Instructional Technology Tools Matrix: Privacy

Digital Identity, Data Privacy & Information Security at LPS

The 2015-16 school year saw the deployment of nearly 15,000 Chromebooks, wireless access devices in every classroom and the installation of projectors and sound amplification systems in LPS middle and high schools. The deployment of equipment has been accompanied by significant professional development and the adoption of an Instructional Technology Tools (ITT) evaluation process.

The ITT evaluation process has three primary objectives. First, it seeks to ensure that ITTs adopted and implemented at LPS are consistent with the guaranteed and viable curriculum they support. Second, the ITT evaluation process includes a thorough review of each ITT to ensure it is consistent with the data privacy, information security, and identity management rules set in place to comply with regulatory requirements (FERPA, CIPA, COPPA, etc.) Third, the ITT evaluation process ensures ease of accessibility through the consistent use of student LPS usernames and passwords.

Information on this page serves as a guide to important components of the Digital Identity, Data Privacy and Information Security strategy developed over the course of the 2015-16 school year. This fall all staff will be required to acknowledge via the Information Center for Employees their review and understanding of the Information Technology rules and guidelines described below.

  • ITT Evaluation Process
  • The Matrix
  • Identity Management and Single Sign-On (SSO)
  • The Portal
  • Cloudlock - securing Google Drive Data & use of staff & student LPS credentials
  • Information Security Officer

ITT Evaluation Process

During the spring semester of 2015-16, the district worked to make all teachers, administrators and staff aware of the instructional technology tool evaluation process (keyword: itt) that was created to evaluate the requests of building and district educators for tools that use or store LPS student data. The ITT Process is one strategic component of the ongoing data security efforts implemented to protect the privacy of LPS students and staff. [Click for more Information]

The Matrix

To make it easier to find and reference information about approved ITT, Computing Services has developed a web application that has been named "The Matrix". The content in The Matrix represents the collaborative efforts of representatives from Computing Services, Curriculum, Evaluation & Assessment, Library Media Services and Special Education. The Matrix has many layers that allow ITT to be identified based on what they do (assessment, research, document creation, etc.) or where they fit in the context of instructional strategies and curriculum areas. [Click to access The Matrix]

Identity Management and Single Sign-On (SSO)

Another very important component involves the implementation of an identity management environment to simplify access to approved ITT (Instructional Technology Tools). This environment allows all staff and students to use their LPS username and password to access approved ITT capable of Single Sign-On (SSO). The LPS Google domain (class.lps.org) is fully integrated such that sites capable of using Google credentials for login are, in fact, using the LPS username and password. Starting this coming school year, only ITT capable of SSO will be approved meaning that any ITT that requires students to manually “set up” an account should not be used. The reason for this 'SSO only' parameter is to significantly reduce the variability in ways that students log in to services they need to use, thus creating greater security and decreasing wasted time in class with different logins & passwords.

The Portal

In an effort to both bring visibility to those instructional technology tools that have been approved for use and make it easier for teachers to get students logged in to those web services, the district has set up the student Chromebooks to start at a site called "The Portal". The Portal includes a button that takes students directly to a web service just like a bookmark. For those services that support single sign-on (SSO) no additional login will be required as the portal will pass the credentials automatically. The services/web sites listed will be by building or grade level when appropriate. [Click for view of Student Portal]

CloudLock

When LPS students and staff use their LPS Google credentials (ID and password for class.lps.org) to connect to an instructional technology tool (app, extension or web service), the connection creates a ‘relationship’ between the Google account and the tool. The relationship may grant the tool access to data about the user's account, some data in their Google drive, or even access to all of the data in a user's Google drive.

It is the responsibility of the district to approve where data are stored in an effort to ensure regulatory compliance with COPPA, FERPA, and CIPA. The district has implemented an application called CloudLock from Cisco that provides data on what tools are currently being used by LPS students and staff, the access each tool has to data, and which users in which locations are using each app, extension or web service. Further, CloudLock allows the district to protect students by limiting use of their LPS Google account to access only approved tools.

An equally important role CloudLock plays is to evaluate the content in Google Drive and audit how it is shared. CloudLock scans each user's Google Drive based on “rules” that identify inappropriate content including lewd language, indications of dangerous behavior and bullying. CloudLock audits all sharing in the context of data classification policies set up to ensure regulatory compliance (FERPA), data privacy, and information security. When a file in Google Drive is flagged by CloudLock, an incident is created that will be reviewed by district staff. Computing Services has worked with instructional directors and security personnel to develop and implement the rules that CloudLock uses to evaluate Google Drive content and audit how it is shared.

Information Security Officer

Managing and overseeing the use and security of LPS data has become a job that requires specific focus. To meet the demands of this work, Computing Services has hired an Information Security Officer (ISO). The ISO plays a key role in the development and implementation of data security rules and guidelines that serves as the foundation for a district information security program.

Questions/clarifications can be directed to cto@lps.org