Upload
rita-oates
View
112
Download
2
Tags:
Embed Size (px)
DESCRIPTION
This brief tutorial shares technical information about the multiple layers and strategies for student safety provided by ePals in its award-winning and free student email, called SchoolMail. More than filters, more than RBAC, but a combination of technology strategies and human processes. This tutorial is one of more than a dozen brief tutorials that share information about the free tools from ePals, the world's largest K12 online community of teachers and students. You can find all the tutorials at http://bit.ly/learnePals or go to http://www.epals.com, look on the Teacher tab, pick the last item (Training Resources). You can download these in PPT or in PDF format as you prefer. Some of the PPT slides have additional information in the Notes field of the PPT.
Citation preview
ePals Policy Management
In this tutorial, we will inform you about safety features of ePals through Policy Management. This involves some technical detail.
Tutorial # 16
Goals of this Tutorial
This tutorial will explain the basics of Policy Management • What is it?• Understand Policy
Management and how it works within SchoolMail
Learning Objective: Understand what SchoolMail offers
Policy Management: 3 Tracks
• ePals SchoolMail uses three technology approaches to create safe and secure communications:
Domain Security: firewalls and access policies Message Security: filtering and moderating Application of Rules-based Controls: specification of roles,
organizational hierarchy, etc. (Who can a sophomore send to or get email from?)
• These are more commonly found in compliance-oriented enterprises like banks and large companies • Consumer-based email systems do not typically have these
safety strategies• Gmail, Yahoomail do not have monitoring of student accounts
Learning Objective: Understand Policy Management and how it works within SchoolMail
Policy Management FrameworkLearning Objective: Understand Policy Management and how it works within SchoolMail
Allows authorized administrators to “set” policy in varying ways for every user of the system. Policy is enforced for every mail sent and received by the system. Can apply both to mail:
• from outside the domain (student gets email from the Internet, a reply to a question asked of an author)
• from within the domain (email sent from one student to another using their SchoolMail accounts)
Most email systems apply filtering solely to a domain boundary, a much weaker strategy.
Policy Management ComponentsLearning Objective: Understand Policy Management and how it works within SchoolMail
ePals SchoolMail policy management framework has five core components:• Domain Security• Message Security (filtering and moderation)• Rules-Based Controls• Manageability• Information Security and Compliance
Policy ManagementLearning Objective: Understand Policy Management and how it works within SchoolMail
From an end user’s point of view, policy management in SchoolMail is defined mainly by understanding capabilities of Domain Security, Message Security and Rules-based Controls.
Generally, most K12 applicable systems implement Domain Security and have some Message Security in the form of content filtering for messages into and out of the domain.
ePals distinguishes itself particularly in the areas of Rule-Based Controls and Message Security, especially as it relates to rule-based controls, not just domain-based controls.
Domain Security Learning Objective: Understand Policy Management and how it works within SchoolMail
ePals provides filtering at the domain boundary—the scope of defined policies are limited to the specified domain and its members.Application of filtering rules at the domain boundary – Spam, AntiVirus and application of Message Based security.
While ePals does more, typical systems do these items only: Apply Spam and Antivirus checks to incoming mail only Have message security policies for inter-domain traffic only Have profanity filtering/ moderation at the mailbox level onlyePals allows application of policies for incoming and outgoing traffic, and for inter-domain as well as intra-domain traffic.
Message SecurityLearning Objective: Understand Policy Management and how it works within SchoolMail
Monitoring: analogous to cc – route a copy of the message to a moderatorModeration: route to a human for review and action – approval, rejectionAttachment filtering at mime type level: options include block; monitor; moderate; allowMessage content filtering: filter for inappropriate words and then take some action on “flagged” messages -- monitor (cc), route for moderation, block
Inappropriate word filtering: for profanity, problem words or policy abuse
Uses methods and algorithms analogous to Spam filters, where the textual content of a message (or an attachment) is scanned against filter-words lists and matching patterns (“regular expressions”), and receive a score.
Lists can be updated using a management console to take into account variations, rapidly changing vocabulary, new slang.
Message SecurityLearning Objective: Understand Policy Management and how it works within SchoolMail
Rules-Based ControlsLearning Objective: Understand Policy Management and how it works within SchoolMail
Real world organization structure is established and users are created as members of these structures within a domain (district, network of schools, school, class group, grade level)
Every user can be assigned one or more roles (student, educator, guardian, administrator, moderator) and placed within one or more levels of organizational structure.
User 1 is a student at PS134 in 4th gradeUser 2 is an educator at Bronx Science and a moderator User 3 is a guardian at Jefferson Middle School
Rules-Based Controls: ExamplesLearning Objective: Understand Policy Management and how it works within SchoolMail
Relationships between users are established: a) School-based relationships
• My teacher• My guardian• User 3 is a guardian of User 1, who is a 4th grader at PS134
b) Social-based for collaboration (Science Club)User 1 is a student at PS134 in 4th gradeUser 2 is an educator at Bronx Science and a moderator User 3 is a guardian at Jefferson Middle School
Summary
Multiple layers of student safety • Filter level (set by teacher for student)• Access level (set by district or school)• Adult preview available, incoming and outgoing mail• Adult gets copy of each email (if requested)• Only adults confirmed to be teachers or
homeschooling parents are added to the community• Adults have profiles (not students)• Privacy of student data (TRUSTe certification)• Attachments can be previewed (set by teacher)
Learning Objective: Summarize Policy Management and student safety measures
Review
This tutorial explained:
• Why ePals’ Policy Management is Stronger than General Market eMail Systems and Safer for Education
Learning Objective: SchoolMail Policy Management