Implementation of the CLASS (Connected Learning for the Achievement of Students & Staff) plan has included the deployment of nearly 37,000 Chromebooks and installation of wireless access devices, projectors and sound amplification systems in every LPS classroom. The deployment of equipment has been accompanied by significant professional development and the adoption of an Instructional Technology Tools (ITT) evaluation process.
The ITT evaluation process has three primary objectives. First, it seeks to ensure that ITTs adopted and implemented at LPS are consistent with the guaranteed and viable curriculum they support. Second, the ITT evaluation process includes a thorough review of each ITT to ensure it is consistent with the data privacy, information security, and identity management rules set in place to comply with regulatory requirements (FERPA, CIPA, COPPA, etc.) Third, the ITT evaluation process ensures ease of accessibility through the consistent use of student LPS usernames and passwords.
Starting in the fall of 2018 all staff are required to annually acknowledge, via the Information Center for Employees, their review and understanding of the rules and procedures that form the framework of information technology and data governance at LPS. Information that follows serves as a guide to processes and practices established to promote information security, data privacy and a safe digital identity.
ITT Evaluation Process
During the spring semester of 2015-16, the district worked to make all teachers, administrators and staff aware of the instructional technology tool evaluation process (keyword: itt) that was created to evaluate the requests of building and district educators for tools that use or store LPS student data. The ITT Process is one strategic component of the ongoing data security efforts implemented to protect the privacy of LPS students and staff. [Click for more Information]
To make it easier to find and reference information about approved ITT, Computing Services has developed a web application that has been named “The Matrix”. The content in The Matrix represents the collaborative efforts of representatives from Computing Services, Curriculum, Assessment & Evaluation, Library Media Services and Special Education. The Matrix has many layers that allow ITT to be identified based on what they do (assessment, research, document creation, etc.) or where they fit in the context of instructional strategies and curriculum areas. [Click to access The Matrix]
Identity Management and Single Sign-On (SSO)
Another very important component involves the implementation of an identity management environment to simplify access to approved ITT (Instructional Technology Tools). This environment allows all staff and students to use their LPS username and password to access approved ITT capable of Single Sign-On (SSO). The LPS Google domain (class.lps.org) is fully integrated such that sites capable of using Google credentials for login are, in fact, using the LPS username and password. Only ITT capable of SSO are approved, meaning that any ITT that requires students to manually “set up” an account may not be used. The reason for this ‘SSO only’ parameter is to significantly reduce the variability in ways that students login to services they need to use, thus creating greater security and decreasing wasted time in class with different logins & passwords.
In an effort to both bring visibility to those instructional technology tools that have been approved for use and make it easier for teachers to get students logged in to those web services, the district has set up the student Chromebooks to start at a site called “The Portal”. The Portal includes a button that takes students directly to a web service just like a bookmark. For those services that support single sign-on (SSO) no additional login will be required as the portal will pass the credentials automatically. The services/web sites listed will be by building or grade level when appropriate. [Click for view of Student Portal]
When LPS students and staff use their LPS Google credentials (ID and password for class.lps.org) to connect to an instructional technology tool (app, extension or web service), the connection creates a ‘relationship’ between the Google account and the tool. The relationship may grant the tool access to data about the user’s account, some data in their Google drive, or even access to all of the data in a user’s Google drive.
It is the responsibility of the district to approve where data are stored in an effort to ensure regulatory compliance with COPPA, FERPA, and CIPA. The district has implemented an application called CloudLock from Cisco that provides data on what tools are currently being used by LPS students and staff, the access each tool has to data, and which users in which locations are using each app, extension or web service. Further, CloudLock allows the district to protect students by limiting use of their LPS Google account to access only approved tools.
An equally important role CloudLock plays is to evaluate the content in Google Drive and audit how it is shared. CloudLock scans each user’s Google Drive based on “rules” that identify inappropriate content including lewd language, indications of dangerous behavior and bullying. CloudLock audits all sharing in the context of data classification policies set up to ensure regulatory compliance (FERPA), data privacy, and information security. When a file in Google Drive is flagged by CloudLock, an incident is created that will be reviewed by district staff. Computing Services has worked with instructional directors and security personnel to develop and implement the rules that CloudLock uses to evaluate Google Drive content and audit how it is shared.
Information Security Officer
Managing and overseeing the use and security of LPS data has become a job that requires specific focus. To meet the demands of this work, Computing Services has established the Information Security Officer (ISO) position. The ISO plays a key role in the development and implementation of the information security and data privacy rules and procedures that form the framework of information technology and data governance at LPS]
Questions/clarifications can be directed to firstname.lastname@example.org