from Educators' eZine
Connecticut's Wallingford Public Schools is K-12 school district comprising two high schools, two middle schools and eight elementary schools. As part of our mission, the administration strives to incorporate the latest technological advances to improve student academic achievement. Wallingford developed a comprehensive three-year plan based on the educational goals of the school system, ensuring that technology would be infused into instructional and administrative programs. Participation in the grant program also required compliance with the Children's Internet Protection Act (CIPA), a federal law addressing access to offensive content over the Internet on school and library computers. CIPA requires schools receiving funding support for Internet access or internal connections to have Internet filtering measures in place.
The Test: Protecting Students and the Network
In order to be a lifelong learner in today's changing world, every student must develop and use technological skills efficiently, effectively and ethically. Wallingford's greatest needs were at the high school level, which had the most computer labs and media centers. There are a large number of computers in use from dawn to dusk, which presents challenges in securing the learning environment. I knew that was where we'd get the most benefit from a security solution implementation.
Servicing about 2,000 students, Lyman Hall and Mark T. Sheehan, the district's two high schools, have 250+ computers available in computer labs and libraries. Students use them for a variety of purposes, such as researching topics via the Internet, writing papers for classes, or gathering images for use in school projects. They are also allowed to access personal e-mail accounts such as Yahoo! and Hotmail.
We already had state-provided Web filtering software in place, but there were additional areas of concern. Blocking inappropriate sites from students is one thing, but there were three other critical issues to address as part of a complete security plan:
We needed insight into the students' computer activity. Were they putting the IT infrastructure at risk by visiting malicious Web sites that could deliver spyware or viruses onto Wallingford's network? Were they visiting unauthorized social networking, adult or other inappropriate Web sites? We also needed to know if they were downloading unauthorized applications - such as online multiplayer games or streaming audio and video - that would drain bandwidth and cause poor overall network performance.
A downfall to our existing filtering software was that it had no reporting capabilities. We had some open source tools in place to get information, but reports had to be generated building by building versus from one central location, requiring IT staff to physically travel from school to school. It took so much time to generate reports that the effort to accomplish it actually outweighed any possible benefits.
Finding the Right Answer: Software-as-a-Service
After being introduced to Omni Manager from QED Connect, I did an initial evaluation and decided to fully implement the product. Omni Manager combined several necessary security applications, including Internet and e-mail filtering and reporting, anti-virus, application usage monitoring and policy management into one hosted service that was deployable to all our computers and laptops, regardless of their physical or geographic location. We initially installed Omni Manager on all 250 computers in the two schools.
The company calls Omni Manager a SaaS, or Software-as-a-Service, and as such its hosted nature was a significant benefit for us. Instead of having to address each security application individually by purchasing multiple packaged software products, I was able to cost-effectively deploy an 'all-in-one' service. And with reasonable per seat pricing, it easily fit within our school's budget.
Another benefit of SaaS is the reduced administrative burden on our IT staff. I spend zero hours per week worrying about managing a server since this application is hosted. No worries about keeping it patched and secure. That time savings alone adds up to several hours per month minimum. The product was simple to implement and the interface is easy to understand. I identified the use of several inappropriate Web sites within the first 24 hours of using Omni Manager.
Omni Manager's detailed reporting capability has proven to be a very useful tool for us as well. Until the implementation, I had very little visibility into students' Internet activity. Now I can generate reports on all workstation activity, including: the types of Web sites being visited, what times they were accessed, and how long the student stayed on the site; which applications were being used and with what frequency; and new applications that had been downloaded and how much bandwidth they were draining. Since the computers were on the same network, student computer use affected the performance of staff computers as well. If student actions caused the network to go down or slowed its performance, it would cause issues with administrative and classroom productivity as well.
You have to identify the threats before you can address them. Omni Manager gave us the forensics tools we needed. It takes only minutes to get information. Once we determine where the problems lie, we can take corrective action, such as modifying the types of sites we're blocking, uninstalling applications, or creating new policies that divert inappropriate activity. There are Omni Manager applications we haven't even touched on yet that could also be helpful, such as the reporting of hardware changes. For example, if memory is stolen from a workstation, dropping from 1 GB RAM to 128 MB of RAM, we can see this almost immediately, resolve the issue and take preventive measures going forward. Omni Manager becomes an asset tracking tool as well.
In addition to the above needs, I also found that Omni Manager augmented our existing state-provided Web filtering software. I run the two Internet filtering solutions concurrently, providing extra protection in instances when students had found a proxy site that was not being blocked by existing servers.
I've identified several dozen game sites that students had been able to access despite our existing filtering system. Since there are a number of appropriate and useful game sites out there, such as Lemonade Stand and various typing tutorials, we don't block all game sites by default. The ones that were identified and subsequently blocked by Omni Manager were not educational in nature and had the potential to negatively impact network performance.
Studying the Benefits of Software-as-a-Service
The implementation of software-as-a-service has helped Wallingford meet our information security challenges. Not only did we save the time and expense of purchasing and installing multiple software products, but I also reduced my management and administration time, enabling me to focus on other projects. The detailed reporting tools provided visibility into student activity in minutes versus hours or days, so I can stay ahead of potential problems, including bandwidth hogs that could negatively impact network performance and therefore, productivity as well. Omni Manager's Internet filtering and blocking provided extra protection for students, identifying and blocking inappropriate sites that had slipped through the school's existing filtering software.
For parents, it is an invaluable benefit to know they don't need to worry about their children surfing inappropriate Internet sites while at school. Most of the IT people in education share the same problems and issues. We need our technology products to provide significant value, and Omni Manager delivers tremendous functionality at a relatively attractive price. I think it will have universal appeal among schools, and I am confident its implementation will help us derive greater benefits from the technologies we have in place. I can definitely see us expanding our use of Omni Manager in the future.