Friday, October 25, 2019

Book Review: Google Apps for Littles: Believe They Can

Google Apps for Littles Google Apps for Littles: Believe They Can
by Christine Pinto and Alice Keeler

This October break I spent time reading Pinto and Keeler's excellent book Google Apps for Littles. While oftentimes people think only upper-grade students need to learn how to use technology, Pinto and Keeler encourage us to believe that even Littles (primary students) can use these apps. They focus on how to incorporate G Suite for Education apps into classrooms for lower grades, starting with Pre-K students! They even provide numerous prepared templates and ideas for lessons that you can use the day after you read about them. Not only can your students learn more, but you will become more familiar with the capabilities and potential of using these apps in your own life.

If you teach in the primary grades and see the upper grade students using Chromebooks but struggle with trying to figure out what you and your Littles can do in your classroom or how you can teach your students similar skills, I definitely recommend reading this book and using some of their ideas. If you are a principal at an elementary school and want your primary grade students and teachers to use more of G Suite for Education apps, maybe buy a copy for teachers to borrow.

As always, reach out to the OGSD EdTech team if you have questions, want to get ideas of how to use technology in your classroom, or need training or coaching.

Tuesday, October 2, 2018

FBI Warns the Public of Cyber Threats to School Districts

On October 30, 2017, I wrote a piece called Student Data in Schools the Target of Cyberattacks. Almost a year later, on September 13, 2018, the Federal Bureau of Investigation released a Public Service Announcement entitled Education Technologies: Data Collection and Unsecured Systems Could Pose Risks to Students. Whether you have heard of this or not, it is very important to understand and I will try to lead you through the circumstances that lead to this PSA from the FBI.

Now, before I go any further, if you work for or have a child currently or previously enrolled in Oak Grove School District, I want you to know that our IT department has been vigilant in keeping our security systems as up-to-date as we can based on current industry standards so that we can protect student and employee data. To date, I do not personally know of any malicious infiltration that has ever occurred within our systems. We also have started about three years ago a diligent effort to ensure that the education-as-service providers we use also protect student data to current industry standards - you can read about this effort and teachers' responsibilities in this effort in our blog post Student Data Privacy and Safety.

The FBI notice refers to a number of school districts in Iowa, Texas and Montana that were ransomed by cyber attackers in late 2017. The attackers stole personal information on students, families, and staff and then threatened to release the data unless payment from the district was received. In the process of making these threats they also threatened physical harm, and shamed and bullied students and parents through personal email, phone texts, and Facebook posts. This was announced by the United States Department of Education on October 16, 2017, titled ALERT! - CyberAdvisory - New Type of Cyber Extortion/Threat (the announcement has links to two news articles about the incidents).

Also mentioned in the FBI notice are two large EdTech companies, most likely Schoolzilla and Edmodo. In April of 2017, Schoolzilla was the subject of a white-hat hacker (someone who identifies weaknesses in a computer system and notifies the company about the vulnerability rather than exploiting it). This was reported in the online news source EdSurge and confirmed by Schoolzilla on their blog post: Our Commitment to Information Security. The second company was Edmodo. As reported on the Motherboard, over 77 million client records were captured and were being sold on the Dark Web (relatively secret locations on the internet where illicit activity occurs) for just over $1000. Luckily, Edmodo uses a difficult cryptology algorithm for its passwords, but it is unclear what other data might have been compromised, probably including over 40 million email addresses of students, parents and teachers.

These are just a few examples of the ways that school districts and EdTech companies have been targeted by cyber attackers. Since January 2016 (a mere two and a half years ago), there have been 370 reported incidents of security breaks at United States School Districts.

Though Oak Grove School District has not yet had an incident, the IT department remains ever vigilant to ensure that student and staff data remains secure, and the EdTech team seeks to constantly remind students and staff to use best practices with securing their accounts and passwords.

Monday, October 30, 2017

Student Data in Schools the Target of Cyberattacks

Whenever I go into classrooms and train students (and teachers), I try to emphasize the importance of being careful with your passwords. In fact, I have posted in this blog about password creation and safety multiple times. For many people that have been in education as long as I have (or longer) the question arises about why it is so important to keep our passwords and system safe - we're not handling nuclear material or doing things that will lead to people dying. The issue is that in today's world, data is one of the most powerful items that exists. The hacking of Equifax was so huge because of the numbers of people who had data stolen and the type of data that was stolen.

Schools are becoming a large target for cyberattackers. Why would this be? Is it the employees' data that attackers are attempting access? They are the ones with income and bank account. But that is not the reason - the real reason is student data. Recently, the Takeaway had a short segment on this danger titled Hackers Target Student Data as Schools Report Increasing Cyberattacks. You can listen to the segment below:

Student data represents a virtual gold mine to cyberattackers. With data contained within our School Information System, criminals would be able to start opening credit accounts in the name of students. Imagine your child reaching 18 years old, trying to open a credit card account, and being denied because they have over 10 years of bad credit history. That is what could happen if students' data is stolen. The worst part about this is that most parents will check their own credit on a regular basis, but will never think about checking their child's credit history. Thus criminals can have multiple years to abuse a child's identity without ever being caught.

In our district, the Information Technology department does our best to put in place protections to prevent cyberattackers from gaining access to our students' data. We have robust firewalls protecting our network, threat management software to detect and stop malware and viruses, and we limit access to our systems to verified users. A lot of companies employ such measures to make their networks and systems safe. Unfortunately, still many of them get attacked. One of the most common reasons systems get penetrated is user mistakes. What type of mistakes lead to this occurrence? People click on the wrong email and give over information or install software designed to infiltrate a system is on type of mistake, but the most common mistake is password security. Choosing a robust and difficult to guess password is the first step, as I've mentioned in previous posts. Using default passwords is essentially just as bad as having no password at all. Also, writing down passwords in publicly visible places - like a sticky note on your monitor or taped to your keyboard - is just as bad. No body should even need to know your password for any reason. If they have a valid reason for accessing your accounts, there are methods for system administrators to reset your password to get into your account. Remember, password security not only protects you, the teacher, but it also protects the data of your students.

Thursday, September 21, 2017

Student Data Privacy and Safety

Many of you have heard or read about the Equifax data breach, which essentially affects one-in-three people in the United States - 143 million people had their data potentially exposed. Unfortunately, these breaches have happened, are happening, and will continue to happen. For us at Oak Grove School District, these breaches remind us to be diligent with protecting the personal, academic, and behavioral data of our students - in fact, we are all required to do this according to Federal and California State law. The Information Technology Department at Oak Grove has systems in place to help prevent breaches into our servers and data centers. The EdTech Team has been diligently screening vendors we use for services online (see more on the District website). And teachers and staff should also take steps to prevent the leaking of student data.

In order to verify that outside vendors are handing student data correctly, our district has joined the California Student Privacy Alliance (CSPA). This organization has created an agreement between school districts in California and vendors that provide online services to those districts. This unified agreement has been approved by the California Attorney General and is designed to include all the relevant provisions of the Federal laws and State laws concerning student data (see our Data Privacy Laws if you are interested in learning more). Though this agreement will not prevent incidences like the Equifax breach, it does prevent those vendors from purposefully misusing student data (i.e. selling information for ad revenue, or using student data for targeted advertising) as well as requiring them to use industry standards to encrypt and secure data.

The practice of ensuring that student data is protected is something that will continue to grow as schools continue to gather data of students' academics and behavior. EdSurge is an online newsletter that deals specifically with technology in the education realm. One of their recent articles, Why the State of Surveillance in Schools Might Lead to the Next Equifax Disaster, addresses the concerns that we as educational professions need to be thinking about as we continue to gather data and store it on computers. The purpose of the article is not to scare us into inaction and make us shy away from using technology, but rather, to keep those ideas in mind as we introduce new data gathering tools into our district and ensure that third-party vendors are also keeping these ideas in mind as they build their systems.

Lucky for you, the EdTech team understands how valuable your time is as a teacher or staff member in Oak Grove School District and is here to greatly reduce the burden of this process for you. The EdTech team is committed to looking in the numerous vendors we use, but we can only do so if we know about them. Your role in this process is simply to notify the EdTech team when you come across a website, app, or program that you would like to use in your classroom. You can do this by filling out the Classroom Applications & Websites Used form. The EdTech Team will take it from there. Once the company you want to use is listed as "Approved" (or "No Student Data Used") on our database, you are free to use the website or program. If they are listed as "Pending Final Approval" or "Not Approved" that means that the company was not able to meet our specifications for protecting student data and thus we cannot do business with them (even if they offer free services).

Thank you for your part in helping our students' data to remain safe and secure.

Thursday, November 10, 2016

Intel Education Accelerator

On Thursday, November 10th, I had a chance to attend to the Intel Education Accelerator showcase. This is a division of Intel that invests in startup companies that are creating new technology for schools. This year's cohort includes eight companies - you will probably start hearing about them in the coming years. I was impressed by some of their presentations and I wanted to highlight them for you.

HSTRY Logo
As a former History teacher, one of the coolest companies I saw was HSTRY. This company built a platform that helps teachers to create interactive timelines. When I was in the classroom, I was constantly looking for a product like this where both students and I could create timelines on a computer - I even attempted to build my own timelines using programs like Word or PowerPoint, but ended up more frustrated than happy with the final product. This company, though, has a fairly simple user interface to help teachers and students create timelines that incorporate pictures, animated gifs, and video! And it is adaptable to many different subjects: History (of course), Government, Language Arts, Novel Studies (Book Reports), Science, Mathematics, and many more. They have numerous examples on their website and it would even be worth it to upgrade to the paid version.

Note: This company has renamed itself Sutori.

PrepFlash icon
PrepFlash creates a new way for students to study. Instead of having to create flashcards on 3x5 index cards by hand, PrepFlash allows anyone to create online flashcards by simply snapping a picture of the text that they want to remember, then they can eliminate words for fill-in-the-blank, make it into a TRUE or FALSE question, or create a multiple choice question. You can also make flashcards based on a website, uploaded PDFs, or pasting text into their website. Though this seems to be a very cool tool, please do note that in their Terms of Service they specifically state that children under 13 years old are NOT allowed to use the site - maybe this will change in the future, but it is probably because they are not FERPA and COPPA compliant (these are laws that address how companies handle information from minors).

SAM Labs has built a number of small, wirelessly connected blocks that allows students to built things without the mess of wires. The blocks include buttons, sliders, lights, sensors, and motors. The app allows you to connect the blocks together in various ways so that you have an almost boundless number of possibilities to move, illuminate or create sound. They have a number of kits available as well as ideas on their website. This would be perfect for a MakerSpace within a classroom or school.


KiraKira is a company that was created in order to help girls become passionate about STEAM (Science, Technology, Engineering, Arts & Mathematics) education. Though it was created for girls, it can certainly be used by any gender. There are lessons to teach about design and engineering, and there are tools to help students develop their own projects. If you do not have access to a 3D printer, you can pay the company to print out your creation and mail it to you! Pretty cool site to teach about engineering and design concepts.

These are only half of the companies that are in this year's cohort. Check out the Intel Education Accelerator site to learn about the others, or click on the links above to check out the companies you might be interested in.

Monday, November 7, 2016

Passwords Revisited: Keeping your keys safe

In the past four hours, the EdTech team has handled numerous phone calls and emails about students' accounts being "hacked" - one student lost ALL of this Google Drive files and another student had someone send inappropriate emails to teachers and other students. Though we were able to recover the lost files and track the inappropriate emails, these experiences teach us the importance of password security. No one - students nor teachers - should give out their password to anyone else (though there may be exceptions for spouses of teachers and parents of students, students should never have access to other peoples' passwords - there may be an exception for TK-1 classes that use a common class password, but this should not be shared outside of the classroom). Always think about and treat passwords like the keys to your house - would you hand off your keys to anyone or leave them laying around for anyone to pick up? Neither should we leave our password available and visible for anyone to see and use. Our previous post: Passwords: the key to your life or the bane of your existence? dealt with this issue.

If you are in need of trying to change your students' passwords or having the students change their own passwords, you can use the directions in the How-To from EdTech folder, under the Google Account Management folder. We currently have a number of trainings in this folder including Student's Resetting Their Own Password and Resetting a Student's Password/Locating Roster Groups.

Remember, you can ALWAYS ask your EdTech Learning Community Specialist to come in and train your students about these concepts and processes as well.

Bernal Learning Community: Steve Harmon
Davis Learning Community: Bruce Neff
Herman Learning Community: Sergio Rizzi

Friday, November 4, 2016

Making a Difference as an Instructional Coach

David Kimball from Linden Unified School District (located east of Stockton) wrote a Google+ post about making a difference in his district as a Technology Instructional Coach (similar to the EdTech Team in Oak Grove School District). Read it below (or use the link to read it on Google+).

As an EdTech Instructional Coach, it is experiences like this that truly make my job worthwhile. If you know a fellow teacher who is technology reluctant, remember the EdTech team at Oak Grove School District - this is why our jobs exist!

Bernal Learning Community: Steve Harmon
Davis Learning Community: Bruce Neff
Herman Learning Community: Sergio Rizzi