(upbeat music)
Greetings, and welcome to Boston Public Schools Technology
video podcast on, "Download It! It's Free, Well...Not Really"
video podcast on internet privacy.
This is episode three of our "Digital Citizenship and Safety" series.
We have three guests with us today,
two educators and one industry leader.
My name is Nick Gonzales,
and I am a digital learning specialist for BPSTech,
and I will have our guests introduce themselves as well.
We'll start with Nilufer.
- My name is Nilufer Johnson, and I teach at Snowden.
I teach ESL and Computer Science Classes.
- Ingrid Skoog, I've been in the security and privacy world
for 15 years now moving from government to academia,
to now the for-profit world.
- I'm Cynthia Soo Hoo.
I'm the Principal of the Quincy Elementary School.
- Great, great to have you all here.
Thank you for joining us.
So, let's get down to the nitty gritty.
We're gonna talk about internet privacy,
and what it actually is
and the different ways it impacts schools,
and impacts students, and our teachers, and parents as well.
First thing I'd like to talk about is privacy.
What role do educators have
in talking about internet privacy with students?
Phones, permissions, different types of devices, Alexa,
Siri in your room, in your house, data?
How much infringement on privacy is too much?
Will it significantly change
by the time our students become adults?
And we'll go ahead and we'll start with Nilufer.
What do you think?
- When I was a little girl,
I heard the same advice from my mother
or maybe you all have heard,
never take candy from strangers.
She was nervous about all the risks out there.
But today as a mother and an educator,
I feel like it's our job to teach our students
to be internet smart as well as being street smart.
Because the social medias have become our neighborhoods,
but even though there were risks outside,
my mother never pulled me back indoors saying
that you can't go.
I think it's our-- we were just told to be careful.
And we learned how to be careful,
and I think it's now our mission to teach our students
how to be sensible using technology and social media,
and let them enjoy their time, you know,
have a healthy experiences in their time.
And maybe our kids, their generation,
will be hearing never click a link
from a stranger instead of a candy from stranger.
- Right, very true.
- I'd say, absolutely there's a rule
that we should be playing with the educators
to teach students about this.
We're saying before that security's
been on our minds for a while now.
Privacy is really gaining steam that we care about this.
I think it's a myth that I hear that a lot of young people
don't care about privacy, or that privacy is dead.
This notion that we can claw it back is,
the horse is out of the barn.
I don't agree with that.
I think that students are very smart about what's going on
in many ways are coming up and taking ownership
of a lot of issues.
They're seeing the world and privacy
is just another one on that list
that I think they're very successful at once
they understand what it is
that they need to be concerned about,
they can articulate really well.
Here's the line where it works for me of, yes,
companies I'm okay with you doing this, but not that.
And it's our job to inform them
and from an industry perspective,
I would love to partner with the schools more
where I can to lend my expertise
and I know my colleagues feel that way too.
One of my friends does an old lady's group
that she goes to retirement homes
and talks to them about privacy.
So we're here to partner
and help the students learn some more.
- [Nick] Awesome.
- Great. Yeah, so first I want to thank Nick
and OIIT for having this conversation.
I think it's a very important conversation
to have around downloading.
So I'm at the elementary level,
and many of our students work with technology
throughout the day in their classrooms
and teachers can put some blocks on there.
We're on a secure network and other things like that.
However, many of them have their own devices at home,
and they're at free range to download or to communicate,
and use those devices however they want.
And even though my students are at the elementary level,
many of them do have their own telephones, cell phones.
And some applications may ask, you know,
check this box if you're 13 years or older,
and they may still be just checking it off.
- [Nick] Exactly.
- There's no way to really prove that, and they're going in,
downloading all different types of apps.
Some are social, because their classmates have it
and they want it too.
Which, you know, can bring some concern.
So as educators, even at the elementary level,
I think it's very important
to try to help them gain habits of understanding
what is being asked of them
when they're going to download an app.
What is the purpose of the app?
What is their intention for using the app?
What type of permissions are they asking for, right?
I think that's very important,
especially when there's free apps out there.
- We were talking about this a little earlier,
in terms of permissions.
Some of these apps, you turn them on, you accept them,
and they're free, and some students
and some kids who are well below sometimes 10 years old,
will just say yes because it's free,
but they don't understand that
when they say yes to the terms
and agreement that it'll have access to their microphone,
or it'll have access to their GPS, or whatnot.
This begins-- I mean again this goes back to privacy.
20, 30 years ago, the idea of privacy
was you have your domicile, right?
You have your house and within your house,
that's your domain and that was your area of privacy.
But now with our computers, and with our devices,
with our tablets, with our phones,
now it's coming inside of our house now.
So, what exactly is privacy?
Because the notion of it has changed
even within the last 10 years with all the advancements
that have been made with mobile technology, and with tech.
So I wonder, just like Cynthia was saying,
as teachers and as educators, and even as industry,
what is our responsibility in relaying this to our students?
Is it of the utmost importance
to let them know what's happening?
And to give them an idea of they have a choice.
They can download certain apps that they want,
and this is what's gonna happen.
I think Ingrid touched on this a little.
- I'd say privacy-- it's an interesting thing
that we've talked about everyone's line for privacy
is different so that's important for people to understand.
But also, there's a difference between
if you have my information, you're targeting me,
'cause you know I want to buy a particular pair of shoes.
Well, that might be okay.
I don't mind if you're trying
to show me products I'm interested in,
but privacy in terms of self-autonomy, in that,
I am choosing and making decisions for myself
and corporations and companies don't have enough information
that they're manipulating me or coercing me
because of information they've gotten.
I think that's the really powerful thing around privacy
that we want to have autonomy over our decisions.
We don't want social media to be nudging us
and knowing enough about us to steer us
toward political decisions or how we interact
with our friends and colleagues.
So that's the important thing I'd love
to see our students know more about.
- Yeah, and I would also say, I think it's in tandem.
I think it's educating students what habits,
but also reaching out to families,
and letting them know that
if you're choosing to allow your children to have devices,
what are some things you can put on it?
You know, can you block certain things?
Are there security things that you can,
what are they called, like you know,
parental blocks and other things,
controls that they can have.
- Agreed. I totally agree,
because I think it's important
to definitely go after parents
and go after just educators in general.
A lot of adults do not know what's happening.
And so I think it's going to be
a multi-pronged administrations, teachers, and parents.
And I think eventually, hopefully if we cross our fingers,
it gets down to the students at the younger level,
at the younger ages, because I think that's where
it's gonna need to start.
Especially you get the younger kids who are in 2nd
and 3rd grade when they start typing,
when they start getting onto their Chromebooks,
and especially around 2nd, 3rd grade
where they start to learn,
develop these habits of good privacy
and good digital citizenship measures.
So let's get into our second question.
Now we're gonna talk about passwords
and password protection practices.
And Ingrid, I'm sure you can,
well I'm sure everyone can back this up.
You get a new password, and I've done it myself,
when I didn't know all the stuff
that could be done with my password.
Sometimes I put it on a Post-it,
and sometimes I'd stick it right on my computer.
This was like five, 10 years ago, but hey, little did I know
that was probably the worst thing I did
considering what could've been done with my password.
So, let's talk about why they're important for our kids
and why they need to password protection practices
need to be taught at all levels, right?
And why are they important to faculty and staff as well?
And, let's discuss longer more elaborate passwords
and some of the practices that might impact
how strong your password is.
- Of course we hear everywhere having longer passwords
with combinations of letters, capital, lowercase,
and change them periodically.
It's so overwhelming for myself, and I know, for many of us.
It's just like we are visiting hundreds of pages everyday.
Trying to have a single password is like trying
to carry a single key for each door we open.
It is definitely, you know, we forget them.
They're getting too complicated.
However, we need to be very cautious about it,
because of the privacy and security issues.
Everyone can have, I think, of course,
big companies are doing big password management systems
they're using, but as an individual, as a child, or mother,
or you know educator, what we can do, is try to come up
with our own homemade password management system
which could be something really personal to you,
something difficult to guess,
and something you can't change periodically,
but you can remember.
I don't know, what we should do
is people have good intentions,
write down their passwords on an Excel sheet, keep in Drive,
might not be the best idea,
but definitely following some best strategies out there.
But I agree with you with the previous question.
As educators, as teachers we feel so nervous
and not knowledgeable enough,
so I think we should start with the educators,
make sure they feel comfortable with the technology,
and then pass all these knowledge to kids.
- I have so many thoughts on passwords,
and how much I hate them, and how much we all hate them.
But they're not going away.
I mean, there are a lot of things that industry
is trying to improve on them, but when it comes down to it,
we all just have a ton of passwords.
For me, password managers are a key to helping us,
because we just can't remember
all the different passwords we have.
We have hundreds of them.
And so, in order to have unique strong passwords,
I think that there are free
and affordable password managers out there,
and you only have to remember one password
to be able to store all your passwords in there.
That is something we've been telling folks
all over the place.
And even writing them down, sometimes that can make sense
if it's kept in a safe at home.
If that model works for you,
what's the likelihood that someone's going to get
into that list that you keep at home.
The problem is if you carry it with you.
If you have it in that sticky note on your computer,
right where you're gonna use it.
That's the problem, but there are things
that we can do, share with the students
and with educators and ourselves that we can do better
than what we're doing now.
- What I found helpful around passwords
is finding some sort of a system that you can use.
Maybe there is like one combination that you're always using
but changing up a little bit depending on what,
you know, what you're logging into.
So that would change a little bit.
I love the idea of having a password manager,
because I find myself writing on stickies,
or having a book somewhere.
I started going online, but I was like,
well, what if someone can get into my documents and stuff,
and then they'll find that, right?
So just figuring out a system that works for you
and also understanding that sometimes
when you're working on-- your signing into things,
there are administrators and depending on
what program it is that you're working on,
they may actually be able to see your passwords.
And so that's why it's important to have different passwords
for different programs you're using.
- So yeah.
So I guess it comes down to both.
I mean I think if you're more heavily involved
in the internet and you have a ton of passwords.
You have 30 or 40 that you use.
I think a password management system would be great.
But then you also have people who don't.
They have three or four, you know,
they could use Nilufer's methods as well,
where if they know they have a safe place
that they can store their passwords,
that's a better choice to use.
That's a better choice to go with.
But in terms-- how about of making passwords?
Because sometimes we have students
that'll just, they'll use, you know,
if it's a 3rd or 4th grader, they'll use the word "leg"
for a password, l-e-g, right?
And sometimes it'll accept.
How do we instill within our students,
the idea of password encryption and how, you know,
if you have a longer password, right?
Versus if you have like a nine character password
versus a 13 character password.
Being able to brute force get into,
which means essentially trying to enter as many words
as you can within a password field.
It's much likely, more likely, for it not to be
hacked or decrypted by having a longer password
versus a shorter password.
The only thing is, when you have longer passwords
they're more difficult to remember.
So, you know, how do we instill this practice
within students and educators of having longer passwords
and having more difficult passwords to hack.
- I think Nilufer brought up a great point
of having numbers, and letters, and symbols,
and upper, and lowercase.
But those symbols can actually help, right?
You know, where you have to shift and put the and sign
or exclamation points.
I think that also adds, or makes it more difficult
to kind of figure out.
- I don't worry about the brute force,
the guessing over and over so much
as I worry about the pet's name.
Oh, well my cat's name is a great password,
or "RedSox34," that's a great password,
and I bet someone watching will have that password,
and go, oh.
The commonality of things that someone could guess
that if I knew a little about you
that I would think, oh, I bet your password's
this pet name or this sports team.
Those I would love to see people get away from.
- A lot of our students just go with date of birth,
because that's officially assigned to them at the beginning.
- [Ingrid] Yeah, or anniversary or something.
Moving away from that would be a big--
every year there's a top ten list
of most common passwords and it doesn't change much
year to year.
Things like, password 1234, or I love you.
- I had heard this Facebook or other social media sometimes
send this questionnaires.
What's your favorite movie?
Where did you meet your boyfriend, girlfriend?
And what's your pet's name?
And then these questions,
because you feel like you're taking a questionnaire
and then they're used to hack into your accounts,
because they are usually the passwords.
- One of the tricks we've taught folks
when we've worked with them is a line from a song.
That can be pretty long and it's easy to remember.
If you pick out a lyric, a line from a song
that could be a great password.
- And the use the spaces too.
I mean that's one that we took away
from a citizenship training we had here for the district
where people don't usually use spaces in their password.
- [Cynthia] I didn't know you could, wow.
- But you can, you can use spaces sometimes.
Well, most of the time I believe.
- Sometimes, the rules are all different
which makes it hard too.
Sometimes you need those special characters,
sometimes you need upper, lower, little drop of blood,
all these different special, do three turns.
- Moving on from passwords,
this is gonna actually come back into sensitive information.
Let's talk about phishing, and what phishing is,
and how important it is for our faculties and students
in our schools to know what phishing is
and the scams that are out there.
So first, can I have someone-- Ingrid can you explain
what phishing is?
- Sure, so phishing is most often
when someone is trying to get your login, your username,
and your password so that they can get
into your bank account,
or get into your social media account,
and it's this way of trying to trick you
into giving that information up.
- Is this important for schools to know?
Is it important for our students and teachers to know?
Thoughts?!
- Oh, absolutely.
We are working with confidential information,
we are working with students on IEPs,
very confidential information.
We have to be very alert.
Luckily, I think it is managed by the center
that our emails go to spam if there's any phishing emails,
and sometimes if there are risky activities going on,
we get notifications which is great.
But as individuals, I think it is important to be,
you know, like street smart, internet smart.
We have to be smart.
When we see a person out on the street
that doesn't make us feel comfortable,
maybe something he says doesn't sound right
or the way he looks, the way he dresses,
and we say, you know what, I should be cautious
about this person.
And it's the same thing about phishing.
Usually they come with emails and just to be careful.
Does this email sound right to me?
Is it from someone I know?
Usually we don't know the people,
the address looks like something we could trust.
Like instead of "bostonpublicschools.org,"
it's from dot com "BostonPublicSchools.com."
It's sounds almost right, but it's not right,
and sometimes they're using our human feelings.
Like hey, this is time sensitive you need to help.
And as default, we want to help people, right?
So clicking one thing could be very dangerous,
so just to be cautious and pay attention
to these little things could help.
- Yeah, I absolutely agree.
You brought up something earlier, too,
around strangers, and stuff like that, right?
It's knowing who's sending it to you,
checking for those little things like,
is it the exact address, or is one letter off?
Did they change the order of the name?
And what information are they asking for?
If you feel like it's anything private,
that could lead to giving away your password
or most of them are asking you to change your password.
Just being very, very clear in what they're asking for.
And figuring out why they're asking for it.
At BPS we can always just forward
that email to someone and just say,
is this legit, what's happening here?
- A lot of students can spot phishing,
because they're born in, they're digital citizens,
they're born into tech, I guess you can say.
And a lot of them think
that they can spot phishing scams right off the bat,
but some phishing scams are so good,
it takes five sometimes 10 minutes
to actually analyze the entire page and say,
oh, this isn't the actual page.
There are really good phishing scams out there.
So I think a lot of students think they know more
than they do.
Especially high school students,
but I've seen the case where that's not actually true.
- Someone will fall-- we'll all at some point,
have a weak moment, be in a hurry, fall for something.
And that's okay, it doesn't make us stupid,
or anything, but it's important that when you know
if you have that realization,
I've put in my credentials where I shouldn't have,
that you reach out to get help.
It's not embarrassing to say, I did something wrong
and let's fix this quickly.
And also if you do have that,
stop and think, and pause, and this seems
like it has a sense of urgency, or it doesn't seem right.
Check out a band, don't rely on the email,
call the person, or text them,
or take some out of way of saying, hey,
Nick, did you send me this thing
that's asking to change my password?
And that can sometimes really help you.
- So the last topic I'd like to talk about is data breaches.
And we're gonna focus specifically on schools
throughout the country that have students
who many times, well most all the schools I've worked with,
have a lot of students that know a lot more
than the faculties do about technology.
And a lot of times I see these students
help in some way or another the faculties
and administrations within schools.
And some schools around the country too,
we have these formations of tech teams.
These teams that are being educated on how to use tech,
and they're going out and helping the administrations
and the faculties within these schools
navigate their technology.
And so, many times these students are given information
that is really sensitive.
Sometimes it's the case that this information
is given over to students unbeknownst to the people
who gave it to them.
And so, how do we mitigate this?
How do we send the message out that it's great to have,
this is a great idea, this is a great concept
to have students actually help teachers and administrators,
but also there's a positive side to it,
but there also could be a negative side to it.
What to do in this situation?
Cynthia, do you want to start?
- Sure.
So-- I wanna go back and say,
so when we're logged onto things, right?
We share many devices as well.
So there could be breaching in that way too,
where we're not logging off and so when others
are getting on to that same device
they may automatically be able to get into your information.
But around breaching, and yes, many of our students
are definitely in the digital age,
and we have these tech teams and we may think it's harmless
to give them login information
so that they can help us complete something
or organize all of our student's presentations
or something like that, and not realize
that with that one password, they're able to get access
to all of our other information.
So I think that's very important to think about
when you're giving students these responsibilities.
Is there a way that we can give them a separate access
to complete the same thing that you're hoping for.
- That really drives to what I'm focused on privacy now
is the views and the access you have.
You only want people to be able to look at
what it is they need to do.
And so maybe you do have a case
where you need to have a student help you,
but you could change your password after.
So you've seen them use it and help you,
but then they can't get back in later.
Or have a different kind of log in,
depending on the technology you're using,
understanding with your support folks,
hey is there an account that this student could use
to only see this material and help me,
but not have that broader, wide view.
- Sometimes it's not even that sophisticated,
we take attendance, stay logged in,
walk out of the classroom for a second,
it's vulnerable, right?
Data is vulnerable to student or anyone's action.
You know, we grew up with this phrase of time is money,
time is money, time is money, but now,
what I observe is the data is money.
So the data is so important, information, any information
about you could be very important for other parties,
for their benefit.
It could be your location, your interests, your school,
your medical records, everything.
Since the data has become so valuable and so important,
we need to be more cautious about how to protect,
how to handle it.
Not only people who provide the data needs to be educated,
such as, you know, if the parents provide us data,
students themselves, teachers, us,
and people who handle the administrators, the teachers,
and in your case, you know,
example students sometimes handle this data.
It's very, very vital, because it's no game anymore.
It is so important.
People are paying you for your data.
We have to be very alert and smart about it.
- Right, right.
People are paying for data,
and people can sell social security numbers online,
you can sell birthdays online.
There's a lot of things you can do with it,
that sensitive data that some students can get,
and not to say that that's happening,
but it's just as a potential.
And so, yeah.
- Even surveys now, right?
We don't take surveys anymore without any, you know,
like if you're not giving me a gift card,
I'm not completing, sorry.
Because it's my data, right?
It's my information.
The times are changing so we have to catch up.
- And they're changing fast, right?
So that's gonna do it for our,
"Download It! It's Free... Well, Not Really" video podcast
by the Digital Learning Team at Boston Public Schools.
I'd like to thank Nilufer Johnson of Snowden High School
for joining us.
- Thank you.
- And Ingrid Skoog, Industry Leader
in Information Security and Cynthia Soo Hoo,
Principal of the Quincy Lower.
And Nikolas Gonzales of the Digital Learning Team,
Digital Learning Specialist here at BPS.
Thank you so much for joining and watching.
(upbeat music)
For more infomation >> Facebook has lost the people's trust: Tusk Holdings CEO - Duration: 3:45. 
For more infomation >> Beyond Scared Straight: The Real Deal (Season 3 Flashback) | A&E - Duration: 5:06. 
For more infomation >> Bring It!: JJ vs. Selena Dance Off (Season 1 Flashback) | Lifetime - Duration: 4:23. 
For more infomation >> O Significado Oculto de Lauren Jauregui "Expectations" - Duration: 4:43. 
For more infomation >> El eco de Trump y su mensaje al sur de la frontera - Duration: 2:59. 
For more infomation >> Batalla campal: Gas lacrimógeno y cierre fronterizo entre EE.UU. y México - Duration: 1:06. 
For more infomation >> A Day in the Life of a Student Accommodation Manager - Duration: 2:34. 
For more infomation >> Dieser Hund auf dem Dach wurde zur Internetsensation... - Duration: 3:08. 
Không có nhận xét nào:
Đăng nhận xét