Filtering and monitoring have become hot topics for schools following the recent update to Keeping Children Safe in Education. The new guidance has highlighted (through support from the Safer Internet Centre) what makes educationally appropriate filtering and monitoring in the light of other legislation that is now affecting schools, such as the Counter Terrorism and Securities Act.
The aim of this is to explain the filtering offered by ICT4C through Smoothwall and to help clear up some misconceptions that are going around with regards to monitoring.
Any school using ICT4C’s filtering solution, whether done through onsite server facilities, or our cloud based Smoothwall solution, is secure and meets the requirements laid down with regards to Child Abuse images and Content (CAIC) list. This is managed by the Internet Watch Foundation (IWF) and is Integrated with the ‘Police Assessed List of Unlawful Terrorist Content which is produced on behalf of the Home Office’ and managed by the Counter Terrorism Internet Referral Unit (CTIRU). Both of these are highlighted in the guidance issued by the Safer Internet Centre (SIC) which are referenced in the September update of ‘Keeping Children Safe in Education’. So the filtering of content is a good as any solution can be.
Currently we are able to respond to any requests from the Police to a Regulation of Investigatory Powers Act (RIPA) based on an IP request to identify an individual user, this can be done by working with your on-site technical team. It is key to ensure that the technical support team for the school are able to match users against an IP address which may involve all users having a unique login. For younger pupils this may raise concerns but there are steps that can be taken such as a developmental approach to passwords, or teacher retained passwords. We would however advise the removal of class based accounts in order to avoid potential issues.
The new guidance has identified that an appropriate feature is to produce reports or log files of internet activity which the school can use for effective intervention. For schools who have an onsite filtering server, the ability to serve these report/log files is already in place as along a full Active Directory (AD) is in place and can be managed directly by the school. These reports are regularly updated as part of the schools’ contract with ICT4C/Smoothwall.
However, for our cloud based service users we recognise that this is not as easy, comprehensive and as prompt as we would like it be. So in response to this for our cloud based solution, we are currently implementing the technology to facilitate a new functionality known as ‘multi-tenant’. This will allow schools to produce the reports of individual user activity making this a much simpler process. This implementation is currently under way, and having confirmed the position with both Smoothwall and our Chief Technical Officer, this will be complete for all schools filtered through our cloud solution by April next year, with some schools able to service requests from October half term. This update is an integral part of our service and does not require a school to purchase any additional services or software to be able to comply with the new requirements, it is included in the cost of the service we provide to our schools.
This change will not affect the content filtering aspect of our service as we currently meet all those requirements described in the SIC Appropriate Filtering guidance, however it will provide the additional requirements explained in the Appropriate Monitoring document around internet monitoring and the ability to report against specific categories.
For the school to benefit from user name logging there may be a certain amount of work required by the technical support team who works with your school, including potential firewall changes at the school level. This information will be shared with the school by our technical team as soon as possible to enable the work to be implemented in a planned approach.
What should be highlighted from new guidance document is the increased expectation being laid down about school’s ability to monitor activity on its network and that of users on 3G and 4G devices. So let’s start with the first apect, that of school owned network provision. The guidance has been developed to give schools options around this rather than laying down one single approach. The approach adopted by a school should be rooted in the self-review it has undertaken around as part of the CTSA and its own Digital Safeguarding of both staff and students. Depending on the outcomes of this, the correct approach will be identified.
If the school identifies high risks around extreme behaviour, radicalisation, cyberbullying, youth produced sexual images (sexting), child sexual exploitation or other online issues then they may wish to consider a technological solution. Bear in mind that not all staff might be confident enough to identify these issues and language barriers also need to be considered.
If the school identifies a low risk of the above and staff are confident that they are able to monitor the activity going on through good staff awareness and classroom practice then a more human base approach may be adopted. Both of these options are highlighted in the SIC guidance and one is not seen as the preferred option. At the end of the day, the school knows its strengths and weaknesses and the issues affecting its young people and makes the choice based on that. The main point here is that is can justify it decision through thorough self-review. As mentioned at the beginning of this section, no one is dictating a preferred solution, it is down to the school to identify what it needs to keep both its children and staff safe as well as meeting any legal requirements.
The monitoring of mobile device traffic (3G/4G) highlighted in KCSIE is more of an issue as this requires a more technical approach. Again when considering if a school requires a technical solution, it should refer to its self-review. In many cases with younger pupils this will probably not be an issue as access to the appropriate technology will be limited and usage is more easily manage, however consideration may need to be given around adult users within the school. If a school identifies that this is something that they require, solutions are available that allow social media to be monitored and should you require more information on this please don’t hesitate to get in touch.
As an organisation, we are acutely aware of the regulations and expectations coming through both the Home Office and the Department for Education and as such we regularly engage with the IWF and SIC, attending meetings with both organisations as well CEOP and the National Educational Network Safeguarding group. Through this engagement we are able to keep our technology up to date as well as the keeping schools we support up to date with the latest information on Digital Safeguarding.
If you have any further questions, or would like more information about our filtering solution then please do not hesitate to get in touch on 0300 303 89 50 or email firstname.lastname@example.org