Student Internet Safety

by | Jun 25, 2018 | Blog, Protect, Safety & Security | 0 comments

Disclaimer: I’m tackling some of the questions we regularly get regarding online safety. I’ve purposely avoided getting too bogged down in technical detail. I’m also not addressing our core firewall and filtering service (there will be more to come on this at a later point). This article focuses more on some peripheral safety services. The aim here is to help schools (i.e. senior leaders, teachers) make informed decisions about student safety…

So what am I covering today?

  • Safesearch (Bing and Google)
  • Keyword filtering

Let’s start with an uncomfortable truth and accept that no technical solution can ever be 100% safe – if it says it is, it’s lying. Why? Because unlike technology, people aren’t binary – they’re complex – and they muddy the technical landscape by trying to work around the system.

Among other things, cheaper mobile data plans mean that students’ online activity can never be 100% safe – students can always access unsafe content via their mobile phone network data. That’s why we’re big advocates of combining smart technical solutions with strong digital citizenship practice. It’s worth noting that by digital citizenship I don’t mean a contract that’s signed by students and parents at the beginning of the year. In my experience leading eLearning in a large secondary school, digital citizenship is an ongoing conversation, not a tick box solution.

But I’m not actually here to talk about digital citizenship – Netsafe have you covered in that space (and they have some great resources). I’m also happy to have a chat, so feel free to get in touch if you want go deeper into this area..

My focus here is on the technical solutions that N4L provide schools and how they are (or can be) implemented to enhance safety. Technical interventions improve online safety dramatically. The extent of these improvements and how permissive/restrictive your school is will be driven by your school’s character, pedagogy and community beliefs. This means that the safety of your technical systems is something that requires input from your school’s senior leadership, educators and your community alike.

So, let’s get started…

SafeSearch

Solution:

SafeSearch (using Google or Bing) is a mode that filters out explicit search results like pornography from search results. When SafeSearch is turned on, search results will not return explicit  (as determined by Google/Bing) images, videos and webpages.

Considerations:

While Google and Bing’s SafeSearch offerings do their best to filter all explicit material, they (like all filtering services) are contending with an influx of new websites being created by the minute. These technical services do their best – they also rely on user feedback by encouraging people to flag content as inappropriate. As a result the service does a good job preventing the really offensive stuff hitting your screen.

Bear in mind that SafeSearch is also subjective – what’s explicit to me may not be explicit to you. It does block the obvious stuff (i.e. pornography), but a student searching ‘lingerie’ or ‘suntan’ may still see revealing/suggestive images – just not outright nudity.

It’s also a service for all internet users and not just a dedicated school service (although these do exist, e.g. Kiddle.co). That means there is no age restriction or variance of service; it’s either on or it’s off. In Bing’s case there is an additional option (they have a strict and moderate mode) but there isn’t granular control.

Action:

The good news is that our new threat protection service forces Safesearch on for all schools utilising this service. N4L’s threat protection automatically applies Google’s service and sets Bing browsing to ‘moderate’.

  1. Read more about Google SafeSearch and Bing SafeSearch over at our the N4L Support Hub.
  2. If you are using our threat protection service then SafeSearch is already configured on your network – you can enquire about threat protection here.


Keyword filtering

Some background: In an effort to increase the security of information accessed across the internet, the HTTPS protocol was adopted by Google in June 2015. The ‘S’ stands for ‘secure’ – and it is – as it refers to the process of encrypting or locking down web traffic ‘packets’ to avoid the data being tampered with. It’s a good thing for security – you want your banking details kept secure, right?


Image: Check for HTTPS in your search bar to know whether the website is using the secure protocol

The increase in security does, however, make it more difficult for web filtering services to inspect content passing through the internet. HTTPS ensures that content travels from one device to another in securely locked packages. Somewhat ironically, increasing web security by locking up traffic means that it is difficult to filter keyword search results; HTTPS data being locked prevents web filters from seeing keywords being searched.

The impact for schools is that they cannot guarantee students will not be exposed to inappropriate content; if filters can’t inspect traffic then it can’t allow/block search results with absolute certainty. The good news is that SafeSearch prevents access to extreme content. But what else can be done?

Solution:

Okay, hold on to your seat, I’m about to throw a number of acronyms your way… Secure Sockets Layer (SSL) Inspection, Deep Packet Inspection (DPI), N4L’s Secure Website Inspection (SWI). These are terms that technical people might throw at you when discussing the a web filtering tools’ ability to filter network traffic – and specifically relates to questions we receive about keyword filtering.

Don’t get bogged down in acronyms though; I’ve got your back.

Basically, these terms all refer to the process of giving devices on your network the necessary key to unlock HTTPS web traffic, review it against your filtering policy, and then determine whether the content should be delivered to the user. The process looks a little like this:


Image: How Secure Website Inspection works

In this context the ‘key’ used to open secure traffic comes in the form of a certificate that is installed onto the end user device (computer/laptop). Once installed onto a device, the key (certificate) works with our web filtering solution to unlock (decrypt) the traffic, scan, and relock (re-encrypt) before deciding whether to return the search results to the user.

Considerations:

The main consideration/limitation of Secure Website Inspection (or whatever acronym people decide to use) is that in order to be effective, every device requires the key to be installed. That likely means that someone needs to physically install a certificate to every device. This will be an onerous, manual process on each device unless you have a Mobile Device Management (MDM) solution. While we can give you the certificate at no charge, there will likely be a charge for IT support time to install certificates on each device. There is also the logistical issues associated with accessing all devices and updating any new devices that enter the network.

It’s also easier to do with school owned devices – school communities may respond differently to installing certificates on student owned machines.

Action:

Secure Website Inspection does more than allow the filtering of keyword searches – it also helps out with more granular filtering as well. You can read more about N4L’s SWI inspection here.

Work with your staff and community to determine whether SWI is right for your school. If you decide that it is, then we recommend:

  1. Contact your IT support to identify the support hours (and associated charges) required to deploy certificates to all devices.
  2. Call our Helpdesk to discuss the process for generating the certificate required on our web filtering platform – there is no N4L cost related to this process.

That’s it for now, keep an eye out for blogs tackling the topic of student internet safety and remember to keep safe out there.

0 Comments

Submit a Comment

Your email address will not be published. Required fields are marked *