Online Security

by

With the holidays fast approaching, a rise in phishing attacks is traditionally seen as well. Phishing attacks can be frustrating to deal with. The best defense is to not fall for them in the first place. Unfortunately, we are seeing phishing attacks because “better” (i.e. harder to detect) and more polished.

What Phishing Does

Phishing is an attempt to do one of two things

  1. Tricking users into revealing their credentials.
  2. Getting users to install malware.

Credentials

Quite frankly, your credentials are very valuable. For many of our users, district credentials lead to student information, lots of valuable district information and more. Plus, many users “reuse” passwords. So, learning a user name and password on one site can lead to the ability to log into other sites.

Protecting Against Phishing

We employ several strategies to prevent phishing attempts from ever reaching our users. However, even the best of all of these combined will not be perfect. Occasionally, phishing attempts will land in your inbox.

Tips to Identify Phishing Attempts

  • Be suspicious of “odd” grammar and punctuation
  • Be suspicious of “odd” wording
  • You probably didn’t “win” a gift card (especially if you never entered a contest)
  • Be wise about contests
  • Be aware of “urgent” deadlines
  • Watch out for shortened URL’s
  • Look at where the link is actually taking you
  • Carefully review the actual URL of the site that you are on

Spear Phishing

Spear phishing is targeted at specific individuals. Unlike phishing (which usually blankets a wide variety of users), spear phishing aims to trick high profile targets into giving up their credentials.

Preventing Becoming a Victim

It is important to prevent becoming a victim.

  • Use the Tips to Identify above.
  • Turn on 2-Step or 2-Factor Authentication.
  • Use a Password Manager.
  • Be suspicious (especially when on a mobile device).
  • Instead of clicking on a link, enter the URL of a website that you want to visit (or use a known bookmark)

RESA Smart Web

by

RESA has updated the link to SMART web (this is where you can see your paycheck). This may cause some frustration for users if you are using a bookmark.

The link from the Staff Page on Dearborn Public Schools website has been updated. Please use that link.

Agile Minds

by

We are aware that Agile Minds is currently experiencing some issues with the recent Chrome update. They are working on the issue.

Chromebook users should expand the viewer’s header and choose a page within the header rather than in the navigation bar. If taking a quiz, remember that you can use the left and right arrows to move from page to page.

Chromebooks: Keeping Them Up To Date

by
Screen shot showing "About Chrome OS" and "Check for updates" locations.

It is important to keep Chromebooks up to date. Many of our Chromebooks will automatically update every time that they are shut down and restarted. However, sometimes that doesn’t happen.

Out-of-date Chromebooks can cause the following problems:

  • WIDA Test won’t run
  • NWEA test won’t run
  • Security issues
  • instability

Fortunately, anyone (including students) can update Chromebooks.

  1. Sign-in to the Chromebook
  2. At the bottom right, select the time.
    Screen shot showing location of time panel to click.
  3. Select Settings .
    Screen shot showing Setting icon
  4. Select Menu   About Chrome OS.
    Screen shot showing "About Chrome OS" and "Check for updates" locations.
  5. Select Check for Updates.
  6. The result will be a message that the Chromebook is up to date OR the update will download. In the event of an available update, the Chromebook will need to be restarted. 

*Under “Google Chrome OS,” you’ll see which version of the Chrome operating system your Chromebook is using. Currently, Chromebooks need to be on at least version 74.

Security

by

One of the things that we take very seriously is security. The safety and security of our users and data are important. This responsibility is not just for the Technology Department but is the responsibility of every user. Some times, people do what is expedient, instead of what is safe. One example that we had this year was a teacher signing into a computer and then letting a substitute use that computer. Unfortunately, the substitute made some poor decisions. (Just a reminder to NEVER share your credentials with someone else or sign into a computer and let someone else use it. This can lead to many uncomfortable situations. It’s also against federal law).

Because we take security seriously, we frequently have to ask questions and seek clarification about accounts and access. Recently, I had someone ask why I cared, and what were the possibilities of a compromise (frequently called a “hack”, but hacking is more specific than a compromise) of our data.

The K-12 Cybersecurity Resource Center posted a map of Cyber Incidents:

Pins on a map showing K-12 cybersecurity reported issues.
K-12 Cyber Incident Map

*Note that these are only the reported compromises.

Compromises occur due to a wide range of conditions that include, but are not limited to:

  • a misconfiguration on a server
  • an employee giving out their credentials
  • a contractor who copies information
  • malware installed by a user
  • ransomware installed by a user
  • email phishing that was successful

These compromises happen to all different sizes of districts and background. While the districts vary greatly in terms of size, socio-economic status, funding and more, the impact is similar for all.

…the impact of publicly-reported K-12 cyber incidents is significant. During 2018, such incidents resulted in the theft of millions of tax payer dollars, stolen identities, tax fraud, altered school records, website and social media defacement, and the loss of access to school technology and IT systems for weeks or longer.

Recently, several other governmental agencies have been successfully compromised. The cost of recovering from those compromises can be expensive in terms of actual dollars, time to recover and lost data.

These are only a few of the city governments that have been compromised. There are a great many more agencies and businesses that have been compromised.

We anticipate attempts to compromise networks to continue to increase. Importantly, one of the most important defenses against compromise is every user. There are important steps that you can take:

  • NEVER share your passphrase with anyone
  • Do not reuse passwords on multiple sites
  • Be wise about making sure that you are not entering your user name and password on a scam site (you should be going to the site, not using a link)
  • Turn on 2-step authentication everywhere that you can
  • Report suspicious sites

Please bear this in mind the next time security questions come up. The Technology Department is being “mean” or “rude”, the stakes for online security are high.

Badges

by

Just a quick reminder that all badges expire as of June 30th. We are working on updating some of the courses, so Required Courses are currently unavailable.

We will let you know when the courses are once again available for completion.

Summer Updates

by

Summertime and the living is easy, but the work is hard. Some people think that we have the summer off. Summer is actually a very busy time for us. For example, we have the following projects scheduled for summer:
– Update the district web site
– Update iLearn
– Update iBlog
– Update OTRS
– Update Student Sites
– Update DEC
– Update Pin It
– Develop and implement internal Documentation system
– Develop training on Grackle Docs
– Review/Update all Required Courses (ADA,Bloodborne Pathogens,OCR,RBB, Title IX) with generating departments/groups
– Update Non-Instructional Evaluation Process
– Implement e911 on the new phone system
– Update individual school web sites
– Update departmental web sites
– Update RBB reporting
– Update School Specific Google Accounts
– Develop/Implement Workflow Approval Process

We’re actually working on even more. We’ll have more information to follow. Have a great summer!

Newslea

by

Newsela has been reaching out to me. Newsela is a service that provides leveled readings. A few years ago, they were all the rage. They provided free, leveled readings for students (they still do, but more about that in a minute).

Like many free services, Newsela has a free and paid version. The main point of the free version is to encourage users to move to the paid version (this is referred to as “customer acquisition”). Free works in some situations (FOSS for example), but it is important to understand why something is free. Open source is different than “customer acquisition”.

So, what’s changing in the free version of Newsela?

Beginning with the 2019-2020 school year, news content will remain available in our free version. Alignments to standards and Newsela-curated Text Sets will no longer be visible without a paid subscription.

The other 20+ standards-aligned content genres such as primary sources, reference texts, pro/con paired texts, historical documents and pre-curated Text Sets will require a subscription.

We do have a couple of schools that pay for the premium version of Newsela. We do want teachers to know about resources that are available, while being smart, informed consumers.

Security on Chromebooks

by

The web remains a fascinating place. It is exciting and ever-changing. Recently, due to security concerns, we had to make some changes to Chromebooks. Any Chromebooks that are used by students are now limited to the DPS network. That is, any and all student Chromebooks can only connect to the DPS wireless network. If those Chromebooks attempt to connect to any other network, the user will see a message that the administrator has disabled this network.

Staff Chromebooks are not limited to the DPS network. Staff Chromebooks will work on any network.

Copyright

by

A recent ruling reminds us all of the importance of following copyright. HISD (Houston ISD from Texas) was recently ordered to pay $9.2 million dollars ($9,200,000) due to copyright infringement. (Just think about what that $9.2 million dollars could be used for).

Example of the material posted that was ruled infringing.

The staff of the school took willing steps to ignore copyright. However, this is also a reminder that we must follow copyright. Generally, we don’t post material that we didn’t create or that we don’t know is licensed under Creative Commons.

This includes not only print, but audio and video as well.

Thus, it is important to remember that Dearborn Public Schools believes in following copyright.

 

Follow this blog

Get every new post delivered right to your inbox.