07212018 Headline:

Open school network open to misuse

Students, Tech Services seek balance between responsibility and regulation

By Cole Evans & Vee Glessner

Mr. Holloway views the security cameras from the central control software.

Mr. Holloway views the security cameras from the central control software.

Security camera feeds on the RAHS campus have been freely accessible to view on the school network, but concerns about students abusing the open design of that network has the district Department of Technology Services (DoTS) keeping closer tabs on student technology use.


Until early February, the campus camera feeds were accessible with a simple “user” credential and a default administrative password that over the years had become widely known among the student body. That network access has now been restricted, which has both students and the DoTS trying to strike a balance between regulation and responsibility in a tech-savvy, tech-literate school community.


Simple Password, Complex Problem


Junior Miles Durnwirth has seen lots of examples of students using the default credentials, which have since been changed, to access the security camera feeds.


“I feel like it is a pretty bad situation because everyone can access the cameras,” said Durnwirth. “I’ve seen people get on the cameras all the time.”


The original default password was set up by the installer of the system, and the DoTS left this in place for two key reasons.


“One reason was transparency,” said Highline School District Chief Technology Officer Mark Finstrom, “and the other was support of the system which required the installer to be able to access the system during repairs.”


The password allowed easy access for those that knew it, but some students, such as senior Julia Shettler, don’t think that having a password equals permission to use it.


“I don’t think that just because you can go on the cameras, you should go on the cameras,” said Shettler. “It seems unethical to me.”


Others, such as junior Thomas Kirby, believe that the DoTS should have put a stronger password in place.


“I think that if they didn’t want people accessing it, they shouldn’t have made the password obvious,” said Kirby.


Managing network security is often a delicate balance between granting users the freedom they want and keeping technology, and the people who rely on it, safe. Open networks can be an irresistible lure to curious students, and even with the new restrictions, some still pry for access to network devices.


“Someone yesterday asked me if I knew the password,” said Durnwirth, “they were trying a bunch of admin passwords they knew,”


Policies and “Undesirable Usage”


RAHS students commit to district-wide guidelines from Policy 2026 “Student Handbook” and Policy 2022 “Acceptable Use Agreement” at the beginning of each school year.

“The Technology Contract all students sign here at RAHS addresses the issue of unauthorized access of network devices,” said RAHS Blended Learning Technologist Anthony McLaughlin. “The custodianship of those networked devices are at a district level.”


All students and their parents agree to Policies 2022, 2026 and subordinate files (procedures, forms and handbook), as a requirement to access district laptops, which prohibit the use of credentials not owned by the user.


“Intentionally seeking information on, obtaining copies of, or modifying files, other data, or passwords belonging to other users, or misrepresenting other users on the electronic resources,” is “Undesirable Usage,” according to Procedure 2022P.


HSD Regulation


When it was brought to the attention of DoTS staff that students might be misusing network account information and posing a threat to the security of personally identifiable information, district technology staff changed the password that allowed access.


“I really did not want to do that, said Finstrom, “but in the interest of safety, I agreed with my staff that we must monitor what students at your school are trying to do.”


In addition to the password change, administration is inserting controls into the local area network (LAN) to manage usage.


“I agreed that changing the password was the right step,” said Finstrom, “and initiated a monitoring process to watch student activity on the Raisbeck Aviation LAN, as well the Highline Public Schools WAN.”


HSD Philosophy


HSD and the DoTS hold a philosophy of restricting technology access only when necessary, giving students the flexibility to use technology freely and the responsibility of using it wisely.


RAHS Principal Therese Tipton supports the intent behind maintaining a transparent network, but acknowledges the potential consequences of student misuse.


“Students could lose the trust of the school/district by using technology for inappropriate reasons not related to education,” said Tipton.


The Highline School District aims to strike an appropriate balance between responsibility and regulation in students’ use of technology, including encouraging appropriate behaviors with the Digital Citizenship curriculum. This curriculum, available through the HSD web site, addresses issues like online privacy, cyberbullying, and appropriate conduct for students online.


“I believe we need to teach responsible ‘netizenship,’” said Finstrom. “That’s not just citizenship, but netizenship. And that is, you use the resource the appropriate way.”


Though they took action to restrict access when student usage was perceived as a potential threat, district technology staff hopes that students can use resources responsibly with minimal regulation.


“Highline is fairly open by design,” said Finstrom. “We want students to have real-life experiences and to be able to do what is needed and not be controlled.”

Students connected to the ‘eracpriv’ network at school are able to access devices on the network. Even if someone were connected to the guest network ‘OpenAir,’ it is possible to access the security cameras, which are connected to the network in a similar fashion to the private network.

What Next?

Related Articles