+ Post New Thread
Page 1 of 2 12 LastLast
Results 1 to 15 of 20
e-Safety Thread, Staff AUP re social networking, gaming and forums etc in School Administration; Hi My bosses are finally getting around to sorting out the staff AUP and want to look at several examples. ...
  1. #1

    witch's Avatar
    Join Date
    Nov 2005
    Location
    Dorset
    Posts
    11,278
    Thank Post
    1,376
    Thanked 2,379 Times in 1,675 Posts
    Rep Power
    703

    Staff AUP re social networking, gaming and forums etc

    Hi
    My bosses are finally getting around to sorting out the staff AUP and want to look at several examples. I have the one from the lovely @AngryTechnician but would be grateful for any others. It is the detail relating to the social media they are after.
    Ta

  2. #2

    Oaktech's Avatar
    Join Date
    Jul 2011
    Location
    Bournemouth
    Posts
    2,807
    Thank Post
    774
    Thanked 547 Times in 427 Posts
    Rep Power
    260
    I've modified @AngryTechnician 's template with advice from our HR department so it reads like this:

    Staff must take care when using social networking websites such as Facebook or MySpace, even when such use occurs in their own time using their own computer. Social Networking sites invite users to participate in informal ways that can leave you open to abuse, and often make little or no distinction between adult users and children.
    You must not allow any pupil to access personal information you post on a social networking site. In particular:
    • You must not add a pupil to your ‘friends list’.
    • You must not interact socially with former pupils under the age of 18.
    • It is advisable not to add former pupils over the age of 18 to your friends list to maintain maximum professional distance.
    • You must ensure that personal information is not accessible via a ‘Public’ setting, but ensure it is set to a ‘Friends only’ level of visibility.
    • You should avoid contacting any pupil privately via a social networking website, even for school-related purposes.
    • You should take steps to ensure that any person contacting you via a social networking website is who they claim to be, and not an imposter, before allowing them access to your personal information.
    o Further information and assistance with social media privacy settings is available from the IT Support staff.
    The stipulations above should extend to your use of any other online social activity such as communal gaming platforms, whether PC or console based.
    Staff should also take care when posting to any public website (including online discussion forums or blogs) that their comments do not harm their professional standing or the reputation of the school – even if their online activities are entirely unrelated to the school.
    • Unless authorised to do so, you must not post content on websites that may appear as if you are speaking for the school.
    • You should not post any material online that can be clearly linked to the school that may damage the school’s reputation.
    • You should avoid posting any material clearly identifying yourself, another member of staff, or a pupil, that could potentially be used to embarrass, harass, or defame the subject.

  3. 2 Thanks to Oaktech:

    simpsonj (16th April 2012), witch (16th April 2012)

  4. #3

    GrumbleDook's Avatar
    Join Date
    Jul 2005
    Location
    Gosport, Hampshire
    Posts
    9,935
    Thank Post
    1,341
    Thanked 1,784 Times in 1,107 Posts
    Blog Entries
    19
    Rep Power
    595
    Some union reps in particular areas have issue with the use of the word 'must' ... after all, if the rules say you must not add a pupil onto your friends list then how do you deal with being a parent of a child in that school and trying to be actively involved in their online life *for their own protection*? The stress needs to be on raising with staff that a lot of this is to help protect them. One change I would suggest on the above would be ...

    You should not post any material online that can be clearly linked to the school that may damage the school’s reputation, or is likely to damage your own professional reputation.
    Speaking with an eSafety Advisor in another LA recently, he has suggested this to help staff understand that by posting rants on social networking sites about how snowed under you are, how difficult you find your job ... then this could make it difficult for you in finding employment in the future as it can put over the impression that you cannot cope, cannot manage time or do not have sufficient subject knowledge. It has been favourably received in schools where he has explained the possible impact (and yes, it is based on real world difficulties experienced by staff of various types).

  5. Thanks to GrumbleDook from:

    Oaktech (16th April 2012)

  6. #4

    elsiegee40's Avatar
    Join Date
    Jan 2007
    Location
    Kent
    Posts
    11,074
    Thank Post
    1,792
    Thanked 2,187 Times in 1,618 Posts
    Rep Power
    773
    The most important thing is never to introduce this new AUP/Code of Conduct without accompanying it with training. I trained (after request by the HT) every member of staff from cleaners to the HT (it took 5 sessions) using a presentation I called "Safeguarding, Data Protection and YOU"; the same presentation is now used as induction training for every new staff member.

    The object of the training was to cover Safeguarding and data protection issues, but from the point of view of doing this is a good idea to protect your backside and your career. I then went on to introduce our new Code of Conduct (a document that covers all behaviour by staff and far more than the IT side) and AUP and explain why it had been introduced.

    Every staff member got 2 copies to take away. One had to be signed and returned to the Bursar and became part of their contract. I explained that I was the trainer and contractual queries would have to be taken up with the HT &/or Bursar, but that i was happy to handle any IT queries.

  7. #5

    Oaktech's Avatar
    Join Date
    Jul 2011
    Location
    Bournemouth
    Posts
    2,807
    Thank Post
    774
    Thanked 547 Times in 427 Posts
    Rep Power
    260
    Ok, I see your point and will change that to follow.

  8. #6

    witch's Avatar
    Join Date
    Nov 2005
    Location
    Dorset
    Posts
    11,278
    Thank Post
    1,376
    Thanked 2,379 Times in 1,675 Posts
    Rep Power
    703
    Yes, I agree, training would be wonderful but it probably isnt going to happen I'm afraid.

  9. #7

    elsiegee40's Avatar
    Join Date
    Jan 2007
    Location
    Kent
    Posts
    11,074
    Thank Post
    1,792
    Thanked 2,187 Times in 1,618 Posts
    Rep Power
    773
    Quote Originally Posted by witch View Post
    Yes, I agree, training would be wonderful but it probably isnt going to happen I'm afraid.
    You'll have problems unless there is some training, I think... email sent.

  10. #8

    GrumbleDook's Avatar
    Join Date
    Jul 2005
    Location
    Gosport, Hampshire
    Posts
    9,935
    Thank Post
    1,341
    Thanked 1,784 Times in 1,107 Posts
    Blog Entries
    19
    Rep Power
    595
    If they fail to provide training and something goes wrong then the AUP can be argued as unenforceable as it makes the presumption of knowledge where none might exist. This is covered by the same rules in employment law as H&S responsibilities ... no training ... no AUP.

  11. #9

    witch's Avatar
    Join Date
    Nov 2005
    Location
    Dorset
    Posts
    11,278
    Thank Post
    1,376
    Thanked 2,379 Times in 1,675 Posts
    Rep Power
    703
    So what is the most basic level of training that we would need to provide? The AUP is pretty straight-forward and I cant see how anyone could argue that you need some sort of training to understand what it means - or have I missed something?

  12. #10

    GrumbleDook's Avatar
    Join Date
    Jul 2005
    Location
    Gosport, Hampshire
    Posts
    9,935
    Thank Post
    1,341
    Thanked 1,784 Times in 1,107 Posts
    Blog Entries
    19
    Rep Power
    595
    The training is usually around the various social networks themselves. There is no point saying 'you can do this but you can't do that' if you don't provide help with where to find the tools on the social networks.

    Then there is the advices around what is damaging to a school or a person. What one person thinks is fine might turn out to be a nightmare. Someone has to give some examples (pointing out that they are in no way that only thing that can go wrong).

    If we take
    You should take steps to ensure that any person contacting you via a social networking website is who they claim to be, and not an imposter, before allowing them access to your personal information.
    then some staff will need help with this. Simple things like if you get an invite of FB then you follow it up with an email to a known good email address (i.e. their work email address) and as long as everyone knows that this is what is happening then no-one should be offended at an apparent lack of trust.

    The example of a student doing a frustrated "Flippin' FB have mangled my account account again so I have had to set this one up. Please drop the other account and add me as a friend on this one" message to staff in a school has happened ... and so you have to explain about social engineering (which you can double up with advice on Data Protection and protection against malware / viruses too).

  13. #11

    witch's Avatar
    Join Date
    Nov 2005
    Location
    Dorset
    Posts
    11,278
    Thank Post
    1,376
    Thanked 2,379 Times in 1,675 Posts
    Rep Power
    703
    Ah, I see
    Bit difficult to explain the tools etc on social networking sites as they are all blocked in my schools - can provide them with one of @elsigee40 's lovely detailed info on security settings but that is about all.
    Not sure I understand the bit about a known email address - you just get a message about befriending someone - how do you find out an email for them?
    Ho hum - It will be me expected to do any training - without nicking anyone's hard work, can I have some advice on how to go about it?

  14. #12

    elsiegee40's Avatar
    Join Date
    Jan 2007
    Location
    Kent
    Posts
    11,074
    Thank Post
    1,792
    Thanked 2,187 Times in 1,618 Posts
    Rep Power
    773
    With teachers it's straightforward. They may be using personal email for facebook, but they should have a school email account too... don't micx business and pleasure. So if you email their school email account and double check that the facebook account is genuine, you know that you are speaking to the correct person. Janesmith(at)yahoo.com could be anyone. smithjd(at)thisschool.county.sch.uk can only be one person.

  15. #13

    GrumbleDook's Avatar
    Join Date
    Jul 2005
    Location
    Gosport, Hampshire
    Posts
    9,935
    Thank Post
    1,341
    Thanked 1,784 Times in 1,107 Posts
    Blog Entries
    19
    Rep Power
    595
    To be honest, there are a number of good trainers in your area IIRC, and you should get some of it for free. Speak to your LSCB to see what is available.

    If you are in the position where you have to do it all yourself ... have a look at the UK Safer Internet Centre for ideas and resources. When talking with staff about online reputation you could run through the ideas from the following page - What can I do? - UK Safer Internet Centre and run through a few scenarios with staff. Make a fake profile on FB and a fake school you are employed by (make sure you cannot confuse it with a real school) and then show how easy it is to go wrong.

    As for the authenticating email situation ... here is a short burst for you.

    Do you trust your family?
    Do you trust your friends?
    Do you trust your close work colleagues?
    Do you trust the rest of the staff?
    Do you trust their family and friends?

    Let us think about how trust is open to abuse.

    You are a fairly regular user of a social network. You get an in-network message from a friend who has problems with their account and is asking to be your friend again. You have already added them before but are happy to add them again, after all ... if you ask them to prove who they are it would just make you sound paranoid. You go into work the next day to find out that pictures you shared with close friends of you as a young adult have been printed out and shared round the class ... from the summer holiday which you barely remember (images of Bez talking about banging tunes and 'avin' it could be appropriate here) and you with hardly any clothes on or surround by others with hardly any clothes on ... and then there is that stag/hen weekend you went on with friends ...

    Yes, the chances of it being someone faking a friends account are small, but just think about all the photos of *your* friends you might be giving access to others.

    A member of your family will have your phone number or email that they can use to let you know it is a legit request.
    A close friend will appreciate you protecting *those* photos from being seen elsewhere.
    Friends at work don't want their moans and groans being aired to the wider world.

    When you invite someone in or grant someone access they should be a person you know is real and can trust. Once you have explained the rules about how you want your pictures and facts treated then they should respect this. After all, if you loaned someone a physical photo album you would not expect them to make copies and leave it lying around. If you lent someone a treasured book you would not expect them to mistreat it or allow their children or friends to scribble in it. If you lent someone clothes you would expect them back in a good condition. We have always made rules with one another about how we expect others to treat us, our treasured goods and our friendships ... by letting others know these rules about how you want to be treated online then they have a choice. Follow it or lose your friendship. Asking someone to prove who they are is not being paranoid ... it is being safe. Trusting someone you cannot be 100% sure about is foolish, and if you do that with your online identity then you risk things being abused.

    The same social engineering tricks are used by scammers, computer abusers, spreaders of viruses, and those up to no good. Don't get caught out, enjoy being online and be safe.

  16. #14

    bossman's Avatar
    Join Date
    Nov 2005
    Location
    England
    Posts
    3,914
    Thank Post
    1,189
    Thanked 1,063 Times in 754 Posts
    Rep Power
    329
    @witch:

    Iv'e PM'd you

  17. #15

    witch's Avatar
    Join Date
    Nov 2005
    Location
    Dorset
    Posts
    11,278
    Thank Post
    1,376
    Thanked 2,379 Times in 1,675 Posts
    Rep Power
    703
    Quote Originally Posted by GrumbleDook View Post
    To be honest, there are a number of good trainers in your area IIRC, and you should get some of it for free. Speak to your LSCB to see what is available.

    If you are in the position where you have to do it all yourself ... have a look at the UK Safer Internet Centre for ideas and resources. When talking with staff about online reputation you could run through the ideas from the following page - What can I do? - UK Safer Internet Centre and run through a few scenarios with staff. Make a fake profile on FB and a fake school you are employed by (make sure you cannot confuse it with a real school) and then show how easy it is to go wrong.

    As for the authenticating email situation ... here is a short burst for you.
    ...what's an LSCB???
    Still dont get how you check an account is genuine other than in the 'replacement account' scenario. I have members of my extended family and old college friends etc on facebook who wouldnt know my email to begin with, nor I theirs, so how would I check they are genuine?
    *ah - have found the Dorset Safeguarding Children Board of which I have NEVER heard - bit bad when you consider I work in two Dorset schools and have worked for Dorset for 11 years. Can't see anything that would help with Staff AUP though as it seems all children-based
    Last edited by witch; 16th April 2012 at 10:27 PM.

SHARE:
+ Post New Thread
Page 1 of 2 12 LastLast

Similar Threads

  1. [Video] Frankie And Dottie Look After Social Network Websites
    By DaveP in forum Jokes/Interweb Things
    Replies: 0
    Last Post: 12th April 2012, 03:20 PM
  2. Network Managers and their staff
    By SDM01 in forum General Chat
    Replies: 29
    Last Post: 18th September 2009, 11:03 PM
  3. AUP Social networking sites
    By chrbb in forum School ICT Policies
    Replies: 8
    Last Post: 18th May 2009, 05:29 PM
  4. Staff AUP
    By mark in forum School ICT Policies
    Replies: 33
    Last Post: 22nd August 2005, 10:22 AM
  5. Use of domain password (& staff AUP, etc.) ;)
    By mark in forum School ICT Policies
    Replies: 22
    Last Post: 29th June 2005, 02:36 PM

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •