policy

You are currently browsing articles tagged policy.

Security Matrix: WordPressMU

August 16, 2008 in Blogging, Policies, Technology, wordpress | 3 comments

In my previous post about Web publishing security, I proposed the following security matrix:

While this is an oversimplification of the options, I think it gives a framework for making decisions on what web publishing software to deploy, when to deploy it as well as how. As an illustration of how this framework can be used and the potential complexity, we will examine the popular multiple blog platform WordPress MU. Another reason is that we have deployed WPMU in the past and there has been some debate about how it should be used if it should be used at all.

Out of the box, WPMU has two options for access to content: Open to the world and open, but blocking search engines and archivers. It has four options for moderation: Unmoderated, Posts only moderated, comments only moderated, and both posts and comments moderated. With WPMU, then, our matrix looks like this:

As one can see, there are already eight potential options in terms of access to publishing and content. While all the content can be accessed by anyone in the world through both choices, blocking search engines and archivers would significantly reduce access unless one has a link, or goes to the site directly.

WPMU has a plugin that I discussed in an earlier post called More Security Options. This plugin offers three more content access options: Community members (all users with accounts on the WPMU installation), Blog (People who are at least subscribers of an individual blog), and Administrators (only the administrators of an individual blog). The security matrix with this plugin appears:

There are now 20 options in terms of publishing and content access! Arguable, there are even more. For example one could choose to allow unmoderated comments, but restrict comments to logged in members of a blog. Clearly there is enough flexibility in WPMU to accommodate a wide range of Web Publishing Policies.

It is up to school tech committees to consider the ramifications of all of these options in terms of security, audience, and ownership and weigh the pros and cons of each before committing to a particular configuration. Teachers can then decide within the constraints of the school web publishing policy which option best suits their class. Publishing student content to the web is not simply as choice of yes or no. There are several shades of gray. These are not the only considerations and options for deploying this software. For further discussion, refer to my other posts about WPMU for more information on managing and securing the software.

Tags: , , , ,

Posh admin controls appropriate for K12 use

August 11, 2008 in open source, Social Networking, Technology | No comments

Out of the box, the open source portal Posh has administrative controls that make it appropriate for use in a K-12 school setting. An administrator can set the portal so that one must be logged in to view content. In addition, it may be set up so that any feeds must be moderated. By default, visitors cannot register an account. An administrator must create any accounts.

To force a log in to view content, and administrator needs to go to the configuration tab, then select “General Settings.” Simply check the option Portaneo starts with: login screen as indicated below:

Click to enlarge

Click to enlarge

Also of note on this page is the ability to use pseudonyms as opposed to email addresses. This is handy for teachers with students without email addresses.

By default, users can subscribe to any feed that they want. This may not be acceptable for a school setting. This is also easily changed. Again click the Configuration tab when logged in as an admin, then select “Personalize the users’ interface menus.” Simply uncheck “Users can add RSS feeds in their pages” and all feeds that students want to add must be submitted a widget and as such subject to administrative approval.

Click to enlarge

Click to enlarge

As you can see, Posh is simple to secure for use in the K12 school setting. On another note, Posh 2.0 is due to be released this month. I look forward to further refinements to the user interface as well as new features. This tool is definitely appropriate for school use.

Tags: , , , ,

Web 2.0 Student Safety

August 10, 2008 in Policies, Technology | No comments

I’ve been wracking my brains trying to formulate a comprehensive web policy for my PK-12 school. There are boiler-plates out there, but most don’t get into the subtlety and nuance of various new technologies. In my previous post It’s got to play in Peoria, I discussed some rationale for integrating Web 2.0 into our instruction. I also outlined some strategies for enhancing student safety: moderation and keeping access to published material limited.

The options I mention can be best displayed on this grid:

Moderated and unmoderated refer to control over publication of content. In a moderated environment, a student may submit something for publication that must be approved by an adult in terms of policy, appropriateness, and content, before it is actually published. Unmoderated means that the student can publish without approval.

Moderation has impact other than security, it affects the ownership that the creator has over the content.

When content is moderated, the user must wait for someone else has viewed and approved what they have done. This can delay the display of the materials resulting in less user satisfaction and reduces spontaneity. Students feel less ownership and empowerment.

Public and private represent an oversimplification of access to the content. At one end of the spectrum what is published is available to the world at large, including search engines and archives. On the other end, whatever is published can only be viewed by the creator.

The choices have consequences beyond security. They also impact the creator’s sense of audience.

Audience is an important motivation to create. It also makes the creator more mindful of quality. A volunteer working after school with a student told me how he wanted to show off his blog and how much more motivated he was to do a writing assignment because of it. Another very poor writer found her voice and the skills fell into place. Others just wrote more. A wider audience also increases opportunity for collaboration.  Private access, while safer, limits the audience and conteracts the benefits.

If access is further controlled by putting the data on an intranet rather than the Internet it is even safer. It may, depending upon how it is configured limits the students’ access to the content to the school setting making it unavailable from home and other places outside school.

These are a few parameters in web publishing policy that one might consider for student web publishing, as well as their consequences. Again, as we will see in future posts, these matrices represent gross over simplifications and that these dichotomies are more realistically represented with shades of gray.

Tags: , , ,

It’s got to play in Peoria

July 22, 2008 in Policies, Technology | 3 comments

If you are reading this, you are probably already aware of and excited by the possibilities of Web 2.0 in education. You are probably already sold. But what about the people in our K-12 community: other teachers, administrators, parents, tech committees, and school boards? Mention social networking on the Internet, and they think of is the latest scandalous material that any one of out local teens has posted on MySpace. Blogs are places where people post outrageous materials followed by flame wars in the comments.

Web 2.0 enthusiasts in K-12 settings are often faced with a tough sell. Community members are rightfully concerned about safety and security. Like it or not, we must address these fears and understand that what we do must be in accordance to what is acceptable in the community–like it or not.

First, we need to let them know why this important and valuable. Whether they like it or not, Web 2.0 will be, if it isn’t already part of the children’s lives. My fifth grade student told me that her older sister set up a MySpace page for her. I know her sister, and I’ve heard about her antics on MySpace: very inappropriate, if not dangerous materials and cyberbullying. I guarantee that my fifth grader was not told about safety, privacy, and what is appropriate to post online.

That’s our job. When I was in school, we actually had lessons on safety and etiquette on the telephone. We talk about fire and bicycle safety as a matter of state mandate. It is more dangerous to ignore and avoid Web 2.0 than it is to teach about it and apply it in a safe educational manner.

Furthermore, higher education and many employers expect a certain level of expertise among our students. A few months ago, a recent graduate told me her professor told them to make a webpage as part of the course. When the students protested that they didn’t know how, he told them to find out. More courses are on-line or have on-line components. Students need to know how to blog, collaborate on a wiki, and participate on a discussion forum. It goes without saying that any technological knowledge opens doors to employment opportunities.

One approach I have used to help reassure stakeholders regarding student safety is the use of moderation. In our school website and student blogs, nothing appears on the wide open Internet until it is approved and published by a responsible adult. The litmus test for any web application used to publish to the Internet at large is that it must have a moderation mechanism allowing somebody to act as a gatekeeper. What is allowed to be published must meet the standards of the school community. I’ll talk about that more in a future blog post.

Another approach is a “walled garden” in which access to any materials is password protected. Students may publish freely within this closed community, but are held to account by adults overseeing the site. Students must know the rules and expectations. Adults need to be vigilant, intervene, and remediate when something unacceptable is posted. Students might do something wrong, but education and discussion will minimize such occurrences. One advantage to using a web application for this is that there is greater accountability. You can tell who posted what and when, rather than a “he said, she said” scenario common to physical schools.

For greatest safety, one can combine the moderation with a walled community. Nothing is posted without approval, and that which is posted is has an audience limited to the class or some other appropriate limited audience.

These measures often require you to host and configure software in your own district. Odds are you will not find free hosted solutions that meet these requirements (not to mention the privacy concerns of handing student information off to third parties).

These restrictions may fly in the face of the wide open nature of new Internet, but compromise is sometimes necessary if it is going to play in your school community.

Tags: , , , , ,

Newer entries »