Circumventing Firewalls, Networks is Discipline Issue, Not Tech issue
Those of us in educational technology have heard, or experienced first-hand, the stories of students using proxies and other methods to circumvent the firewalls and filters installed on school networks. You may have heard of corporations where employees have been doing the same. Recent articles have popped up in which government officials have used various means to bypass security filtering measures. In every one of these cases, the issue is not how well or poorly the systems performed, but rather that of discipline.
Unfortunately, many school technology directors face angry administrators, teachers, students, and parents after a breach is discovered. Little Timmy used the internet grapevine to program a new proxy setting or to use a new so-called “anonymous website” in order to get around the school’s system of blocking and filtering certain content. The technology director is often blamed for providing loopholes or not buying the correct equipment to handle such situations.
Before we get too far, let me take a moment here to discuss CIPA, the Child Internet Protection Act. It is in place primarily as part of a nationwide connectivity discount/reimbursement program called “E-Rate.” The Act requires school districts and libraries to “certify that they have an Internet safety policy that includes technology protection measures. The protection measures must block or filter Internet access to pictures that are: (a) obscene; (b) child pornography; or (c) harmful to minors (for computers that are accessed by minors).” Interpretation of the Act has come to mean that a district makes a “best effort” attempt to block the aforementioned items. Schools cannot (and are not) responsible for blocking EVERY bit of badness online – no system can do that effectively. But, schools do make strong efforts to protect their students. That is not the issue.
The simple fact is that circumventing any network’s filters and firewalls could be a violation of internet usage policies. So, let’s start there. What is the local school district network policy (often called the “Acceptable Use Policy”)? What does the policy say about circumventing the school network? If the policy doesn’t say anything, it needs revision. In most cases, though, the policy is perfectly clear that using means to bypass school filters is a violation.
Why is it, then, that many districts (and companies, for that matter) seem to ignore the violation part and only attack the technology department? I have a couple thoughts on this. First, we are a reactive society. We react to the thing that has seemingly failed: the filter. “Why didn’t the filter block the proxy site in the first place!?” There are a myriad of technical reasons why filters can’t/won’t block proxies. I won’t bore you with those, but a common reason is that most filters cannot scan/block https (secure/encrypted) content and, of course, the proxies use that as their means of exploit. A quick online search will net folks with an endless supply of posts touting “XX ways to bypass your school’s filter” or “How to get around your workplace firewall.”
The actual crux of the issue, however, is not technological at all. The real issue is discipline. Why isn’t the STUDENT (employee, etc) being punished and held accountable for circumventing the network in the first place? Why isn’t the perpetrator the one being called to the carpet? That is the real issue – the real question to ask.
It is time for technology directors to stand up and turn those pointing fingers back in the correct direction: the person who violated the policy in the first place. In some cases, groups of students have been suspended for doing such things. When an employee or a student deliberately violates the network policy, it is no different than if that same person violated any other school/corporate policy. Those individuals need to be dealt with in a manner that communicates the seriousness of their violation. If anything, exposing students to content that may be deemed harmful puts the district at risk for litigation because of the student’s action to circumvent the filter.
I can hear the cries of the masses now screaming, “open web, free speech!” I agree to a point. That point stops at minors in an educational environment, especially in a public education environment. I agree to the point that employees who are attempting to circumvent the company network aren’t doing company business. If the site in question is for company/school business, then there should be protocols in place that allow those sites to be opened up, even if temporarily.
In the end, though, the fact that someone intentionally bypasses the local network in order to access resources specifically blocked by the local network means that person has violated the network usage policy and should be dealt with accordingly. Students may be suspended or expelled. Employees may be put on probation or fired outright. These are disciplinary measures. The function and/or shortcomings of the technology have nothing to do with it.
https://www.fcc.gov/guides/childrens-internet-protection-act http://www.wikihow.com/Bypass-a-Firewall-or-Internet-Filter http://www.pcworld.com/article/2106647/bypassing-content-filters-how-to-see-the-web-they-dont-want-you-to-see.html http://thejournal.com/articles/2012/01/18/mass-suspension-at-pittsburgh-school-for-bypassing-filter.aspx https://www.staysafe.org/teens/