In this article
Use this guide to help understand and meet CIPA compliance for your school.
Protecting students online is often a moving target. Online threats are emerging as rapidly as ever, and minors are often seeking out inappropriate content. This makes it challenging for an educational institution to manage online threats.
What content do I need to block?
Adult Content | Alcohol & Tobacco | Botnet |
Cryptomining | Drugs | Gambling |
Hacking & Cracking | Malware | P2P & Illegal |
Phishing & Deception | Search Engines & Portals | Self Harm |
Weapons |
What are the requirements of CIPA?
The Children’s Internet Protection Act (CIPA) regulation centers around adopting an “Internet Safety Policy” (more well-known as an Acceptable Use Policy) which sets forth in writing how you will use protection measures, monitor technology use, and educate minors on safe use of technology.
The FCC also requires that, “Before adopting this Internet safety policy, schools and libraries must provide reasonable notice and hold at least one public hearing or meeting to address the proposal.”
A provision in the Protecting Children in the 21st Century Act also requires schools to incorporate the subject of appropriate online behavior (including social networking sites and cyberbullying awareness and response) into their Acceptable Use Policy and annual school training.
According to the FCC, there are five elements the Acceptable Use Policy must address:
- Access by minors to inappropriate matter on the Internet
- The safety and security of minors when using electronic mail, chat rooms and other forms of direct electronic communications
- Unauthorized access, including so-called “hacking,” and other unlawful activities by minors online
- Unauthorized disclosure, use, and dissemination of personal information regarding minors
- Measures restricting minors’ access to materials harmful to them
DNSFilter is able to help educational organizations meet all these requirements. Although your school/library is responsible for writing a policy and monitoring technology use in the classroom, you can leave the enforcement of it in our hands.
Our product is one of the most lightweight yet effective ways to ensure your entire network is protected from inappropriate content and online threats.
How should I setup DNSFilter to be CIPA compliant?
Using the FCC categories listed above, you can setup DNSFilter to be your primary solution to defend your network against malicious internet traffic.
⚡️ Prevent access by minors to inappropriate content. According to the FCC, ”the protection measures must block or filter Internet access to pictures that are: (a) obscene; (b) child pornography; or (c) harmful to minors (for computers that are accessed by minors).”
We automatically block child pornography for all customers through our partnerships with the Internet Watch Foundation and Project Arachnid. This is a default setting that cannot be turned off and is non-negotiable.
⚡️ Enforce the safety and security of minors when using email, chat, and other direct electronic communication. The most effective way to do this is by blocking these categories:
- Blogs & Personal Sites
- Media Sharing
- Message Boards & Forums
- Social Networking
- Streaming Media
- Webmail & Chat
Allow List sites that you view as benign or are able to appropriately supervise in the classroom or library environment.
These additional resources may be helpful to complete this step:
- Allow/Block partially loaded content
- Import lists of popular domains to Allow/Block
⚡️ Prevent unauthorized access, hacking, and unlawful activities. There are two things that should be put in place in order to prevent hacking and unlawful activities by minors on the network.
- Block Hacking & Cracking and P2P & Illegal categories on the filtering policy
- Turn on all Threats categories
⚡️ Restrict minors’ access to materials harmful to them. The best way to restrict access is to ensure that minors cannot circumvent DNS settings by implementing DNS firewall rules.
This is the only way to prevent minors from tampering with network adapter settings on their local device and escaping your filtering policy.
Configure all outbound DNS traffic on port 53 to point to our servers. For more detail see Preventing Circumvention.
The other side of the coin is that, under CIPA, adults should have the ability to bypass filtering policies for lawful purposes or bona fide research. There are two options for this:
- Set up a bypass password from Policies and select Block Pages
- Implement NAT IPs , which allow you to have multiple policies based on network segments. This enables the option to apply different policies to staff vs. student computers that are on a separate LAN/vLAN
Additional resources
- The FCC’s Children’s Internet Protection Act (CIPA)
- American Library Association’s CIPA Analysis
Comments
0 comments
Please sign in to leave a comment.