Security navbar3.gif (2120 bytes)logo.gif (1727 bytes)
Parent Page

 

ITPD Home
Security
File Management
Start Menu
Backing Up

It is vital that school NT Administrators have an understanding of the security protocols and are aware of the implications of their actions.

This page should be read in conjunction with the Policy Documents Acceptable use of Computer Facilities and External Networks (http://www.decs.act.gov.au/policies/pdf/accucf.pdf pdfsmall.gif (388 bytes)and Acceptable Use of Computer Facilities and Networks - Supplementary Documents (http://decs/i/action/aup.html, available only via the Intranet.)

Additional Documentation:

Example of a School’s Code of Practice for Staff word.gif (134 bytes)
Example of a School’s Code of Practice for Students word.gif (134 bytes)
Example Parent Information Sheet on Internet and Email word.gif (134 bytes)
Proforma Permission to Publish Personal Information or Work on {Name} Website Not Including Photos word.gif (134 bytes)
Proforma Permission to Use Photographs on {Name} Website word.gif (134 bytes)

What follows has been provided by Information Services:

Additional Hardware

Third party contractors

Network Administrators

 Student Access

Password Protection

Access to WS Admin

Connecting additional Network Hardware

There have been instances of schools connecting network hardware to EduNet which have caused significant network problems and compromised security. The connection of additional network hardware requires the written approval of the IT Support Section. Approval must be sought for any existing network hardware which has been connected. The relevant electronic request form will be provided to all schools.

All EduNet cabling must also be installed by ACT Government approved cablers. Please contact the IT Support Help Desk for this list.

Employment of third party contract staff

Third party contract staff who are employed by schools to support the network are required to have police checks prior to employment. NT Administration rights will not be provided to these staff unless a formal written request is provided by the principal. This is designed to support schools formalising contract arrangements with contractors who support EduNet. These checks must apply for existing contract staff. Police checks can be organised through the existing processes provided by Workforce, Planning and Management.

Network Administrators

All schools are required to appoint a network administrator. The role of the network administrator is critical to the successful operation of EduNet in schools. It is imperative that school network administrators are appropriately trained and compensated for the responsibility and additional workload required for the management of EduNet at the school. Courses customised for EduNet network administrators are available through Staff Development. IT Update provides continual technical information to support the role of network administrators.

It is the responsibility of the school’s EduNet administrator to understand and implement the procedures that will be developed as part of the Security of EduNet policy and its associated policies. The network administrator’s responsibilities include:

managing security settings on the server and workstations according to guidelines provided by IT Support (these are currently available on all school servers in S:\Decs\School_Doco\SdriveStructure.xls
managing the security groups and user accounts (including the removal of access rights for personnel leaving the school)
ensuring that formal authorisation is gained from IT Support prior to attaching additional hardware and operating systems to EduNet
maintaining appropriate back-up routines for servers
ensuring computer software is used in accordance with copyright conditions and license agreements
ensuring domains will not be created without written authority from The Manager, IT Support Section
ensuring workstation administrator access (logon and password) is not disclosed to students or unauthorised personnel
ensuring managed hubs are used on EduNet and
adhering to appropriate naming protocols for computers and users. (guidelines for these are available on school servers in G:\Doco\PC Refresh Procedure.doc)

Student Access

There is a real potential for serious breaches in security of school and corporate information to occur if students are given access to the network through profiles other than the approved student profiles. Students must not be provided with staff logons and passwords nor given physical access to school servers. A specific student profile has been created to provide students with the appropriate network access.

Password Protection

One of the first vulnerabilities of a network is accounts which are not password protected. There are many freely available programs which scan networks for logins and passwords and instances of these have been found on EduNet.

All accounts must be password protected
Passwords must not be easily identifiable
Passwords must be treated with the same respect as a bankcard PIN
Students must not be provided with staff logins and passwords
Students and unauthorised users must not be provided with local workstation administrator access

It is important that these security components detailed above are implemented immediately. If you have any questions or would like assistance with implementing any of the above please contact Natalie Lister on 58301 (ph) or email natalie.lister@act.gov.au

For comments or corrections on this page please use our feedback form
This page was last modified November, 2000,
Materials on this site are authorised for publication on the Internet by Joanne Howard, Staff Development Section.
Copyright & Disclaimer