GDPR & Online Safety: Is Your School Compliant?

Security

The General Data Protection Regulation (GDPR), replaces the existing Data Protection Act on May 25th 2018. Organisations who do not comply can be fined €20 million or 4% of their global annual turnover, whichever is higher.

Schools will need to closely examine many parts of their operation in order to ensure they are compliant, but one often overlooked aspect is how GDPR can be accommodated by a school's online safeguarding processes.

Keeping Children Safe in Education: One Year On

Child at Window

[This article was originally published in September 2017]

One year ago, the current safeguarding statutory guidance for schools and colleges came into effect. The Department for Education's Keeping Children Safe in Education commenced on 5 September 2016, replacing the previous July 2015 edition.

The new guidance extended some responsibilities to colleges, where they had previously only applied to schools. It also added useful signposts to other, related, guidance and generally sought to clarify the previous version.

Diagnosis: Blocking Hotspot Shield

Keys
Introducing our unique anti-spoofing technology that allows Iceni to block the Hotspot Shield VPN. As Hotspot Shield's traffic is practically indistinguishable from legitimate traffic, most filtering systems are unable to block it. However, we have developed sophisticated anti-spoofing technology and have identified some patterns in the behaviour of Hotspot Shield. This twin approach allows Iceni to both block Hotspot Shield connections in real time, and to build a database of the Hotspot Shield servers that can be blocked by our Anonymisers / Proxies category.

Iceni Web Proxy - Important Upgrade

To ensure that applications can continue to operate through your Iceni web filter, you must deploy a new security certificate to all devices on your network. Major application vendors and web services have announced plans to stop supporting the SHA-1 trusted root security certificates which Iceni uses. In order to continue to support the new security requirements, all customers are being issued with stronger SHA-384 trusted root certificates.

Embedded Vimeo Videos

Override dialog box
Back in 2014 we added the unique ability to automatically whitelist YouTube videos that are embedded in educational websites, without unblocking the whole of YouTube. With an increasing number of educational resources now hosting content on Vimeo, we've added support for doing the same with embedded Vimeo videos.

Testing Internet Speeds

Fibre optics

Recently, a few of our customers have upgraded their internet connections. Wanting to test the shiny new connections and demonstrate that they were money well spent, they went to speedtest.net and were disappointed to discover that the reported speeds were unexpectedly low when the traffic was routed through their Opendium Iceni web filter. We ended up fielding a few support calls relating to this, and after some investigation discovered that the low speeds being reported were largely due to flaws in the speedtest.net application.

RADIUS Improvements

For effective safeguarding, it is not enough to just filter the internet. Identifying which user is responsible for each web request is extremely important, as this allows for filtering to be tuned to the individual users, and for reports to be used effectively to address abuses and concerns with the individuals involved..

HTTPS Interception

Certification

What is it, why is it important and how does it work?

HTTPS interception encompasses several mechanisms that online safety systems or web filters use to examine encrypted internet communications. The terms "SSL interception" and "TLS interception" are sometimes also used interchangably.

Safeguarding students is incredibly important for schools. Online safety systems such as web filters are a key part of any safeguarding strategy. These systems block inappropriate material, record an audit trail and report on any concerning behaviour.