Technology Management: New tools make AUP enforcement easier than ever

Total Traffic Control v6.0 also includes a desktop security agent that can be deployed to discover all known “good” programs running on the network. Based on this discovery process, and our AUP, network administrators can allow only permitted programs to run anywhere on the network, allow only permitted programs to “talk” on the network (i.e., “unofficial” programs can run locally only), and/or allow all programs to run. The software then allows for reports that identify any new programs installed on the network. After deploying these tools, Ballard now has a better handle on its network traffic patterns and the ability to control this traffic as necessary. Based on our district’s experience, we’ve created this checklist for efficient, cost-effective AUP enforcement:

1. Select monitoring software with easy-to-read reports.

Your monitoring software should generate reports that are easy enough to be used and understood by non-technical district employees. Ideally, these non-IT individuals can be assigned administrative rights to access what they need directly.

2. Gather “before” and “after” snapshot reports.

Keep a snapshot of network traffic before you change anything. Then take another snapshot after implementing AUP enforcement actions. This includes blocking search results for inappropriate keywords and phrases, forcing Google Safe Search, blocking P2P traffic, etc. This approach will document the impact of AUP enforcement and guarantee the network is being used for educational purposes.

3. Identify and monitor key “Canary in the Coal Mine” reports.

For example, Total Traffic Control has several reports that can identify potential problems quickly. From these reports, we can drill down to actual machines to determine if our AUP is being violated. Sample reports include Bandwidth Traffic by User, which indicates potentially troublesome large downloads, and Suspicious Search Engine Queries, which detects anyone persistently trying to evade our filtering policy.

4. Be patient and thorough.

Monitor traffic–make sure to save reports for reference–and periodically review key reports for anomalies. Inadvertent AUP violations should not be your focus. Rather, systematic abusers are the users who most likely create substantial problems. If a clear pattern of inappropriate behavior is established, there is no chance that impermissible content arrived “by accident” on a user’s desktop.

5. Involve appropriate personnel.

Some AUP violations are relatively minor and are best handled by IT staff blocking inappropriate activities. But others might have substantial personnel and even legal ramifications. Issues at this level are turned over to campus administrators and the district superintendent for appropriate action.

AUP enforcement is possible on a limited budget with a limited staff. Success requires sufficient investment in appropriate technology tools, as well as sound procedures–a small price to pay to protect children, ensure regulatory compliance, and uphold your district’s reputation as an institution in which learning comes first.

Lee Sleeper is the technology director for Bullard Independent School District.

Want to share a great resource? Let us know at