VSTE

Virginia Society for Technology in Education

VSTE Partners

Register now: UnisonEDU Conference, October 23, 2021

by

UnisonEDU is excited to announce our first virtual conference on October 23, 2021, from 9 AM - 3 PM.

Four keynotes and 30+ sessions throughout the day will explore topics including STEM, coaching, first year teachers, creation tools, SPED, and SEL topics. There is something for all educators!

All of the sessions will be live and free to join that day. There will be an all access option for $10 a person that will provide access to conference materials after October 23! Paid access will include access to all session recordings along with recordings of bonus sessions that will be not presented during the live event.  Be sure to save the date and come #LearnWithUnisonEDU!

Registration is open now. 

Learn more about UnisonEDU.

logo for unisonedu conference

Your Fifteen Minutes of Fame

by

Join VSTE, Virtual Virginia and Canvas to highlight all the great work teaching and learning being done in Virginia. This does not have to be something extraordinary. Sometimes, the ordinary is just what everyone needs to see and may be extraordinary for someone else. Canvas, VVA, and VSTE have all teamed up to promote these regional stories, and there are even prizes!

It’s super simple to submit a video and the wait is finally over. If you have a story, this should take you no longer than 20 minutes to record, create, and upload. StoryMedia has released their new version and CanvasLMS has been added. We’d love for you to take part in telling your “Canvas/Blended Learning Story” by downloading the latest version and start creating!

iOS App Store

Google Play

Here are some great examples using this tool:

We will be giving away THREE (3) $25 Amazon Gift Cards to the TOP submissions by September 26, 2021. VSTE will be giving away one CONFERENCE registration per region as the Grand Prize.

To enter all you need to do is download the app, get creative, and share your video with eddie.small@instructure.com. The deadline for stories is October 4, 2021.

Brainstorm 2021: Innovate, Integrate, Motivate

by

VSTE partner, SVETC, is excited to present the 10th Annual Brainstorm Conference, coming April 13-17, 2021.

Brainstorm 2021 will be a fully-virtual Ed Tech Conference designed to motivate educators to innovate their classrooms and integrate ed-tech tools. Presenters and keynote speakers will focus on the future of Ed Tech in education and strategies, tools, and resources to transform classrooms to meet the needs of the 21st-century learner.

Graphic with information for Brainstorm conference

The conference will be powered by the Canvas Platform from Virtual Virginia and will feature:

  • 25 LIVE and interactive Keynote & Sessions (All live sessions will be recorded)
  • 30 on-demand sessions at your own pace
  • Blending Learning with Google by Kasey Bell Book Study
  • professional development points
  • learn in different ways, including book study, live sessions, and on-demand sessions
  • discussion and follow up with presenters and keynotes after sessions
  • collaboration with peers throughout the Shenandoah Valley and beyond
  • LOTS OF LEARNING & FUN with a Social Hour and PRIZES

Learn more on the SVETC website and view the Brainstorm 2021 Schedule.

And follow the conference and our participants on social media using the hashtag #vabrainstorm21

REGISTRATION IS OPEN!

There are two registration options for this conference:

  • Option 1: Individual- $20.00 for one individual will receive access to the Canvas Course
  • Option 2: District- $100.00 for access for 100 participants from your school district in our Canvas Course. (If your district selects this option, a separate google form will be sent directly to the participant contact on the registration.)

Register NOW for Brainstorm 2021. Registration will close on Friday, April 9th, 2021.

Don’t forget to invite your friends, colleagues, and/or team members to join you for this wonderful learning experience!

Featured Resources #GoOpenVA, March 22, 2021

by

logo for go open vaJean Weller, VSTE Board Member and VDOE Technology Integration Specialist, leads the #GoOpenVA initiative in Virginia. This collaborative initiative enables educators and others throughout Virginia to create, share, and access openly-licensed educational resources (OER, also known as open education resources). OER are free digital materials that can be used or modified to adjust to student needs; they are openly-licensed unhampered by many traditional copyright limitations.

The database is growing. Jean recently created a collection for resources specifically related to professional learning. Technology coaches from across the state have contributed and you can learn more here.

We asked Jean to periodically curate a few of the resources to give a sense of what is available. Start with these but stay for so much more!

Collaboration is the key to open education resources and learning. Check out these collaborations to find ways to enhance your practice.

Sharing Sessions Notetaker Document

On the 2021 Digital Learning Day, North Carolina and Virginia jointly sponsored an Unconference, allowing educators from both states time to share all the great resources they found in this past year of learning during the time of COVID. We focused on things that helped teachers keep their sanity, and also the things that they think will allow us to rise up like a phoenix from this ash-y year.  See what your fellow educators found helpful!

VDOE Science Collection

The VDOE Office of STEM staff have been adding all the new SIPs (Science Instructional Plans) that assist teachers to align science instruction with the 2018 Science SOL. More are being added daily so keep checking if you don’t find what you are looking for!

MEP-3 Days 1-5 Lesson Plan (Teacher Copy)

Jennifer Sassamo, the Supervisor of Instructional Facilitators for Specialized Reading and Math in Loudoun County and four Specialized Instructional Facilitators of Reading (Dr. Tiffany Brocious, Kristen Kipps, Erin Savage and Jennifer Douglas) came together to develop one incredible resource  This is a gift to Reading specialists who are not so lucky to have a team to work on an innovative resource.  I can’t improve on their concise description: Multi-sensory Explicit Phonics for Tier 3 Reading Invention provides a fully scripted reading program, assessment tools, scope and sequence, teacher and student instructional materials and embedded professional learning through an overview and modeling, all in one.

[Before publishing add the post to these categories: Front Page Middle, GoOpenVA, VSTE Partners. Add any keywords related to the resources in the Tags field. In Set featured image, add the GoOpenVA logo.]

[Don't forget to delete all the direction text enclosed in brackets before publishing!]

Mitigate Risks With This Cloud Application Security Checklist

by

Using Google G Suite and Microsoft Office 365 provides school districts with many benefits. From improving productivity and collaboration to outsourcing infrastructure security, schools and districts of sizes are making the move to the cloud.

But there are security issues in cloud computing. The NIST Cybersecurity Framework recommends that you run a risk assessment and cloud security audit regularly. This cloud application security checklist is designed to help you run such an audit for your district’s G Suite and Office 365 to mitigate security issues.

10 Step Cloud Application Security Audit Checklist

What is cloud application security? It is a series of defined policies, processes, controls, and technology governing all information exchanges that happen in collaborative cloud Software as a Service (SaaS) applications like Microsoft Office 365 and Google G Suite.

As your school district moves more information and activity to the cloud, your perimeter security safeguards become less effective. More IT and security professionals are opting to secure cloud storage by deploying a zero trust security model. This checklist also helps you lay the groundwork for deploying zero trust security for your district’s cloud applications.

1. Set password policies

Passwords are the foundation of any good security plan. Educate both students and staff on what factors make passwords strong or weak, and why password strength is so important.

As a system admin, you can set policies and standards for your district’s cloud app passwords. At a minimum, you should enable your system’s “require a strong password” feature. You can also set minimum and maximum password lengths, password expiration, and more.

If you’re setting the standards for the first time, be sure to run a check of current passwords to see whose passwords are out of compliance with the new standards. You can then force a password change through your admin console.

2. Make multi-factor authentication mandatory

Multi-factor authentication requires users to take a second step, after entering the correct password, to prove they have authorized access. This typically includes entering a code that is sent to their phone via SMS. It can also include phone calls, answering security questions, mobile app prompts, and more.

3. Manage SaaS access and permissions

Open Authorization (OAuth) makes app use convenient for end-users, but it can be a little bit of a nightmare for those in charge of IT security. The proliferation of SaaS use in classrooms and throughout school districts makes it difficult to stay on top of what apps have access to your cloud environment, what permissions are granted to them, and how secure the app is itself.

District system admins have the ability to control what apps are allowed permissions to the company’s Google or Microsoft cloud accounts. This can be as simple as restricting access to risky apps, or as customized and detailed as creating sanctioned and unsanctioned apps lists.

4. Enable anti-phishing protections

Email phishing is still the most common external threat vector. And there is a myriad of tools on the market aimed at removing phishing emails from inboxes. Unfortunately, none of them work with 100% accuracy.

The best option is to start with configuring your native cloud email provider’s anti-phishing capabilities and then layer additional safeguards and monitors on top of it. Educating the rest of your district about common phishing attacks, new ones as they arise, and how to spot them is also extremely important.

5. Turn on unintended external reply warning

One of the ways you can ensure that sensitive, internal information isn’t improperly shared outside of the school district is to enable an external reply warning. This feature also protects your district against forged emails from malicious hackers trying to gain access to internal files and information.

When the external reply warning is enabled, users receive a pop-up notification asking if they’re sure they want to send it to an external domain. It’s important to reinforce to your colleagues why they need to pay attention to this pop-up and think twice before dismissing it.

6. Set external sharing standards

Beyond sending emails, you should configure data loss prevention external sharing standards for shared calendars, drives, folders, and files. The best approach is to start with the most strict standards possible, and then open up as needed.

Files and folders containing the most sensitive information such as student, parent/guardian, and staff personally identifiable and financial information, should rarely (if ever) be configured to allow external sharing and access.

7. Set up message encryption

Encryption prevents anyone other than the intended audience from viewing a message. Microsoft and Google provide native encryption options. In Google’s case, they provide “Confidential Mode”, which works a little differently. There are also a variety of third party encryption tools available.

Sending sensitive or confidential information via email should always have encryption and confidential protections enabled. It forces the recipient to authenticate that they are the intended audience and protects the information from being forwarded to others. The sender can also set up an expiration date to ensure the information isn’t lingering in someone’s inbox into eternity.

8. Set up data loss prevention policies

Fundamentally, data loss prevention is a strategy to ensure that your district’s sensitive and protected information does not inadvertently leave the network—whether it’s accidental or malicious.

System admins have the ability to set up data loss prevention policies in most popular and “enterprise-level” cloud applications. These policies help admins maintain and automate rules around how information can be accessed and shared. Most policies create alerts and actions that the system can take if a data loss prevention policy is broken. For example, if an employee account is trying to share a spreadsheet containing social security numbers with an outside domain, the policy can be set up to automatically warn the user and/or quarantine the file.

9. Enable mobile management

Everyone in your school district likely uses mobile devices to access school cloud accounts—mainly email, files, and drives. These mobile devices represent more endpoints that need to be secured by IT. But, endpoint security isn’t enough in cloud computing security. You will also need to configure mobile device policies in your cloud applications.

10. Run a security health/score audit

Once you’ve completed this checklist, it’s a good idea to run a cloud security audit of your environment. An audit will re-check for any configuration errors, sharing risks, files containing sensitive information, and more.

It’s also important to run an audit on a periodic basis. Weekly and/or monthly audits and reports can be automated and provide you with detailed information into the security health of your cloud applications. Microsoft provides Office 365 Secure Score, which is very helpful in providing on-going health checks and recommendations. Particularly as new security features are rolled out and new risks are identified.

If your school district uses SaaS applications such as G Suite and/or Office 365, cloud application security is a critical layer in your cybersecurity infrastructure. Without it, monitoring and controlling behavior happening within applications are impossible. This blind spot creates critical vulnerabilities in your district stakeholders’ sensitive information and financial futures.

Written by Katie Fritchen. This material is provided by VSTE partner Managed Methods. For more information, visit their website.