Thanks to a new group of tools, IT leaders are keeping their schools plugged in while keeping up with the hackers.
Want to quickly sum up the state of Internet filtering in schools? Then go to Google and type in 8e6, the name of an Internet filtering company used by many districts across the country.
In less than a second, you’ll get half a million results, but the top few prove the point. The first is for the company’s Web site, as you would expect, but not far below it will be a link titled “How to Bypass 8e6/Disable 8e6/Hack 8e6.” The one thing you can count on about Internet security is that it’s a quickly moving target. If the problems you faced at the end of the school year are the same as those confronting you in September, consider yourself lucky or uninformed.
Don’t think so? Here are just a few examples of the havoc that hackers cause every year. This mischief is costing school
districts big in terms of time, money, and headaches.
* A 15-year-old student in the Downington Area (PA) School District was accused of hacking into his school’s network earlier this year and stealing the names, addresses, and Social Security numbers of more than 50,000 people.
* A student at Milton Academy in Massachusetts was expelled in November 2007 and three other students were suspended for breaching the security of the private school’s computer system to change grades and attendance records, as well as accessing an exam.
* Students in Jefferson County, Kentucky, tried to break into their school’s network late last year by installing keystroke software on a teacher’s computer to capture her password. The students had hoped to change grades, eliminate past absences, and locate upcoming tests, officials say.
* This past June, a pair of students at Tesoro High School in Las Flores, California, were charged with installing spyware on school computers, altering the grades of more than a dozen students, and stealing tests, among other crimes. One of the students has been charged with 69 felonies and could face up to 38 years in prison.
* In 2005, two high school seniors at Jackson High School in Massillon, Ohio, were sentenced to house arrest and community service for hacking into the district’s system to change grades, copy files, and access teachers’ Social Security numbers and other private information. The district estimates that it could cost as much as $500,000 to repair the breaches and put new safeguards in place.
According to a 2007 survey by CDW-G, an education tech provider, nine percent of school districts reported at least one security breach in their computer network in the past year. With the right planning, though, school districts can create one constant that makes all the other instability much easier to deal with: the ability to track each student (and teacher) step by step online. This kind of software help is making it easier for district IT administrators not only to head off many problems, but also to be alerted when new ones crop up.
Even with this puzzle solved, however, school administrators face a bewildering range of other possible problems: how to control Web 2.0 tools without crimping the educational benefit they offer, how to discipline students who break the rules, how to handle smartphones and other burgeoning new devices that exist outside the school’s purview.
Students Seeking Proof
a student sits in school after hours working on a project. School officials notice that while he’s working, he’s also sending instant messages to several of his friends. While that’s not unusual, it is strictly forbidden by the school’s acceptable-use policy.
School officials approach the student and tell him they know what he is doing and that he has to stop. His response? “You can’t prove it.” Unfortunately for the anonymous student, he was in the Saranac Central (NY) School District. Jamie Steenberge, the district’s senior network and systems technician, simply went back to his firewall and Web content filter, School Guardian, and proved—IM by IM—exactly whom the student was sending messages to and what he was typing.
The student immediately agreed to stop, but the bigger win was how rapidly the news reverberated around the school. “They know everywhere you’ve been,” the student told his friends, providing word of mouth that meant more than all the pages of the district’s acceptable-use policy.
This example encapsulates what many IT directors face each day: students pushing the system, often just to prove they can or to use tools they regularly access at home, and administrators seeking the latest tools to keep track of them.
Stan Trevena, director of information and technology services at Modesto City (CA) Schools, thought he had put in a thorough filtering system with 8e6. But when his district faced a bigger challenge than schools usually see, he received confirmation.
“We had one case that was particularly messy involving classroom access by a teacher involving students,” Trevena says. “As we worked through collecting evidence for the case, our law firm told us that they had not worked with anyone before in public or private that had the ability to reconstruct Internet access and drill through the log data as quickly and easily as we could using our filtering and reporting appliances.”
Still, Trevena says, the human factor is key. “Other users are usually the ones to bring violations of our Internet policy to our attention,” he says. Using a suspect’s user name, he and his staff are able to go back and retrace that specific user’s travels through the Internet gateway. They are able to look at the categories, pages, and even the graphics that the person in question has viewed minute to minute (including each button pushed). “This is a very powerful tool that allows our team to reconstruct access to either prove or disprove accusations made against a user,” he says.
the first step in this intricate dance is for students to attempt to bypass the school’s Internet filter. The best software solutions stay on top of the latest trends, but the nature of the battle means that filtering software may always be a step behind some of the tricks that students try.
“They do try anonymous proxies and occasionally they will find a hole,” says Bill McGuirk, the director of technology at Eaglebrook School, a boarding school for grades six through nine located in Deerfield, Massachusetts. “But usually they trip off so many alarms, I can find out.” He uses Astaro’s Unified Threat Management for his school’s Internet security needs.
Anonymous proxy servers are the routing communications between each individual computer and the Internet. Using one allows the computer in question to surf any site, while the school’s network sees only the IP address specific to the proxy server.
Software programs such as 8e6, School Guardian, Unified Threat Management, and Towerwall regularly block these sites, but sometimes new sites are able to squeeze through before the filters can identify them.
Another common trick is for students to Google a term, say Playboy, and instead of visiting the magazine’s current Web page, they click on the highlighted term “cache” that exists for each search. This technique allows students to see a saved version of the site, often less than a week old, that may slip by some filters.
McGuirk says the most recent dodge he sniffed out came to his attention when students started visiting translation Web sites and staying on them for a long time. It turns out the students were able to visit other sites that would have been blocked by accessing them through common translation sites.
The end goal for many students is just to be able to access the social networks that are typically blocked. But some students have gone beyond this to create fake, and derogatory, teacher Web pages on these sites or to seek out multiplayer gaming sites. Finding pornography used to be a hacker’s main goal, many IT administrators say, but today social networking and gaming top the list.
And the threats can just as easily flow in the other direction, says Michelle Drolet, CEO of the Framingham, Massachusetts, company Towerwall. “There are 100 million interactive Web sites out there right now, and 50 to 60 percent of them are infected with some type of malware.”
Web 2.0 Debate
the new tools of the internet—blogs, wikis, YouTube, and social-networking sites—have shifted the Internet from a mostly passive recreation to one where students are constantly creating content.
Students are forming late-night study groups with wikis, learning the basics of autobiographical writing with blogs, and sharing video projects and movies with the world. But these same tools can be used to send bullying messages, waste time with idle chatter about the latest band, or trade violent movie clips.
So what’s an IT administrator to do? Lock down the network and prevent learning, or loosen the reins and hope that chaos doesn’t prevail? “You have to understand that there is no way to completely control these tools. You need to watch your students,” says Rachel Dombrowski, the director of technology at the Governor Mifflin (PA) School District.
But for her, the negatives of these tools are far outweighed by the benefits to students. “I call them screen-agers because everything they do is on the screen,” she says. “That’s how they communicate with each other. They can have three or four IMs up, and it’s actually a real study session. It’s hard for people to understand because physically some teens can’t walk and chew gum at the same time.”
At the boarding school, McGuirk faces even more concerns than a typical IT administrator because the rules for student access shift depending on the time of day. He limits after-hours Web access to the dorm common rooms, but allows students to access the social-networking sites they crave.
“The most important tool by far is education,” he says. Years ago, school officials debated blocking MySpace and Facebook but opted to explain their concerns to the students. “We said, ‘We’ve seen some of you posting things that we don’t think are appropriate.’ ” Officials told students what they thought was suitable and said if they followed these rules, access would remain. “The students were receptive,” McGuirk says.
Education vs. Discipline
all schools have disciplinary guidelines, and most will revoke a student’s Internet access for a set time if a minor violation is found. More serious transgressions can result in suspensions, but some IT directors admit that the presence of technology can muddle what used to be a straightforward process.
Dombrowski suggests that some Pennsylvania teachers are reluctant to discipline students found misbehaving with computers because they know encouraging the use of technology is an important initiative for the district. She asks them to remove the computer from the situation. “Let’s pretend the offense wasn’t on the computer, that students copied from an old National Geographic magazine,” she says. Then the proper decision becomes easier for teachers.
But even when students are trying pranks, the repercussions could be much greater than imagined. Steenberge says that his district gets its Internet access from an upstate New York regional resource center. When students in his district started altering entries on Wikipedia for fun, he acted quickly. “It was malicious,” he says, adding that the editing function was quickly switched off. Because Wikipedia does a good job policing itself, Steenberge says if the transgressions continued, his district, and the rest of the districts connected to this regional center, could have lost their connection to Wikipedia.
Cell Phones and Beyond
As multifaceted as these concerns
are, the picture shifts dramatically when administrators consider what increasing numbers of students with smartphones and flash drives could do to their network. Students are loading flash drives with prohibited programs, using phones to take pictures of other students or first-period tests, and more.
Here’s where the human element must enter the picture, Steenberge says. A student in one of his schools recently used a program to completely rearrange all the keys on a classroom computer, rendering it temporarily inoperable. A teacher’s simple monitoring could have prevented this, he adds.
His solution is a program called Deep Freeze by Faronics. This software is a sort of immunity shield for each computer because it can immediately erase any changes made to a computer, whether accidental or malicious. The software also allows the user to reset the computer back to its state at the last boot-up. “Reboot fixes 99 percent of our problems,” Steenberge says. “That word spread within the first two days of school starting.”
Towerwall’s Drolet suggests that schools perform an Internet health check a couple of times a year. This exercise can give administrators a snapshot of a few days of activity to find out where users are going and when they are logged on. This can alert IT to new threats, while making sure the old problems still continue to be solved.