Lucia Negrisin, principal at Liceo Scientifico Galileo Galilei, Trieste (Italy)
One of Up2U’s goals is to create a safe and secure ICT learning environment for all the schools involved in the project. To fulfil this goal, the project developed a set of guidelines to increase ICT security awareness in teachers, students and school staff. The guidelines are released under Creative Commons licensing (CC-BY-SA) and are available in 6 different languages: English, Greek, Hungarian, Italian, Polish and Spanish. To assess the impact of the guidelines on schools, we have interviewed Lucia Negrisin, who is the school manager at Liceo Scientifico Galileo Galilei in Trieste (Italy).
Q: Do you think the guidelines could improve the awareness of ICT security into your school?
A: The guidelines could enhance the awareness of ICT security standards, though by themselves they would not be enough. Their diffusion among the students involved in Up2U, and in general among the other students of the school, was accompanied by further in-depth actions carried out by the teachers of Information Sciences and Technologies during their lessons. The implementation of the project has made the students, as well as the teachers with low digital competence, realise how vulnerable their devices were and evidenced their basic disregard for cybersecurity measures, mostly perceived by them as an obstacle or rather as a nuisance that stood between the user, the device and the internet browsing.
Q: How do you think the “Cybersecurity tips for students” could be useful for your pupils?
A: The clarity and the effectiveness through which the Cybersecurity tips for students were presented have driven me to spread them widely across the school. They represent a basic document which lays foundations for a deeper analysis of the general problem, especially in respect of the consequences that negligence, cyber naivety and the untidy governance of personal data on the web may generate and actually produce.
Q: How do you think the guidelines could be useful to improve the security policy for your school?
A: They also represented a useful self-assessment tool for myself. They have allowed me to evaluate the effectiveness of the policy adopted in these years. The increasingly massive use of the network infrastructure and of the online resources for both teaching and administrative purposes calls on the school head to supervise the security of the entire system and to enforce rules that define access and usage policy for the whole infrastructure. Although initially considered restrictive, they are now shown to be convenient even for users (students/teachers/administrative staff/ guests). As a matter of fact, measures such as asking for a fairly frequent change of passwords, imposing specific requirements in the length and the type of characters used, profiling users both on the machines and for the access to the network or defining the procedure for using resources or accessing programs, were all initially perceived as excessive restrictions, while the established policy was considered an unjustified exaggeration. Now, after five years, the majority of the school community has become accustomed to those measures; it operates with increased attention towards the levels of cybersecurity and it has grown increasingly respectful of those basic rules.