbie, @gwsorrells, @LastPass, @LastPass
I tried to make sure my Ts knew how easy/quick it can be for someone to find out their "hidden" (dotted out) password that is saved on a site. About 30 seconds in Developer Tools section and the dots disappear and show password. #edtechchat
I hate all those quizzes and things that give you your superhero name or whatever - I go crazy trying to explain why it is always a bad idea to participate and post on those threads #edtechchat
@ajpodchaski A3: The areas I’m aware of are always keeping my privacy settings on, using http/https, locking for the lock in the URL browser, and checking the websites for credibility such as checking for misspellings or other red flags #edtechchat#CCED336
it only takes one click to a website that isn't monitoring its ads with a webmail tab open for you to become a spammer. And you would be amazed at the sites students and teachers go to to get "information" #edtechchat
A4 I'm like everyone else....really don't know. Personally I have some good Identity Theft Insurance (not Lifelock) Too bad nothing for schools like that. #edtechchat
A4: Ts and Ss need knowledge to proactively ID threats. We are a @GoogleForEdu shop and are working to get all our teachers using Backup and Sync for their home folders so they are backed up to the cloud. Chromebooks are already synced! #edtechchat
A4: We need to make sure we teach good backup practices, as well as turning on notifications for when accounts get logged in from new devices. We must be diligent. You know where your wallet is at all times, why shouldn't you monitor your online accounts #edtechchat
http is an unencrypted website. All traffic goes over the web and can be stolen by anyone. https is encrypted. Much harder to monitor and break for information #edtechchat
A4 My web site, https://t.co/3YuIqWwWXm, was hacked through an application server vulnerability. I nuked it completely, reinstalled the OS and restored content from backup. #EdTechChat
A4: Not really an answer but.. Our district found out the hard way about backing up and being weary of sketchy sites/links. Got hit with ransomware last year. Wiped everything. Things were a mess for months. #edtechchat
hacked how? actual login account password cracking - or students leaving email logged in on a browser and going to a malicious site that scrapes the data? #edtechchat
@ajpodchaski A4: Advice I’ve received is to have your files and documents in different places such as on your desktop, on google docs, and on a flash drive. #edtechchat#CCED336
A5 When helping Ts choose things I make sure anything that requires a login is a https site. Always looking at Privacy and Data usage policy #edtechchat
A5: Our state just purchased a portal service modeled after Cambridge, Mass' one that makes third party Apps vendors, Internet Subscriptions, and databases sign off on Ss data privacy standards before we all agree to use them. #edtechchat
A5 I'm not a decision maker, but I watch for apps that request too many permissions to work with a Microsoft or Google login. Why do you need to be able to do all that in my account?especially when I'm NOT USING your app? #edtechchat
A5: If its a vendor we use the Mass Privacy Alliance Std Contract. If its a Google Extension, we look at what information is required and what level of access it needs into peoples accounts. We work to vet requested apps for Ts upon request before rolling them out. #edtechchat
A5: We have an approved sites list that we use and a process for requesting a new site before we can use a website that requires log in identification. #edtechchat
If you are a teacher, you are a decision maker! Software for the classroom is marketed toward you! Help us make a stand for secure software and privacy! #edtechchat
Well we will be requiring it for staff accounts by the end of the school year and will be providing instructions to HS Ss this year to see if we can't get most of them done. #edtechchat
In reply to
@AlexVKluge, @ajpodchaski, @HarkeyJill
My district has a committee that meets every 2-4 weeks to approve app requests. Ts fill out a google form indicating rationale and alternatives. #edtechchat
I think it will go over well once the district has been compromised. I know a few districts that have rolled MFA out, but it was all AFTER the door was left open. #edtechchat
In reply to
@AlexVKluge, @the_IT_factor, @ajpodchaski, @HarkeyJill
For those in tech leadership positions, check with your state office of homeland security for their cyber task force and get on their email list. It is eye opening! #edtechchat
A6: We use CloudLock to protect and monitor our Google Domain. Love this insight. Google has also become much better at flagging suspicious emails and spoofed messages. You can also vet through researching when needed. #edtechchat
CoSN is a great resource. @knowbe4 has a great email newsletter that sends stuff about the latest breaches and such. Don't have to be a customer to get that. #edtechchat
A6 #edtechchat Another good site for reference, and help is https://t.co/MyndSC5FIK Get on their mailing list. We thought we got hacked last year, and they were great in helping us determine it was one of our vendors.
A6 part 2 IT Leadership look into joining the #MSISAC group. Great bit of information and they can scan your ports and check to see if your IPs end up on hacker lists. #edtechchat
