“Technology can become the “wings” that will allow the educational world to fly farther and faster than ever before—if we allow it.” ~ Jenny Arledge
Today’s K-12 students are all digital natives, accustomed to using technology as part of their daily lives. Teachers can and should encourage the use of technology while teaching students about internet security within the framework of their district’s Acceptable Use Policy (AUP).
Here at Alludo, we provide dynamic online learning environments for teacher professional development. Our Alludo K-12 CyberSmart Training program incorporates everything you need to understand online threats and how to mitigate risk, customized for your unique district's needs. With that in mind, here are six cybersecurity basics to include in your AUP.
What Are the Elements of Cybersecurity and How Does It Work?
Creating an Acceptable Use Policy requires an understanding of what cybersecurity is and how it works.
Elements of Cybersecurity
Cybersecurity is a broad term that refers to the art of protecting computers and other electronic devices from cyber attacks or damage. It consists of two primary elements:
Protecting data, devices, and networks from being accessed by unauthorized parties or used in unlawful or criminal ways.
Maintaining the confidentiality, availability, and integrity of sensitive data.
The concept of cybersecurity is simple but its execution can be extremely complex. It requires IT staff to do what they can to educate users about cyber threats and put protections in place to minimize vulnerabilities. It also requires users to understand and use best practices to minimize the risks of a data breach.
How Cybersecurity Works
Cybersecurity typically has a lot of moving parts which include responsibilities for the IT team and for every user in a network. IT responsibilities include the following:
Keeping software up to date
Installing and running antivirus software on the server and all workstations
Implementing multi-factor authentication
Installing a firewall and keeping it up to date
For individual users, which in a school district may include administrators, educators, office staff, and students, best practices may include these things:
Changing default usernames and passwords
Using strong passwords and updating them regularly
Running network security updates as soon as they become available
Not opening unexpected emails
Reporting unusual activity to IT
School districts get the best results and have the smallest chance of a breach when everybody understands their responsibilities and plays a role in keeping sensitive information and users safe.
What is a District Acceptable Use Policy?
Every school district must have an Acceptable Use Policy in place to protect the school and its data, as well as the privacy of students, teachers, and administrators. An AUP is a document that lays out the rights and privileges of using internet and digital technology within the school and on devices connected to the school computer network that may be used at home. It also lays out the responsibilities associated with such use and the penalties for violating the AUP.
Creating an AUP should be a process that is collaborative and consultative and involves school and district leaders, teachers, and even students should be involved with consideration of their ages and abilities.
The AUP for your district should accomplish these main things:
Address the acceptable, responsible, and safe use of the internet and other digital technologies.
Lay out the rights, privileges, responsibilities, and sanctions related to use of the internet on school-owned devices or any device connected to the school network.
Maintain the safety, security, accountability, reliability, and data integrity of the district network and its technology resources.
Promote best practices and the safe and responsible use of both the internet and digital technologies.
The purpose of an AUP is to provide the district’s educators, administrators, staff, students, and parents with information about the use of the internet and digital technologies, including both the benefits and the risks. It should also clearly identify the district and school strategy for promoting online safety while addressing cybersecurity threats and providing information on how to avoid them.
As you might imagine, an AUP is also designed to provide school districts and schools with protection from legal liability related to any issues arising from internet usage.
6 Cybersecurity Basics to Include in Your District Acceptable Use Policy
Here are six cybersecurity basics to include in your district’s Acceptable Use Policy.
#1: Online Use/Communication
Online use and communication is at the heart of cybersecurity, so it makes sense to include specific guidelines to help teachers, staff, and students communicate safely. Here are some specific things that should be included in this part of your AUP:
Searching, browsing, and downloading websites.
Online communication, including social media, email, forums, and messaging
Online gaming guidelines
Publishing a school website
Your AUP should make clear when and how users may communicate online. We suggest including things like social media and gaming since these are likely to be tempting for students and may require guidance to prevent problems.
Certain platforms have additional information security requirements and rules that must be followed. Your AUP should include information about the use of the following:
Digital learning platforms
Any site that captures and stores media
You’ll need to identify which platforms teachers, staff, and students are using most regularly and make sure to name them and lay out the rules for their use in your AUP.
#3: Internet Safety
Staying safe on the internet is important for people of all ages. Here are some topics you should be sure to include in this category:
Definition of inappropriate material
Harmful/illegal use of the internet
Where to find online safety advice and use guidelines
Use of email accounts
Use of equipment for commercial gains
Here again, it’s important to be specific about best practices and sanctions that will be imposed if a user ignores your AUP.
Cyberbullying is an issue in every school district to some extent, and your AUP should include a definition of cyberbullying, expectations about behavior, and sanctions for behavior that qualifies as cyberbullying. Here are some activities that should be included:
Social media, including sites such as Snapchat, Tik Tok, Instagram, Twitter, and Facebook
Instant messaging, DMs, and online chat
Text messaging and use of messaging apps
Use of online forums and chat rooms
Online gaming communities
While some of these items have already been mentioned, school districts have a responsibility to mention them as they relate to cyberbullying. Every state has anti-bullying laws and many have added cyberbullying language to protect students.
Some special issues to keep in mind include the persistence of cyberbullying due to students having access to the internet (and one another) 24 hours a day, the permanent damage that may be caused, and the difficulty of identifying students who are being bullied online.
#5: Net Citizenship
Every student should learn how to be a good net citizen. By this we mean learning proper behavior and understanding the power of the internet and how to use it responsibly. The net citizenship section of your AUP should include all of these things:
The rules of internet use
How to treat other users online
How to identify and avoid danger
Teaching students how to behave online is essential because as digital natives, they will spend a large amount of their time interacting with other people on digital platforms.
#6: Sunshine Laws
Sunshine Laws are part of the federal Freedom of Information Act and they spell out rules and guidelines for how schools may collect and store personal data.
Adherence to Sunshine Laws is something that every teacher and administrator should understand, as well as members of the school board.
Every school must maintain certain records and files and the public has the right to access them. These laws also spell out violations, including the use of email to decide on something related to school. To avoid issues, your AUP should include an explanation of rules related to digital communication and the use of such communications in school or district business.
At Alludo, we empower teachers and school districts by creating unique online learning environments that suit their needs. We have prioritized digital citizenship and safe internet use because we want students (and their sensitive data) to be safe.
The districts that partner with Alludo can choose to have teachers complete our K-12 Cybersecurity Training Awareness Program, a comprehensive platform for curating, publishing, managing, and measuring cybersecurity training efforts. With the right cybersecurity training, you can transform your district into one where all employees can do their part to keep your students, staff, and school safe and secure.
Are You Ready to Strengthen Your District Acceptable Use Policy with Alludo?
Your district’s Acceptable Use Policy is only as powerful as the information it contains. The 6 cybersecurity basics we’ve included here should be a part of every AUP and can help teachers understand cybersecurity risks and educate their students about good net citizenship, cyberbullying, and more.
Are you ready to improve your AUP to better protect students? Alludo Learning is here to help! Click here to start your free trial of Madagascar, our online learning platform, with our DigCit 101 mission, complete with 18 tracks, already installed.