Laptop Security

by MARK EDWARDS
Security is an essential part of Henrico County’s laptop deployment. Some of the major components of our security plan are these:

* Open wireless network. The student side of the network allows wireless access to the Internet, password-protected student folders and locally owned digital content.

* Secured and hardwired administrative network. To gain access to administrative information, such as students’ grades, attendance, demographics, schedules and individual education plans, one must use a designated administrative computer, have his or her terminal physically plugged into an Ethernet jack and have user names and passwords that can be authenticated. Without an administrative computer, no access is permitted.

* Student protection from inappropriate material. This consists of four parts: a robust and fast Internet filtering system; a policy of unannounced teacher and administrator viewing of student computers; remote schoolwide viewing of Internet traffic as well as student desktops; and an acceptable use policy signed by every student and parent with a laptop.

* Prevention of software and system abuse. How to secure the laptop against software installations and system manipulations is vital. Students must not be able to manipulate the desktop, download or run programs from the Internet, boot from CDs/external drives and delete files except those from their user directory.

* Computer use policy. A good computer usage policy that both the parent and student must sign as part of the deployment is also critical. The use policy forbids the disassembly or customization of the laptop. This language ensures all stakeholders understand the seriousness of any type of manipulation or disassembly.