Online Safety Update
Created for all Northumberland Senso Safeguarding Users
Advice for staff on remote teaching and learning
It seems likely that staff will be asked to teach remotely in the coming weeks and months. At this time, government advice to schools in England is not to close, but if that changes it will certainly bring many more challenges.
The advice below is meant to complement, and not replace or overrule, the Local Authority and school, or academy, policies and guidance regarding remote teaching and learning / remote working - if you are not familiar with these, please ask for copies.
As well as familiarising yourself with your school and academy policies, please download and read a copy of 'Guidance for safer working practice for those working with children and young people in education settings, May 2019' - in particular, section 12.
The document highlights best practice and highlights that ‘....adults should:
▪ not seek to communicate/make contact or respond to contact with pupils outside of the purposes of their work
▪ not give out their personal details
▪ use only the equipment and internet services provided by the school or setting, unless school policies state otherwise
▪ only use internet-enabled personal devices in line with school acceptable use policies
▪ follow their school/setting’s acceptable use policy and online safety guidance
▪ ensure that their use of technologies could not bring their employer into disrepute’
If you have any safeguarding concerns, please contact the Designated Safeguarding Lead and/or a member of the Senior Leadership Team for your school or academy.
Technical Requirements for Working at Home Safely
Ensure your home network is secure, if in doubt seek professional advice.
It might be advisable to use a VPN if you are working on potentially sensitive online systems, this ensures the network traffic is not observable. This offers a certain protection against attackers who take advantage of poorly secured home networks.
Ideally, only school equipment should be used. Private computers may be too insecure for remote office work.
Hard disk encryption must be activated if files are stored on the device, rather than a cloud-based service. This protects against the loss of data in the event of theft and avoids having to report the theft to the data protection authority.
Screen savers that lock the screen during inactivity should be set to start automatically after a few minutes of inactivity.
Private matters such as writing personal e-mails, playing games or surfing social networks should not be performed on school computers. This separation must also be maintained if you are working from home.
School computers are only permitted for use by staff. Children or other persons living in the household may not use the device.
Safe use of webcams and video conferencing services
The following advice is a summary of information from www.safeguardinginschools.co.uk
Schools should risk assess the use of live learning using webcams.
Check use of webcams are permitted under the school or academy policies. If in doubt, seek advice.
Consult with parents about what would be most useful and whether 'live' online learning would be welcomed. In a pandemic, parents are likely to have more to worry about than whether their child is ready to sit in front of a computer at the right time.
Data Controllers need to reassure themselves that any teaching/learning software and/or platforms are suitable and raise no privacy issues; or use cases against the providers’ terms and conditions (for example, no business use of consumer products)
Recorded videos might be better than live webcams.
If live learning using webcams is permitted, consider setting up a webinar, organised so the teacher is on screen and does the talking whilst 'broadcasting' the lesson to the children, the teacher doesn't see the children, and the children can't see each other.
Strictly no 1:1s, groups only
Staff and children must wear suitable clothing, as should anyone else in the household.
Any computers used should be in appropriate areas, for example, not in bedrooms; and where possible be against a neutral background.
The live class should be recorded and backed up elsewhere, so that if any issues were to arise, the video can be reviewed.
Live classes should be kept to a reasonable length of time, or the streaming may prevent the family 'getting on' with their day
Language must be professional and appropriate, including any family members in the background
How to avoid common data protection risks if you work from home
Seek advice on securing your WiFi. A long password is a good start.
School data should never end up stored on private devices. Typical situations include using private USB sticks or other external storage devices to transfer data. Make all staff aware of the possibilities of encrypted data transfer using cloud storage.
Raise awareness of phishing once again among all staff. Experts believe that new phishing e-mails will soon appear, taking advantage of the general uncertainty and enticing people to make thoughtless clicks and downloads.
Equally important is social engineering. Attackers could try to gain access to sensitive information via e-mail or chat by impersonating a colleague online. Staff should be very careful when sharing personal information.
Require all staff to use normal school communication channels, and to seek advice from a member of the Senior Leadership Team if they have any data protection concerns.
Staff working from home must be reminded to lock the computers when they leave their workplace, and the device should be put away every evening.
Consider the cyber security implications of working from home, watch the NCSC guidance detailed below.
The NCSC’s new e-learning package
The NCSC has produced a new e-learning training package: 'Stay Safe Online: Top Tips for Staff'. It’s totally free, easy-to-use and takes less than 30 minutes to complete. The training introduces why cyber security is important and how attacks happen, and then covers four key areas:
- defending yourself against phishing
- using strong passwords
- securing your devices
- reporting incidents ('if in doubt, call it out')
The training is primarily aimed at small organisations like schools, but can be applied to any organisation, regardless of size or sector. It's been deliberately designed for a non-technical audience (who may have little or no knowledge of cyber security), with tips that complement any existing policies and procedures. Further information can be found by following this link: https://www.ncsc.gov.uk/blog-post/ncsc-cyber-security-training-for-staff-now-available
Finally, if you are struggling to cope or just need to chat, remember that the Education Support Partnership helpline is available for anyone who works in a school.
Education Support Partnership Helpline: 08000 562 561
Download a poster about the partnership below: