Technology has a lot to offer learners and e-learning, for example, its: flexibility, availability and portability contributes to the personalisation of learning and supports learner engagement and achievement.
Managing IT infrastructure is a balancing act for many organisations. The need for fast, reliable and flexible services are required to support innovative practice but there is also an expectation that the infrastructure is secure and safe.
You will need to assess your current technology provision and recognise that whilst technology is ubiquitous, it should not be overpowering. The growth in mobile and smartphone technology clearly has repercussions relating to the networks that support them. Our detailed guide to mobile learning gives practical advice on adopting mobile learning across an institution.
You need to consider how best to manage the safety of students and staff when using the internet and other digital tool and technologies. Some important considerations include:
- How to protect the network from external threats
- Filtering and preventing access to inappropriate content and a process for unblocking sites needed in teaching – Janet is one of many solutions
- Ensuring the integrity and confidentiality of data
- Guidance across a range of digital platforms eg the internet, email, social networking
- Rules with regards to e-safety – what happens when technology is misused
- Linking e-safety with behaviour, welfare and anti-bullying policies
Google has a number of resources to help explore these threats in more depth.
Good governance is essential to the development of an organisation’s technology and infrastructure, ensuring that management is effective and that activities align to the overall strategic priorities.
It is the legal responsibility of the educational institution to ensure that there is an appropriate level of security in place to protect any personal data held. What is appropriate will depend on the nature of the personal data and the harm that may result from a security breach.
With this in mind, you need to ensure that:
- Someone in your institution is responsible for ensuring information security
- Security measures adequately reflect risk
- Staff receive appropriate training
- Computers storing student data are in a physically secured area
- Proper access management is in place and good practice encouraged so that sensitive data can not be accessed from leaving machines unlocked and only authorised persons can view or change student data
- Access to student data is logged so that unauthorised activity can be detected
- Any student data that is stored on portable devices, such as laptops or USB disks, is encrypted
- Hard disks are erased before disposal of computers
- Strong passwords are used to protect your security and identity
- Effective policies and procedures are in place
- You are able to respond to any security breach quickly and effectively
Google has guidance on how to create strong passwords and keep them secure.
In 2013 Universities UK released a report highlighting the growing challenge of cyber security and the steps universities need to take in order to protect themselves from cyber threats. This included protecting against targeting attempts to access digital information and research.
It also takes into account the need for openness and to consider appropriate data management throughout the ‘information lifecycle’ and recommends universities adopt:
- Good corporate governance
- Policies that enable universities to effectively manage research data
- A segmented approach to network security
- A culture of cyber security awareness
Jisc has curated a number of resources to help combat cybercrime.
Interception and monitoring
Learning providers also need to consider the contentious area of interception and monitoring. Striking a balance between the need on occasions to intercept or monitor communications and the privacy and freedom of expressions rights of the individual is an important consideration.
New laws were introduced to take into account advances in technology and to attempt to address the interests of both sides. Jisc have produced guidance with regard to the interception of communications for learning providers. This includes advice for developing internet and email policies and procedures for dealing with third party requests and investigating misuse of systems.
Bring your own device (BYOD)
BYOD allows students and staff to use their own personal digital devices while learning at school, college and university. Our detailed guide to learning spaces includes a section on BYOD and its use as a creative tool for students. BYOD can have implications for organisations and this needs to be considered both at a strategic and practical level.
Some important considerations include:
- Data security
- Infrastructure – do you have the required bandwidth and wireless infrastructure to cope?
- Does the internal network need to be kept separate from the BYOD network to reduce any potential risks?
- Bypassing the institutions wifi network via 3G/4G
- Staff who might not wish to engage
- Student behaviour management
- Privacy concerns
- Access of inappropriate material and taking inappropriate photographs