Other E-Mail Headaches
Security breaches, employee carelessness, spam
On every school day, thousands of e-mails fly through school district cyberspace. While e-mail has become a routine and seemingly indispensable part of district operations, it can cause some real headaches for information-technology directors.
Breakdowns in security, inappropriate use, and the sheer volume of electronic communications are some of the problems that districts grapple with, says Linda Sharp, the director of cyber security for the digital-district project at the Consortium for School Networking. The Washington-based CoSN is an advocacy group for educational technology.
“We don’t spend the time we need to on staff development—teaching people appropriate e-mail etiquette and procedures and how to manage their e-mail,” Sharp says. “Those are critical issues.”
On the question of security, she says, employees often resist changing passwords periodically, or leave their passwords in full view as reminders to themselves. But if a student gets a teacher’s password and accesses the e-mail account, private correspondence between the teacher and parents, for example, would be at risk. The student also would be able to send e-mails under the teacher’s name or even get into data, grades, and other private records elsewhere in the system, Sharp says.
In addition, with revised Federal Rules of Civil Procedure requiring that school districts archive their e-mail, possibly for extended periods of time, it’s particularly important, she says, that district employees know they need to have a personal e-mail address as well.
“You don’t want your personal e-mail archived with the school system’s e-mail,” Sharp says, referring to employees who use their office addresses for e-mail exchanges not related to work.
Every employee should be aware that e-mails are not private and can be read by information-technology staff members at any time, she says.
“We need to make sure teachers understand that everything they write in e-mail, it’s just as if they printed it out and hung it up for everyone to see,” she says. “The tech leaders can retrieve almost any e-mail sent or received.”
Though most school systems require that employees sign a policy on e-mail use that lists what is permitted and not permitted on school e-mail, most don’t read it or remember it, Sharp says.
Misuse can get employees into serious trouble. Last year, 20 teachers and other staff members in the 84,000-student Jefferson County, Colo., school district lost their jobs for sending pornographic and other inappropriate e-mails, says Lynn Setzer, a district spokeswoman.
“When you’re at work, you have to be aware of the kinds of e-mails you’re looking at and passing along,” Setzer says. “People can get complacent sometimes about looking at things that other people would find offensive. In a school district, you must be hypervigilant.”
In Jefferson County, newly hired employees sign an e-mail policy that maps out what is acceptable to send and receive, she says.
But after last year’s incident, the district put in place a pop-up message that appears when employees log into the school’s computer system, which tracks personnel data such as salaries and vacation time. The pop-up requires employees to check a box saying they’re aware of the e-mail policy. If an employee does not check the box, he or she can still get into the system, but the pop-up message appears every time that person logs in. If the employee checks the box, the message does not appear again.
Spam and Viruses
Computer viruses and e-mail spam are also critical issues for school districts, as they are for other workplaces.
The 98,000-student Cypress-Fairbanks Independent School District near Houston was hit several years ago by a virus that entered the district computer system through e-mail, says Harold Rowe, the associate superintendent for technology and school services.
“We were affected and ended up having some down time,” he says. “Some of the lifeblood of school districts revolves around e-mail, so it was a problem.”
The district already had a spam filter and anti-viral software programs in place. But after the attack, it installed another layer of filtration. Now e-mails are filtered for junk mail before they reach the district by a third-party filtering device, then filtered again once they get inside the district system, Rowe says.
“We’re knocking on wood,” he says, “that this multilayered approach will work.”
Vol. 01, Issue 02, Pages 14-15
Get more stories and free e-newsletters!