by Felicien | Sep 12, 2018 | Education
Schools and libraries applying for E-rate technology funding discounts must be CIPA Compliant. CIPA stands for the Children’s Internet Protection Act and mandates that if an institution is receiving a discount for network and network-adjacent services, then it must develop a protocol for use of these services by minors. Further, CIPA stipulates that the public must be notified that the district, school, or library is going to be developing an internet safety protocol, and offer a public hearing before developing the protocol (again with adequate notice to the public ahead of time).
The E-Rate discount applies to:
Data Transmission Services and Internet Access
Voice Services
Internal Connections
Managed Internal Broadband Services
Basic Maintenance of Internal Connections
It does not apply to funding the actual computers, VoIP phones, software, or any other devices that use the above telecommunication services.
Eligible institutions or educational consortiums accepted into the program will receive need-based discounts of between 20-90% off of the costs for the above-mentioned services.
CIPA Compliance Overview
Before implementing an internet use policy, schools, and libraries have to provide reasonable notice to their learning communities that they’re going to be putting one together. Additionally, they must hold at least one public hearing where citizens may ask questions or register concerns.
Lastly, the policy must include two certification requirements: online protection of minors such as filters that can block out objectionable content, and they must include a plan to educate minors on internet safety, cyberbullying, “Netiquette” and more.
The 2011 update also notes that public libraries are not subject to CIPA compliance.
Additionally, schools and libraries have to put into their policy:
Education on safe direct-link contacts such as email or chat.
Unauthorized access like hacking perpetrated by minors and other unlawful acts committed by minors using school devices or using internet services on school property.
Unauthorized access, dissemination of, or use of minors’ personal information including grades, addresses, medical alerts, etc.
Restrict minor children’s ability to access potentially harmful material.
Here is an example of a CIPA Compliance Contractor used by Walled Lake Consolidated Schools in Walled Lake, Michigan.
Adults on Campus
Adults using the internet for appropriate, necessary means are permitted to remove filters blocking access to necessary websites and programs. Adults are also not subject to internet tracking.
Who Determines What Materials Are Appropriate?
Local and state authorities determine what content is appropriate or inappropriate. Further, the blocking of entire social networking sites such as Facebook is not required per CIPA, though individual instances of objectionable or mature content should be filtered out.
Important Additions to CIPA as of 2011
E-rate finding discount recipients must develop and implement a workable strategy for protecting minors and their information, and for educating minor students in how to properly present and protect themselves online.
Schools must provide lessons in “Netiquette” and direct communication (e.g., chat sessions, email) safety education for minors using the internet on school property or with school devices.
What About BYOT/BYOD?
The biggest wrench in the works after funding issues is the BYOD/BYOT phenomenon. It’s natural to allow students to bring in their own devices. It takes care of a few problems regarding access and funding. Plus it reduces the amount of class time needed to train students on an unfamiliar device since they are using their own devices. However, the problems that Bring Your Own Device programs include far outweigh the benefits.
What Is Due Diligence On The Educator’s Part?
Really, the same tried-and-true methods that caught kids with comics or Playboys behind their textbooks still work today. Move around the room as you would for any other group activity or quiet study time, and make your presence known.
Screen mirroring works too and has the added bonus of allowing you to pretend that you’re a TSA agent or mall security officer. It does not allow for classroom management best practices, however, since the instructor may be glued to the screen too closely. It also opens teachers up to liability regarding students’ privacy since a distracted teacher may leave a mirrored workspace screen unattended, giving someone else an opportunity to access student work.
Going back to BYOD, which almost certainly would not be mirrored, students may use a personal broadband or other mobile networks to get around filters. Of course, it would be a violation of not only CIPA-related policies but likely policies already on the books in just about every school district. The best protection is to have a clear, promulgated policy in place that spells out expectations as well as consequences for violations of the policy.
Personal use on a private network also does not currently fall under CIPA’s scope, nor is there any reason to think that it ever would, since CIPA compliance relates to use of school network services and devices. Making the access to restricted materials difficult, expensive, or extremely inconvenient will naturally cut down on the number of people trying to do so.
Last Word – “The Spirit Of CIPA”
Due to the nature of technological innovation today, there are going to be instances of uncertainty. If you “keep in the spirit of CIPA,” you should be all right. Districts developing their policies should make it clear that students and educators failing to make a good faith effort to remain in compliance put funding and the safety of minors at risk, therefore violations will have consequences. It should not be too difficult to uphold the spirit of the CIPA since CIPA guidelines line up faithfully with the goals of all educators: to provide a secure learning environment for students.
The next E-Rate training webinar is Wednesday September 19, 2018 and it takes educators through the invoicing process.
by Felicien | Sep 12, 2018 | Education
What Are Keyboard Shortcuts?
Keyboard ‘shortcuts’ are the strategic use of combinations of keys on your keyboard to perform some task in your software more efficiently. There are shortcuts you can use in your file folders, word processing programs, and even for your email accounts or any social media services, you might use. In addition to increasing time efficiency, some users prefer the potentially increased accuracy of certain keyboard shortcuts.
Text highlighting and spreadsheet cell selection, for example, may be more accurate using a keyboard shortcut versus selections from even the most advanced mice. In any case, if you use mainstream computer software frequently, keyboard shortcuts have been designed for some potential benefit you or your employees can experience.
Which Shortcuts Have Been Most Helpful?
While general preferences have the most priority in what is defined as truly helpful for use, online resources have reported some keyboard shortcuts being more popular or commonly beneficial than others. Here are five keyboard shortcuts that could potentially be ‘life-changing’:
Locking a screen
Window or app switching
Opening Windows Explorer
Opening search bars
Selecting all text
These shortcuts are reported to be the most common time savers when performing common computer software tasks. Pressing the Windows key with the L key (Windows + L) allows a user to quickly lock their screen to more quickly step away from their system.
Pressing the ALT and Tab keys (ALT + Tab) allows a user to navigate between programs they are using. This can be more efficient than using a mouse to click through or minimize several programs as users navigate through their software.
In the common event of a need to locate an unused file, pressing the Windows and E keys (Windows + E) will open Windows Explorer without a mouse navigation and click. This can be useful even if the application is already on the user’s taskbar.
In the event you need to search for additional information, you can press the CTRL and F keys (CTRL + F) to open a search bar. If you need to select all text in a document or screen, pressing the CTRL and A keys (CTRL + A) will result in this being automatically performed, and without the more tedious mouse-button-holding-while-scrolling action notorious for its frustrated multiple attempts.
Other keyboard shortcuts may be less commonly demanded by users but still potentially beneficial to you. Pressing the CTRL and D keys (CTRL + D) automatically moves files to the recycle bin on your system. Pressing the CTRL, Shift, and Escape keys (CTRL + Shift + Esc) automatically opens the Task Manager, allowing you to search for problems.
MoneyTalks News and Buffer recommended several additional keyboard shortcuts as potential ways to boost organizational productivity. In addition to the more commonly known but often still uncommonly used CTRL + S, CTRL + C, and CTRL + V shortcuts for saving, copying, and pasting respectively, these sources report that an emphasis on shortcuts can have a measurable impact on organizational or general productivity and output.
Windows shortcuts recommended include:
CTRL + N (Open new window)
CTRL + T (Open new tab)
Windows key + M (Hide window)
Gmail shortcuts recommended include:
CTRL + Shift + C (Add CC recipient)
CTRL + Shift + B (Add BCC recipient)
Twitter shortcuts recommended include:
G + L (Move directly to Twitter lists)
J/K (Cycle forward or backward through tweets)
Enter (Open tweet details)
| (Close open tweets)
Facebook shortcuts recommended include:
0 (Help page)
1 (Homepage)
2 (Timeline page)
3 (Friends page)
4 (Inbox)
5 (Notifications)
6 (Settings page)
7 (Activity Log page)
J/K (Scroll forwards or backward along posts)
L (Like or Unlike a post)
C (Comment creation)
S (Share post)
P (Create new post)
/ (Search)
YouTube shortcuts recommended include:
1 (Jump to the 10% mark of a video)
2-9 (Jump to the corresponding 20%-90% through a video)
Spacebar (Pause or Unpause the video)
Google+ shortcuts recommended include:
/ (Open search bar)
J/K (Scroll up or down in posts)
Left Arrow (Jump to the menu)
WordPress shortcuts recommended include:
<Command> + 2, 3, or 4 (Jump to corresponding heading)
Alt + Shift + A (Add link)
Alt + Shift + M (Insert image)
What’s In Store For The Future Of Keyboard Shortcuts?
More innovative developments are on the way in an attempt to further improve efficiencies, and you may be able to take advantage of them quite soon. One recent development by a team of researchers extends keyboard shortcuts with arm and wrist gestures so that users can work more quickly with rotations using sensors.
In another development, a research team developed ‘finger aware’ shortcuts, which senses hand posture while allowing secondary movements to trigger shortcuts as other tasks are performed. Actions potentially triggered with a user’s thumb are being coined ‘FingerArc’ functions, while the secondary key actions are being referred to as ‘FingerChord’ functions. Both of these may be considered useful, or even become commonplace in the near future.
What Should I Remember About Keyboard Shortcuts?
Keyboard shortcuts exist in great numbers.
They can be beneficial for better efficiency.
When used across a workplace, measurable productivity increases may be observed/experienced.
Additional, and potentially revolutionary, developments are underway.
by Felicien | Sep 12, 2018 | Education
What is Fluxion?
Fluxion is a new program that combines social engineering and technology to trick users into giving up their log-in and password information. This program is a step above Wifiphisher, which lacks the ability to verify WPA passwords. Fluxion takes all the work out of hacking using a variety of processes that quickly and easily convince users to provide their Wi-Fi password.
Hackers can acquire these passwords through a few simple taps on a keyboard. Fluxion is regarded as a success in making it easier than ever for cyber thieves to steal valuable information from users.
Fundamentally, or in terms of many aspects of its basic framework, it is similar to previous developments but uses a twin access point in combination with handshake capture and integrated jamming functions. These can work together so that aspects of hardware and software operations that normally take place in the standard functionality of the user account are overwhelmed.
What Recent Developments And Potentials Should I Be Concerned With?
The extent that Fluxion has developed in combination with its accessibility and ease of use online is the most concerning. A search of Google or other major internet search engines will reveal numerous instructional pages that can be downloaded. These instructions provide anyone with a little Internet skill to begin a new career as a cyber thief. These sites provide public access to a range of resources that make it possible for anyone to violate user privacy and accounts and steal login information.
The program initiated as an improvement over a successful attack and was rewritten, so both the structure and coding have been strategically optimized in addition to its user-friendliness and availability.
How Does Fluxion Work?
Fluxion uses what is known as a WPA handshake to affect the functionality of a login page as it attempts to gain receipt of user information. It can affect how the user’s entire script is controlled as the original network is jammed, and a clone is created with the same name, attempting to persuade the user into making an unsafe connection under the guise of a familiar one. It often requests that the user allow time for their router or firmware to reload or be updated. This is just a ploy; the real objective is to steal sensitive information.
Fluxion is an EvilAP attack tool, written with a combination of Bash and Python, that is used for MiTM attacks on WPA Wireless networks. Online sources report on Fluxion as a potentially beneficial tool while touting its features similar to how potential improvements in business functions could be experienced through software installation. Hack Insight claims that the use of Fluxion allows network scanning, handshake capture, web interface use, imitating original access points, the de-authentication of all users on a network, capturing and redirecting of all DNS requests, captive portal launching, password verification processes, and automatic program termination following the recording of a viable password. Technology and strategies applied include the launching of FakeAP instances for access point emulation, fake DNS server launching, and MDK3 process spawning.
What’s Been Happening In Research And Development?
Research and development (R&D) regarding Fluxion and related computer software security processes have involved multiple studies and patents in the past year. At the 12th International Conference on Recent Innovations in Science, Engineering, and Management, researchers reported having developed a highly successful cracking system by using Fluxion as their foundation. They explained that the damage that can be done with new hacking software using Fluxion demands better software processes in addition to network strategies in currently maintained and improving systems, particularly those that handle network connections and passwords.
At the 2017 IEEE International Conference on Power, Control, Signals and Instrumentation Engineering (ICPCSI), researchers reported that a number of new security patents have been involved in safeguarding against new hacking techniques that are relevant to the processes used by Fluxion. Fluxion was projected to remain a target of ethical hackers in ongoing research and development, and a foundation of the more damaging tools developed and made accessible online.
What’s The Bottom Line?
Accessibility and ease of use make Fluxion particularly dangerous
Combines multiple processes for high potential effectiveness
Foundation of new and more deadly cyber security attacks
Warrants multiple security upgrades and ongoing R&D
by Felicien | Sep 12, 2018 | Education
You may have an EHR system, decision support systems, purchasing, payroll, laboratory, pharmacy, personnel, finance, planning, and a myriad of other systems running on hardware that’s getting very long in the tooth.
Many PCs are still running some older version of Windows. These issues can be a constant source of security headaches for the IT staff of today’s healthcare organization. From causing security breaches to all-out system failures, this type of trouble can cost your health organization money. In addition, your staff will not have the modern tools they need to do their jobs.
The cloud vendors see your suffering, and, as they are kind, they offer to take this all off your hands and move all your IT operations to the cloud. “For how much?” you ask. “Between $35 and $165 per seat per month,” they reply. You are taken aback. $35 per seat per month is about what you’re paying for Microsoft Office Enterprise, which, you dimly recall, sort of runs in the cloud, or at least it can. What a deal! Where do you sign?
What Was That You Said About Cost Again?
The first thing you realize is that cost is the actual cost of cloud operations once the migration has been completed. Nothing was said (yet) about the cost of moving to the cloud. Digging deeper, you note that the amount charged will vary by processor load, storage used, and “egress” – the cost of moving your data out of the cloud vendor’s data centers down to your PCs, smartphones, and tablets. You quickly discover that if all you want to do is store your data, the cloud is an incredible bargain. If you want to use your data, on the other hand, then this is a whole different story.
There are two choices when it comes to the Cloud: the private and the public cloud. In addition, there are two big vendors: Amazon Web Services (AWS) and Microsoft’s Azure.
So many choices to make and it’s important to make the right ones in order to get exactly what your healthcare organization needs without paying too much.
If your hospital is located in a rural area with practices spread far and wide, then your healthcare facility will need many different services than if you are a single large hospital in a big city. Keeping all of this info on a yellow legal pad may not be ideal. With so many different choices to make, it can be beneficial to work with a trusted IT consultant instead.
There are so many decisions to make and it’s important to find the right IT provider who will oversee everything from start to finish. If you run a busy healthcare facility, you probably don’t have the time or the skills to do all this work yourself. Once you find the right IT service provider, work very closely with them to develop a migration plan, an infrastructure plan, a schedule for moving services, backup storage, and security services.
So, What Are The Real Cloud Advantages?
Moving your operations to the cloud has four substantial advantages:
You no longer have to worry about back-end hardware. All that goes away, except for the servers that interface with the cloud.
You no longer have to worry about capacity, in terms of processor load, memory, or storage. Whatever you need, the cloud provides.
Your security worries will be, not eliminated, but drastically reduced.
You will be able to reduce your in-house IT staff, possibly substantially.
These benefits are arguably worth a tidy sum to most healthcare organizations. AWS, Azure, and a private cloud can provide all of them. So how do you choose?
How Do I Choose The Vendor?
The first thing you need to realize is that you will need a redundant, “failover” site that automatically comes online if the cloud provider’s main site for your applications is down. This does happen – Amazon ran into this issue with its own site on Prime Day 2018.
The cost of this is not automatically included, and it can be substantial. The second thing is that private clouds, where the vendor can treat you as a sole client, are much more configurable than the public cloud (AWS or Azure), which has to be configured to support all comers. Of course, if the situation demands it, you can run part of your operations in a private cloud, and the rest in the public cloud; setting up communication between them is relatively easy.
Should I Wade In Or Jump In?
McKinsey, the renowned consulting firm, has studied both failed and successful cloud migrations and recommends a phased approach. Of course, no solution is one-size-fits-all, but there is a good deal of thought and expertise behind their recommendations. In other words, they say wade in, don’t jump in.
Wading rather than jumping allows you to:
Test the feasibility of cloud migrations
Orient your IT staff to cloud operations
Distribute costs over time
End the project gracefully if it is proving infeasible
Wading will also give you a much more realistic appreciation of the costs and the benefits that are involved.
So, What’s The Bottom Live?
Unless the IT gods are smiling at your organization, you will not be running all your IT operations in the cloud for the $35 you pay for Microsoft Office Enterprise. When site redundancy, egress costs, and processor surge demands are considered, your total costs per seat per month are likely to be higher than this.
When you consider that cost versus a realistic assessment of your current costs (including hardware, software, staff costs, network costs, electricity, cooling, backup, and security), moving to the cloud may still be a bargain. It totally depends on your organization’s needs and the way it handles data. With most healthcare organizations growing by leaps and bounds and considering the high demands that doctors and patients place on the healthcare system, there’s every reason to believe that you will eventually have to make the switch.
by Felicien | Sep 11, 2018 | Education
Vacation and time away from work is a necessity in order to be able to unplug and recharge. As research often tells us, disconnecting from work, talk around the water cooler, office politics, and even checking email can ultimately help us lead a more productive life.
Too often we feel the tension of knowing we need to take a break and fearing that our time away from work will just lead to more work when we get back. While many factors play into this tension, there are small ways we can alleviate the stress of the return to work after much needed time off.
One of the first steps to making our vacation time more productive is placing a fitting out of office (OOO) email that establishes well-defined boundaries for our time away from the workplace. So how do we write the perfect OOO message that doesn’t make us look like a “slacker,” or potentially lead to missed opportunities while we’re away from work?
Believe it or not, what we often perceive as something that can negatively affect the way we are seen or our business success — can frequently be used to our advantage. OOO messages that are written carefully and effectively can be an unbelievable implementation that leads us to a win. These little autoresponders built into our emails can give us the opportunity to make social contacts with teammates, customers, and retailers. Whether we are taking a vacation, spending time with family during a funeral, away at a conference, or celebrating the birth of a new baby, Out-of-Office messages can lead to greater success.
Making the Message Meaningful
Sharing a little information about your absence can be turned into a conversation starter the next time you communicate with the recipient of the OOO email. Let the individual reader know that you are just as human as everyone else. This will be a good reminder that you have quite a bit in common.
Begin by asking yourself a few important questions: Why am I taking time away from the office? Where are you going on vacation and why is your time away with friends and family significant? What is the purpose of the conference you are attending, and how will that help you attend to your client’s needs?
Applying OOO emails that have a personal touch can lead to better conversations at work and with your clients. Upon your return, they will be more likely to ask you about the conference you attended or the vacation destination. Perhaps they went to the same place on one of their vacations or they desire to go there someday. This connection may lead to a more meaningful relationship with others in your office.
Sharing a Valuable Resource
Sometimes you can share a resource that was beneficial to you either at work or personally. If you know your audience, what can you suggest to them that can be beneficial? Have you considered what could help the people who email you the most? It could be an online article you found to be helpful. Maybe you have the ability to offer a coupon or discount in your OOO email to clients while you are away. If you are attending a conference where there is a recognized presenter that could resonate with your email recipients, you could possibly include a link to his/her material.
Customizing Your Email Message
Some email providers allow you the option to draft messages to various groups. For example, Gmail gives you the ability to send autoresponders to those you have designated in your various address book groupings, while also sending it out to people you don’t have in your address book. This gives you the capability to be more flexible and personal with your various groups. So often, we tend to share more personal information with our colleagues at work versus our clients or customers.
Let’s look at some examples of OOO emails that can give you the ability to make an impact with the recipients of the email while you are away from work.
Effective Out-of-Office Email Samples
Hi, I’m celebrating the birth of my newborn girl, as well as taking some time to assist my wife during the new transition. Because of this momentous occasion, I will not be checking my email until [date]. If you need anything right away, please contact my office partner [email].
Hi! Thank you for reaching out to me. I trust you are having a wonderful summer. It’s time for my annual family vacation at The Cape. I look forward to answering your email when I return on [date]. While I’m away, let me share this valuable online discount with you. I hope you find it helpful.
An external email could say: Hi, I’m currently celebrating my much-anticipated marriage with my husband. I’ll be away from the office until [date]. Please don’t hesitate to touch base with [my assistant] if you need support while I’m away. I look forward to connecting with you when I return from my honeymoon.
An internal email might say: Robert and I are officially tying the knot on [date]. After the wedding, we will be heading to The Bahamas for the honeymoon until [date]. In my absence, please contact [colleague] for any assistance. Just in case you have never seen my handsome husband, I’ve attached our engagement picture of this email!
Conclusion
As you can see, you can be as personal as you like with these emails. They can share as much information as you’re comfortable with. The goal is to connect with readers and make them feel like part of the family. This will build relationships both in and out of the workplace.
