-

 What is Acceptable Use of Technology?

An Acceptable Use of Technology Policy (AUP) is a document with guidelines that need to be followed and agreed to by anyone who uses a company's or school district’s technological device or internet. Every school district has an AUP that students and staff need to follow. AUPs exist to make sure users are not accessing inappropriate content, being exposed to cyber threats, or distracting themselves from their responsibilities at school or work. 

What is an acceptable use policy (AUP)? - Universal CPA Review

Image Source: UniversalCPA

Why are AUPs Important?

I wanted to extend my knowledge on AUPs and why they really matter, specifically in education. I read an article that discusses the importance of AUPs in schools and why they need them. Having an AUP in place is important but it is also important that the students understand what they are agreeing to. A lot of times students and parents sign things because they need to turn it in by a deadline, but do they know what they are signing off to? This kind of relates to the Terms of Service that people people agree to on social media. Do they know what they are agreeing to? Not really, they just agree to move on with the app.

The author of the article mentions a case study where a school district in Boston allowed their students to help create their AUP. The case study mentions that the district transformed from a failing district to one of the most recognized public school systems. Their previous AUP was not student-centered nor was it understandable to younger students. They solved this problem by condensing their AUP to 10 main points. They started each rule with "I am responsible for...". After creating their AUP with the high school students, they trained them to go into the elementary classrooms to deliver the new student-centered AUP. In my opinion, this was a really great way to get students more involved with their educational technological devices to better understand how to use them more appropriately. 

Phishing?

6 Common Phishing Attacks and How to Protect Against Them

                            Image source: The State of Security

Internet safety is one of the most important things to look out for when using the internet. It can be a very dangerous space for users who are not aware of the dangerous side of the internet. Phishing is sending fraudulent emails pretending to be someone else in order to access personal information, such as passwords and bank account information. Being able to teach students about phishing is very important before they start to use the internet. People think these types of emails may be real, however they are there to get you. There are six most common types of phishing: deceptive phishing, spear phishing, whaling, vishing, smishing, and pharming. While all these types of phishing are very common, we can protect ourselves from them. 

Deceptive Phishing: This is the most common type of phishing and fraudsters use this type to impersonate a legitimate company to steal important information from you. Ways you can prevent this is by looking out for generic salutations, grammar mistakes, and spelling errors.

Spear Phishing: This phishing is mostly used on social media and uses personalized information. To stay away from this type of phishing is to have security awareness training, limit sharing personal information, and invest in automated solutions to analyze emails.

Whaling: This type of phishing targets executives, is used to authorize fraudulent financial transfers and obtain W-2 information on employees. To prevent this is through executive training and setting up multi-factor authentication for financial transactions.

Vishing: This type of phishing targets people through the phone and mimics known people to steal sensitive data. To prevent this is to avoid all calls from unknown numbers and not to give personal information through the phone.

Smishing: These fraudsters contact people through text messages to steal sensitive data and funds. To prevent this is to research unknown numbers and not to respond to any text message that is unknown.

Pharming: This type of phishing is more difficult to identify. It poisons the domain name system and changes the website to something they create and can control. To prevent this type of phishing is to only use HTTPS protected sites, use an anti-virus software, and keep security updated. 

Having students and employees be aware of these types of phishing is something all districts should do training on. Earlier this year our technology specialist actually sent our a deceptive phishing email to all staff to see if anyone would respond to it....a lot of staff responded to that email! This shows that training on phishing needs to happen more often. 

AUP and My District

Acceptable Uses:

After learning more about AUPs, I read my District's AUP (pg.33). Below are the acceptable uses of the District's AUP:

  • All students and staff must use their technological device for educational purposes only
  • Students and staff may use their device for incidental personal use during non-work/school hours as long as they follow the AUP
  • Users are responsible for their device inside and outside of school/work hours
  • Students may only use district devices outside of school with parental or guardian supervision

Unacceptable Uses:

  • Using devices at times that will cause disruption to education
  • Causing security breaches or disruption to technology system
  • Accessing content that is not authorized by users
  • Using another person's password, user profile, or technology
There are many other unacceptable uses mentioned in the AUP for students and staff. There is also an internet filtering, safety, and security measure where the district implements technology protection to block the user's access to inappropriate content. 

Responsibilities and Consequences:

  • According to the District's AUP, employees supervising students are responsible for maintaining and monitoring websites students visit
  • The District can hold limits to any student or staff who breaks a rule on the AUP
  • Failing to follow the AUP may lead in consequences such as discipline, referral for civil and/or criminal prosecution, and any other consequence authorized by law
  • All users of the District's electronic resources must sign and return an acknowledgement form that they reviewed, understand, and agree to abide by the AUP
  • Anyone who does not return the form is not allowed to use the District's electronic resources
Reflection
Overall, I think my District's AUP does cover what is acceptable and not acceptable. However, I think using a more friendly language would make it easier for readers to understand. Just like the article I mention above about the AUP case study, I believe it would be more effective if this AUP was created by students and staff together rather than just by administration. Lots of students do not completely understand the responsibilities and expectations of their electronic devices. If they helped create the rules it would help them enforce it better. A couple things I found interesting and think should be changed is that staff is allowed to post student photos online without parent/guardian permission. However, they may not have their names online. I think having student photos and names online are equally important in getting permission from parents/guardians before having their child on the internet. Lastly, in the AUP it says "the District is not responsible for unacceptable use of District-issued technology by students at any time, including outside of school". I believe the District should be responsible for any technological activity happening inside and outside of school because they are the ones providing the device. This will hold people accountable for cyber bullying, hacking, or any other unacceptable actions on the District's device. 


Comments

  1. NMZumpanoApril 8, 2022 at 11:08 AM

    Great analogy about how signing off on an AUP without reading it is no different than just clicking "agree" to a TOS agreement. I also think you are spot on when you say students should be involved in the discussion about what is acceptable use or not with technology. Often, they will be harder with penalties than we are!

    ReplyDelete
  2. KatieApril 9, 2022 at 6:50 AM

    Diana,
    You did a great job sharing about what acceptable use policies are and why they are important in our schools. I too think that parents should understand what they read and sign. So often they get stacks of papers at the beginning of the school year and don't know what they are signing. Creating AUPs that have understandable language and look less overwhelming can improve the parents understanding of appropriate and inappropriate usage of technology with district devices.

    ReplyDelete
  3. Joe Waski's DU Masters Program BlogApril 10, 2022 at 1:09 PM

    Hi Diana,

    Great post! Your explanation of AUPs and reason of their importance was very detailed and excellent. I learned even more about AUPs after reading your post. I also read about Phishing for this weeks activities, your explanation of that was spot on as well. I was really intrigued that some people fall for Phishing scams that seem so detectable. When I browse through social media I often find posts that ask a bunch of questions and try to get personal information out of people. I see so many people fall for it and hand out their information. A lot of questions asked are the ones that are security questions for when you have to reset passwords on personal accounts. Thank you for sharing, I learned even more about Phishing from your post.

    ReplyDelete

Post a Comment

Popular posts from this blog

-
Image
  Digital and Media Literacy Social media is a large part of our lives now more than ever. We learn so many new things through media whether its true or not. But, knowing how to use this media and how to interpret it is very important and important for our students to learn as well. I read an article this week by John Robinson that focuses on how Renee Hobbs' 5 competencies can help teachers teach media literacy in their classrooms and how it can support academic achievement as well. The 5 competencies are: access, analyze, create, reflect, and act.  Image Source: Media Literacy & Online Learning 5 Competencies of Media Literacy Access According to Hobbs, access is the first step in. media literacy which involves finding relevant information using media and technology tools. This is a great thing to teach students when doing research. They need to be able to have access to content they are learning or researching about through media and using tech...
Read more
-
Image
Learning With Social Media As a teacher on social media, I would not consider myself very involved with other educators. After reading a poster with the seven degrees of connectedness , I would say I am at stage 1: Lurker. I would like to be more involved on social media, but I typically am reading through what other teachers have to share and learn new ideas and activities I can use ion my own classroom. I would like to be more involved in professional learning networks (PLNs) not only for myself to learn and engage in new things but for other educators who may need extra support.  Social Benefits I have recently learned from  Torrey Trust, an Assistant Professor at the University of Massachusetts Amherst, that PLNs  support  educators in four different ways: social, effective, cognitive, and identity . Effective and  cognitive  supports are most  relevant  to me. I am always finding myself reflecting on my own teaching styles...
Read more
-
Image
                                                   What is CIPA & COPPA? Children's Internet Protection Act (CIPA) is a big federal law that protects children. The main concern that  CIPA is protecting children from is access to harmful parts of the internet. This law requires all K-12 schools to use web filters to protect their students. For schools to receive an E-rate discount they must show proof that they are using a safety policy which include blocking or filtering harmful online content. Not only must they show proof, but they also need to hold public meetings to show they are using it. Lastly, schools need to also educate their students how to use the internets in a safe way, including knowledge on cyberbullying, chat rooms, and social networking.                     ...
Read more