There have been quite a few Ofsted inspections in the northwest recently and it seems that safeguarding children and e-safety was very high on the agenda. Given recent events in Haringey and the announcement that 1/3 of serious case reviews were unsatisfactory, it's not surprising that their interest has been raised.
I have long held the opinion that far too many schools don't take e-safety seriously and simply back off the responsibility of internet filtering and monitoring their web connection to the local authority. I believe that simply teaching e-safety is only part of the solution to developing a real e-safety culture in school - hence the title of this blog post. I'm guessing that in 90%+ of primary schools the senior management has no idea for what purpose their web connection is being used from day to day. I don't believe that this is a tenable position for any school to take if they claim to put e-safety and safeguarding children at the core of their use of ICT. What systems are in place to detect cyber-bullying? How do you know anyone has attempted to access inappropriate material, even if it was blocked?
I have just updated an audit I wrote a while back that covers how your school manages its internet connection. Click here to view the audit. It's only any use if you answer it honestly.
Managing and Monitoring, where to start?
Without detailed technical knowledge on how the internet works, it can be quite daunting trying to find a way forward towards a situation where you feel confident that you know what is happening on your school network and developing a robust e-safety environment. In fact, it's surprisingly straightforward with a little bit of planning and investment.
Step 1: All children and staff should have secure individual accounts and passwords.
Without this fundamental step there can be no real accountability for the use of the internet in school. This may well mean getting your IT provider to do some fairly extensive network restructuring, but once done you won't look back. Frequently infants and early years teachers worry that their children won't be able to manage logging in. My experience tells me that this is not the case: use a standard password for early years and year 1 and introduce individual passwords in year 2. If necessary use laminated cards for little ones to copy user names from.
Step 2: Adopt a robust acceptable use policy.
Here's an acceptable use policy I developed with St James' primary school in Gorton, click to view. Feel free to copy and adapt. It's absolutely essential that you have regular INSET sessions on AUP and e-safety to keep up to date. I find this excellent guidance document from Kent County Council can be used to stimulate a staff meeting effectively. For more discussion on the issues surrounding developing an AUP read this blog post and the associated comments.
Step 3: Find out how to monitor your web connection.
Most schools have a cache server that manages the web connection for the school. In most cases these boxes contain software that will produce reports on the web traffic. Find out from your IT provider or web provider how this box works: how to block/unblock websites; how to produce monitoring reports; how to suspend/reinstate web access. Often, it's the work of moments to do these jobs, it's just a case of getting the training. Get more than one person trained on how to do this and share the responsibility.
I would also seriously consider a network scanning system such as those supplied by Securus or Forensic Software. These systems take network monitoring way beyond the levels than what you can manage with a cache box, so much so, that I am constantly amazed that more schools don't implement them. While I was ICT co-ordinator at Crumpsall Lane, one of the biggest primary schools in Manchester, I relied upon one of these systems to scan our network, and I can say that if I were ever to go back to being an ICT co-ordinator again I would insist upon such a system being in place (disclosure: I am not, nor ever have been on commission or received work from either of the above companies, and I'm sure there are others in the market place). For more on Crumpsall lane's monitoring system, read my comment at the bottom of this post on Ewan McIntosh's blog. I'm pleased to note that some local authorities are now investing in these systems for all their schools.
So far, I have only talked about policies and systems, and there is a simple reason for this: its' a core belief of mine that without setting up the right environment, any education and teaching you undertake is at serious risk of being undermined by the actions of individuals in school (and I will include staff in that term). Once you've got the environment right, discussion of e-safety takes on a real and practical dimension that simply wasn't there before. Children and staff become aware that there are real responsibilities and accountability attached to the use of the school's IT systems, with real consequences for abuse. Ultimately however, whatever systems and monitoring you have in your school e-safety is about teaching children to take responsibility for their use of the internet and how to make safe choices. Having a secure environment won't stop some attempting to take advantage, but when they do you will have a much better chance of nipping it in the bud and dealing with the issue constructively.