• If you are citizen of an European Union member nation, you may not use this service unless you are at least 16 years old.

  • You already know Dokkio is an AI-powered assistant to organize & manage your digital files & messages. Very soon, Dokkio will support Outlook as well as One Drive. Check it out today!


Technical and Legal

Page history last edited by Lucas Gillispie 13 years, 4 months ago

This page is designed for schools to discuss the technical implementation and any associated issues with the use of the iPod Touch in the classroom.

Authenticating Users


I know, I hate barriers too, however, the issue has arisen recently about how we "... adopt and enforce a policy to monitor online activities of minors," per the requirements of CIPA.  What are you doing in your schools?


Acceptable Use Policies (AUP)


  • School AUP 2.0 - Resources tagged by David Warlick for helping setup an AUP that meets 21st century learning needs.


Wireless/Network Access


District-Wide Solutions

  • Our district uses Microsoft Active Directory and an 8e6 filter.  Currently, filter student Internet access by the device's Wi-Fi (MAC) address.  We are exploring options to allow for authentication (student login/password) through the iPod Touch.
  • Setting up multiple VLANs over the district's wireless can allow for different levels of access/filtering without the need for identifying each an every device via MAC address. For example, you could setup three different VLANS (Staff, Student, Guest). Leave the guest network completely open, but the most heavily restricted in terms of bandwidth and filtering. Secure both the student and staff networks with a password, so you can differentiate between school devices and outside devices.


Ad-Hoc Solutions

  • Initially, to support the wireless demands of a classroom set of iPod Touches, we purchased an Apple AirPort Extreme to go with each cart.  We are in the process, however, of updating wireless infrastructure district-wide which will make this unnecessary in the future.


Filtering and CIPA


  • Check out MOBICip.  This company provides a way to ensure that iPods taken home by students still go through school filters.



Comments (4)

Lucas Gillispie said

at 10:34 am on Apr 9, 2010

Regarding the VLAN suggestion. What we're investigating now is how to track an individual's Internet activity on one of these devices should we be asked to provide the information. If we could match a user to the activity on the device we'd be clear. Thoughts?

Ben Rimes said

at 12:17 pm on Apr 11, 2010

You could force any user of your wireless network to authenticate when they connect, which is what we do in our district. Currently guests just have to type in the word guest when they connect, but students and staff use a different password for both VLANs. However, what you're asking is for every single user to authenticate using their own personal credentials, which is very possible, but would place a great deal of accountability upon each and every student (not a bad thing), but really locks the device down to that user while using it (an extremely bad thing). The idea of using the iPod Touches is for both the portability, but also for the sharing/communal aspect. You can quickly pass around the device for use in small groups, or for sharing information, playing games, etc.

If you go ahead and force the students to authenticate using their own personal username and password whenever they use an iPod in order to track their internet usage, then to abide by that policy you have to force every single student who uses that device (even if it's just being handed off for a couple of minutes to a partner), to sign off the network, and then re-authenticate using their own username and password. Otherwise you're tracking meaningless data as students start accessing the internet and district resources using other student's accounts.

Lucas Gillispie said

at 8:16 am on Apr 12, 2010

@Ben - Excellent points, and I agree with the whole process undermining the value of the portability of the device. Currently, we authenticate the devices by MAC (WiFi) address. The question is whether or not CIPA requires "tracking" of this nature, and even if it doesn't, could a non-tracked policy withstand any legal challenges? Higher-up policy makers are desperately out of touch with where technology is headed and what our needs are when providing flexible and relevant access to our students. Our litigious society is no help, either. I am fighting the possibility of taking any steps backwards, but at the same time, as one who has some influence in crafting district technology policy, I want us to draft flexible and relevant policies that are defensible and practical. If there were an easy solution to this issue, I'd love to hear it. I don't see having students using personal credentials as something that would greatly limit the device as long as it wasn't overly cumbersome. If this process promises to be too much of a barrier, then I'll push for ways to bypass it. One solution, that requires a bit more up-front management by the teacher, is to simply number and assign each iPod Touch to a student in each class. For example, Sam in first period always gets Touch #22, Terrell gets #12, and so forth. Any Internet activity on these devices is linked to that MAC address, and with a time stamp, it could, potentially be traced to an individual.

Again, it frustrates me that this is something that's even being discussed, however, for some educators, the ability to provide certain assurances will make implementation an easier sell.

What do you guys think?

Ben Rimes said

at 8:49 am on Apr 12, 2010

I've worked in 1:1 environments where devices were assigned to students, and as long as there's enough for each student to have their own, then this seems like a workable (albeit limited) solution.

IMHO, all that CIPA requires is a filtration and protection plan be in place for Internet access, and doesn't exactly get into specifics about to monitor each and every individual device and/or student. I think it would be wise now to focus on the fact that the teachers are in charge of the room. They have every right to monitor visually what the students are doing, and empower them with the knowledge that they can turn off the devices at any time if the learning has been derailed. Unfortunately, I don't have a better solution for monitoring each and every student's access, and ultimately, I don't think we as schools should. Eventually the students are going to be bringing in their own 3G or 4G powered laptops, netbooks, and cellphones, and it would be ridiculous for us as educators to say "No, don't bring that computer into school because we can't control it".

You understand all this, so I'll get off my soapbox :) There is no easy solution for this, which is why you're in a great position to help craft policy that makes sense (i.e. students access a generic student SSID while at school, recognizing that if they mess up, there will be enforceable consequences as laid out by the district).

You don't have permission to comment on this page.