SAFE USE
OF ELECTRONIC RESOURCES

Table of Contents
SPAM
E-MAIL Safety
VIRUSES
ADWARE/SPYWARE
PASSWORD Safety
Don't Be a Victim of Social Engineering
"Bandwidth Hogs"
Monitor Student Use
Internet safety resources
Policy and Acceptable Use

HOME COMPUTER ALERT: Much of the nationwide increase in spam is due to spybots on home computers with broadband. Use an anti-spyware tool and keep your anti-virus updated regularly.

SPAM Return to Table of Contents

What is it?
SPAM is unsolicited E-mail.It may be from advertisers, or it may be from illegitimate sources, such as people trying to con you.About 60% of all e-mail traffic nationwide is SPAM.

What we do to prevent it:
We filter SPAM, and prevent about 95% of it. We use a rule-based system that looks for things like multiple addressees, illegal addresses, and so on.We can make the rules stricter, but then there is an increasing likelihood that legitimate e-mail will be blocked.

What you can do to prevent it:

  • Don't enter your school e-mail address on web sites.

  • Never reply to a SPAM. It just lets them know you are a "live" address.

  • Do not post your e-mail address on a web page using @ or as a mailto: link.

  • See more information under E-mail safety.

E-MAIL Safety Return to Table of Contents

What is the problem:
E-mail is used for all sorts of illegitimate purposes.The following are some common ones:

  • "Spoofing"
    Spoofing is sending e-mail to persons with a fake From: address.

  • Viruses in attachments
    It is a common practice to send viruses in attachments, and try to get the person to open them using social engineering. Do not open attachments without verifying the source. Do not use Outlook or a similar Microsoft e-mail product on any district computers since it automatically opens attachments. Review the procedures below for e-mail attachment safety.

  • Social Engineering
    A common use of e-mail is to con or scam the reader."Phishing" is one example. See information on Social Engineering below.

What we do:
We use an antivirus filter on all e-mail coming in from outside addresses.It is updated frequently (hourly) for new virus signatures.

Practices you must use to protect our system:

  • Include a personal salutation and closing on every e-mail you send (e.g., Dear Fred, Hi Sam, etc.). E-mail spoofers cannot fake these types of personal headings.

  • Do not use personal e-mail accounts (aol, hotmail) on our computers.We have no way of preventing viruses attached to these accounts from getting through.

  • Do not forward "junk" messages to people on our system.This includes jokes, sales messages, political messages, etc.This practice gets readers in the habit of opening mail without careful verification.Also, if you forward a message it is the same as you actually writing it, so messages which can be construed as harassing can place you in legal jeopardy.

  • Do not open attachments blindly. Verify that the sender was the true source, if the attachment was unexpected.Do not open attachments from apparently official sources (e.g., support at Microsoft.com, tech support, undeliverable, etc.) since neither Microsoft nor we send these messages.If you are not sure of the source, call us before you open it. If you are sending attachments, describe the attachment in the e-mail and also include a personal salutation to the recipient."Hi" is not personal.

VIRUSES Return to Table of Contents

What are they?
There are three major categories:viruses, trojans, and worms.These are all generically described as viruses. Any of these may contain code which can do things like erase your hard drive, record and send out specific information such as passwords, or contact outside users to allow them to snoop on your computer.

Sources:
Most viruses come from one of two sources -- as an e-mail attachment, or as a download from a web site.Unscrupulous people regularly create and attempt to infect computers nationally with viruses. An infected machine may send out dozens of e-mail messages containing infection.

What we do:
We regularly update our anti-virus signatures, and connected computers will be updated when they are started up. We use an antivirus filter on our e-mail system, and regularly stop between 200 and 500 viruses daily.

What you should do:

  • Practice e-mail safety.

  • If a message appears on your computer at start-up asking for you to do a Microsoft update, please comply.

  • Do not download any software from a web site to district computers.If you feel you need a particular piece of software or a software update from the web, make a tech support request for it.

  • Be wary of for social engineering attempts.

  • Be wary of attachments on unsolicited e-mail, even if it appears to come from a legitimate source.
ADWARE/SPYWARE Return to Table of Contents

What is it:
"Adware" or "Spyware" is software surreptitiously installed on your computer. It can change your home page (web start-up page), induce pop-ups, record keystrokes and send information to outside computers. This is becoming a serious problem nationwide.

Sources:
Spyware can come from a site whenever a piece of software is downloaded. It can come through a web site as a pop-up request. Some unscrupulous web sites will install spyware if you just visit the site.

What we do:

  • We use a web site filter to block the most unscrupulous sites, e.g., porn sites.However, there are thousands of new sites created daily, so it is impossible to have 100% accuracy on these filters.

  • We use anti-spyware software to check and clean computers.

  • There is an anti-popup toolbar from Google is available for you to use on Internet Explorer.For information on look in the Software directory or call tech support.

What you must do to protect your computers:

  • Do not download anything from the web to district computers.

  • If a web site asks you to improve, update, enhance, or add functionality, Just Say No.

  • Do not visit promiscuous web sites (e.g., game sites).

  • Monitor student use of computers in your area.

  • If you suspect your computer is the victim of spyware, submit a tech support request for it to be cleaned.

PASSWORD Safety Return to Table of Contents

What is it:
Passwords are the key to security of your information. You may have two or more passwords to access district information:Network Password (used at first start-up of the system); E-mail password (used at first start-up of the e-mail system); WinSchool password (used for access to our student management system), Web Account password (used for those who create web pages on our web site).

What we do:
We require a password.However, your password is known only by you.

What you should do to protect your information:

  • Do not use a "dictionary" password. Password cracking software can decode normal word or name passwords in seconds.Use a mixed character password.

  • Watch for "shoulder surfing", or people watching you type in your password.

  • Do not have your password written down on a "post-it" or under the keyboard or anywhere outside of your possession.

  • Do not have the computer "remember" your password for you -- this just saves it on the computer where someone else can find it.

  • Log out of the computer, e-mail, or student management system when the computer will be out of your direct control for more than a minute.

  • Use different passwords for different access privileges.

  • Do not store any information on the C: drive of your computer.All privileged information (e.g., student information) must be stored only on secure network storage (e.g., H: drive).

Don't Be a Victim of Social Engineering Return to Table of Contents

What is it:
Social engineering is the tool of the con artist.It is an attempt to get you to do something you shouldn't.Many internet criminals consider it a challenge to write an e-mail which socially engineers you into doing something stupid.You should consider unsolicited e-mails the same way you consider unsolicited phone calls - do not give out any information.

Examples:

  • A message from tech support asking you for private information.

  • A message from a bank, credit card company, eBay, or other web service provider asking you to go to a web site and re-enter your personal information to update your account (aka Phishing)..

  • A message from Microsoft warning you about a virus and telling you to click on the attachment to fix it.

What we do:
There is little we can do about e-mails containing social engineering, besides using the SPAM filter.We do not ask for such information, and we do not send e-mails to you with addresses such as support at bsdvt.org or helpdesk at bsdvt.org.If you believe you have a message from us with instructions you must follow, call the help desk for confirmation first.

What you can do:

  • If a web site asks you to update your system to improve performance, or to download or "add" something just say no!

  • If an e-mail asks you for personal information, delete the e-mail.Do not reply (see SPAM).

  • Be suspicious when visiting web sites or when reading e-mail.

"Bandwidth Hogs" Return to Table of Contents

What is it:
"Bandwidth hogs" are internet programs which use up a lot of our internet pipeline.They are not necessary for school purposes, and they slow down or prevent access by legitimate educational users.We have over 1000 users who access the internet daily, and the majority of them are reasonable in their use.However, a study last year showed that 5% of the users accounted for over 25% of the bandwidth, which is more than their fair share. These users were evenly divided between students and adults.

What we do:
There is little we can do short of blocking certain sites or removing user access.We are getting more internet bandwidth every year as we can afford it, but it will never be enough without conservation by our internet users. 

What you can do:

  • Do not use internet radio.Get an old fashioned one.

  • Do not use high-bandwidth applications such as sites showing sports videos (e.g., ESPN).

  • Do not download applications or programs from internet sites.

  • Do not use stock-ticker sites or sites which update your screen picture automatically.

  • Do not use our bandwidth for your personal shopping purposes.Most on-line shopping sites download lots of pictures and other icons on every page.

  • If you feel you need to use one of these to meet your curricular objectives or its use is in line with the mission of the district, discuss its use with your principal.

Monitor Student Use Return to Table of Contents

The internet provides access to the entire world.This is not always a safe place for children.The Children's Internet Protection Act and School Board Policy require monitoring of student use of the internet.The following is an excerpt from the procedures for IJNC:

A teacher or educational employee must be present in any room where a student is accessing Electronic Resources.Computer monitors in student access areas must be placed so the screen is clearly and easily visible in the room.Teachers should actively monitor student activity when students are accessing Electronic Resources.Rooms with access to Electronic Resources must be secured when no teacher or educational employee is present.

Recent unfortunate events in the state have brought awareness of safe internet use by our students to the forefront. Many students use instant messaging or chat as a primary means of communication.However, this medium can also be used for bullying, pranks, or messages from adult predators posing as children.Although it is not allowed for student use in the district, students still find opportunities to use chat or instant messaging, whether in school, after school, or at home.

The Burlington Police Department offers information sessions to groups of parents and teachers interested in learning more about how to keep children safe in this new world.We are also studying the iSafe curriculum as a possible tool for our schools to use.As an educator, you may have insight into the behavior changes of your students which could indicate problems ahead.Please be sure you pay attention to what students are doing on computers to help us keep all our children safe.

Internet safety resources Return to Table of Contents

http://www.isafe.org/

http://www.norwich.edu/cyberethics/cyberethics.htm

http://www.staysafeonline.info/

 

Policy and Acceptable Use Return to Table of Contents

The Board of School Commissioners has adopted several policies that reference employee and student use of electronic resources. These and other policies can be read on the School Board Policy Page.

The following is an excerpt from the policy on acceptable use for employees:

The Electronic Resources are provided to District employees and students for educational purposes and in order to conduct official District business. Occasional, brief, and appropriate personal use that does not interfere with District business or employees' duties is permitted consistent with compliance with this policy.

A general concern is the definition of limited occasional, brief, and appropriate personal use.A good rule of thumb is to consider the same use on the telephone.An occasional phone call for a doctor's appointment or a flight reservation is very different from talking to a travel agent or shopping for an hour every day.Also, please consider the educational mission of the district - while you may have some time available to do some personal business, there are a large number of other students and teachers who need to use the network for educational purposes.