Enter your email address to subscribe to SuperTECH NEWS SuperTECH NEWS is the bi-monthly newsletter of the BLE GROUP, which provides small- and medium-size school systems with supplementary technology management to produce high-quality educational results and efficient management. The purpose of SuperTECH NEWS is to provide education decision makers with concise information that allows them to make informed technology decisions to impact instruction, management and communication. This is information you can use on Monday morning. Editor, Susan DeMark Web Design, Charlene Polanosky Publisher, Eliot Levinson

Our March issue theme is network and data security. Choose from the following articles. Note from Eliot—No Child Left Behind (NCLB) Assessment and Management Service. The BLE Group has launched a new service for small and medium-size school systems. We assess where school districts are currently and exactly what they have to do to implement NCLB. The service also provides school systems the supplementary management support they need to purchase and implement the new technology-delivered programs. Theme of the Month—Network and Data Security - Cybersecurity is the critical issue of school technology right now. Network technology in schools is an accident waiting to happen. We tell you exactly what you need to know about protecting the integrity and privacy of your systems and information. We then explain the security threats that exist and the decisions you need to make, and summarize the products and solutions available now and coming in the near future. The Scoop —Cybersecurity 101 - Even the most security-aware districts are experiencing security breakdowns due to proliferating threats. In this segment, we recommend basic know-how and a list of specific approaches to secure your network and data. Products and Applications—How do you keep your network and information safe from viruses, spam, hackers, and other threats? Training, engagement of your staff, and policies matter as much as firewalls and other security products. We focus in depth on four key solutions that will help you: Security Assessments; CoSN's Cybersecurity Initiative, a resource for tools and support; Security Products and Services; and Privacy Policies. Best Practices — Lessons to be learned from Poway, California, where the school district has done a security audit. Poway schools is using the security assessment to identify and fix vulnerabilities from top to bottom within its systems and to guide the district on how to keep its network and information secure on a continual basis. We interview Charlie Garten, executive director of Educational Technology and Information Services, and Deputy Superintendent John Collins Conferences—Check out the relevant conferences coming in the next several months. We want to hear from you. What do you agree and disagree with on this issue (we will post comments from readers in the next issue). Please write us at eliot@blegroup.com. DID YOU MISS AN ISSUE? You can read past issues of SuperTECH NEWS relating to NCLB online: November 2003 - Focus: Handheld computers and software applications for these devices May 2003 - Focus: Data Warehousing and Data Management Solutions February 2003 - Focus: Web-based Assessment Products for High-Stakes Tests December 2002 - Focus: Student Information Systems August 2002 - Focus: Purchasing Hardware 2002 June 2002 - Focus: Web-based Applications for Early Reading May 2002 - Focus: Web-based Professional Development March 2002 - Focus: Technology of Accountability

THE BLE GROUP AND NCLB ASSESSMENT AND MANAGEMENT SERVICE

WHO IS THE BLE GROUP? We're a group of 25 CIOs and curriculum directors of school systems who use technology to improve instruction and management. The BLE Group has three lines of business:

• We develop technology assessments and plans, and we provide management services in more than 40 school systems.
• We publish a newsletter, Super TECH NEWS, which offers senior administrators easy-to-understand information on making technology decisions.
• We conduct market research for technology firms on the appropriateness of technology products for K-12 school systems.
  

Eliot Levinson is the CEO of the BLE Group. Levinson founded the BLE Group (www.blegroup.com) in 1998. Levinson is known nationally for his work in technology planning and management for school districts. He co-authors "Tech from the Top," a monthly column that appears in Converge Magazine. Levinson has experience in education and technology as a teacher in California and Pennsylvania, a middle school principal in Massachusetts, and an assistant to the chancellor of schools in New York City. He has held research positions in educational change at the RAND Corporation and MIT's Sloan School of Management. Levinson holds master's degrees in Education and Anthropology and a Ph.D. in Organizational Studies from Stanford University. Levinson works as a strategic technology advisor to large school systems and consults with several firms in the education technology market.

THE BLE Group's principals, our leadership team, consists of:

• Eliot Levinson—CEO, BLE Group
• Rick Rozzelle—Former CIO, Charlotte-Mecklenberg Schools, North Carolina
• Charles Garten—Executive Director, Educational Technology and Information Services, Poway Unified School District, California
• Kenneth Eastwood—Superintendent, Oswego City School District, New York
• Ann Boyle—Assistant Superintendent of Curriculum, Instruction, Assessment, and Technology, Scottsdale Unified School District, Arizona
• Don Hall—Kent Washington School District

Back to top

CYBERSECURITY

Cybersecurity is the critical issue of school technology right now. If you believe that the information and data in your districts is absolutely secure, think again. Network technology in schools is an accident waiting to happen. Today, the security safeguards of information and networks in many schools are "full of holes," as one security official terms the situation. Most schools have a false sense of security about your information and networks, and face a rude awakening in financial losses, legal trouble, penalties, and harmful effects to your records and operations. Data and network systems are more vulnerable then ever to threats, both external and internal.

You need to understand this issue and get up to speed on what your schools must do. Protecting the privacy and integrity of all of your data and networks is crucially important - and no school can take a risk on this issue without major consequences.

The market for security tools, such as firewalls and monitoring devices, is growing, but expect an exponential growth and development in this market in the next 1-3 years in hardware, software, and services for network and data security. These will include new e-mail protection services, firewall supports, vastly improved user authentication and authorization systems, and other security products and tools. Also more schools, like companies, will hire managed security services that will handle the security of your enterprise from top to bottom. This market is growing dramatically, and will triple in the next four years, according to some estimates.

You need to decide whether your network systems and data are secure enough; whether your command structure in top-level administration and IT is up to the task regarding security; should your district handle security in-house or hire outside managed services; whether you have established enough accountability in your district for security; and how your district can identify and remedy security flaws and vulnerabilities in light of bigger threats.

In this newsletter, we tell you:

• why security is so important and what has changed;
• what you need to know right now;
• what security threats exist; and
• what products and services can help you.

You will be held increasingly accountable for the privacy of your students' and staff information. Schools are under pressure to increase connectivity and access among all of the stakeholders, and schools can't simply lock down cyber systems on a regular basis. No Child Left Behind and other mandates push districts to compile, aggregate and disaggregate, and make available increasing amounts of sensitive data on students, and schools are now making much of this information available to parents, and the state and federal government. Meanwhile, security threats are more sophisticated and can do more damage, and networks are more vulnerable. School networks and data are under increasing threat due to the following:

• external threats (e.g. viruses, spam, determined hackers);
• internal threats (staff or students' compromising the system, improper use, student hackers);
• insufficient safeguards taken with the remote use of networks by administrators, teachers, and students from home and other locations;
• weaknesses and security flaws existing in the ways that academic and administrative records and systems have been blended; and
• weak security in wireless systems.

Child safety is the absolute primary concern. And schools must concern themselves with risks such as civil lawsuits, monetary penalties, and direct financial losses that arise out of security failures, according to John Tuomy, a national expert on cybersecurity and former member of the Board of Education at the Palo Alto Unified School District. Pending legislation could mean that you should be ready with a "forensic-ready" audit trail that can document "if and when" a breach occurs, Tuomy said.

Simply put, schools can expect an even tougher regulatory environment coming down the pike, and those that do not take proper precautions to keep your data and network secure risk lawsuits, penalties, and damage to your standing in the community.

This situation is largely in direct response to the growing crime of identity theft, Tuomy says. Schools, which are gathering more and more student data, are an increasing target for hackers seeking to capture personal information. "There is a huge moral and legal obligation to ensure that our systems are secure," says John Collins, deputy superintendent of Poway Unified School District in California.

Schools lack information and know-how on the issue of network and data security. The Consortium for School Networking (CoSN) points out how the increased use of peer-to-peer data sharing, necessity for application interactions, and demand for equipment plug-and-play compatibility combined are making technology much more transparent. That makes it even more difficult to protect against cybersecurity threats.

In this issue of Super Tech News, we:

• explain what a security audit is and tell you why it's important to have a security audit done;
• examine privacy policies and procedures;
• provide information on leading security products on the market today;
• tell you about the CoSN cybersecurity initiative, where you can gain information and tools;
• look at a best-practices case study in a district that is performing and following through on a security assessment to protect its network and information.

In Cybersecurity 101, we give you some basics about what to do concerning network and data security. Then we break out the solutions and strategies more in depth in our Products and Solutions section, followed by a Best Practices article on security measures being taken in Poway, California.

Back to top

Back to top

Note: The BLEgroup does not endorse any of the products listed below. These products and services were chosen to provide a representative sample of what is available in the area of cybersecurity.

PRODUCTS AND SOLUTIONS:

When it comes to establishing strong security for your network and data, training, procedures, and policies matter as much as products and services. In this vein, we examine and focus on four key areas concerning security. The first looks at security assessments, and how more districts are taking this step to assess, identify, and fix the vulnerabilities of networks and data to external and internal threats. The second explores a program of self-assessment - the Consortium for School Networking (CoSN) cybersecurity effort, which seeks to give schools the tools, know-how, and communication exchange to institute strong security practices and policies. In the third segment, we take a look at a representative sample of products and services in the security realm. Fourth, we focus on school privacy policies in maintaining security of data, their importance and what they are. To access each segment, check out the following:

• Security Assessments
• Self-Assessment: CoSN's Cybersecurity Initiative
• Products and Services
• Privacy Policies

Security Assessments

A security assessment is an important step in finding, identifying, and fixing the vulnerabilities of your network and data to external and internal threats. You would be well advised to consider a security audit. Provided you go about it carefully, it is money well spent. Let's examine exactly what a security assessment is, the process, and why it is important in terms of keeping your network and data safe, especially in preventing the disclosure of super-sensitive and vital student and staff data.

State and federal regulators are increasingly demanding that school districts certify that their networks and information are secure. Schools that do not take proper precautions to secure data run the risk of heavy penalties and financial losses. Through a security assessment, you can find out exactly what is and isn't secure with your network and information, and what must be done to tighten security - whether it is a system-wide vulnerability or a problem in procedures that risks your district's information and credibility. It is critical for you to learn about security audits, especially in light in rapid technology change, the expansion of wireless, the ways in which hackers continually adapt to safeguards and devise new tactics, and the regulations governing privacy and security.

A security assessment analyzes the risks and identifies and describes the vulnerabilities in a system, and then offers practical, detailed remediation recommendations. A standard security assessment will include an examination of the following facets of your network and data (this is not an all-inclusive list, but will give you an idea of some of the items that are analyzed):

• security policies and processes
• privacy policies
• privacy data handling
• security controls
• technology infrastructure
• physical site security
• authentication systems
• Internet vulnerability assessment
• application security controls
• application source code examinations
• policies, procedures, and controls regarding wireless deployment
• identification of unauthorized access points
• possible memory leaks

Remember that a good security audit will give you not only a detailed listing of vulnerabilities and issues, but also a well-done executive summary that can capture what needs to be done to maintain security consistently.

Farm9, an Oakland, Calif.-based corporation that delivers information-security services and also makes available a managed security services provider, is a company that provides security assessments to clients, both inside and outside of the education field. In this newsletter, we take a look at Farm9's security assessment solution as one example of a security audit, and then below list a selected sample of other companies that perform security assessments.

Farm9 structures a security audit in three phases. To sum up, the first phase is an examination of an enterprise's policy, procedures, and roles - for instance, what type of privacy policy is in place, who is doing what in terms of the network on a daily basis, etc. Secondly, vulnerability testing is performed, both internally and externally from outside any enterprise's (for instance, a school district's) network. Those conducting the testing sit outside of a network and see what can be seen without authorized access, according to Guy Morgan, founder and head of Farm9. The third phase examines the network configuration, checking the setup in great depth and looking for any vulnerability.

The components of the security assessment are the following:

• Internet vulnerability assessment - This identifies risk and exposures to the Internet through an external penetration test.
• Enterprise assessment - This identifies the risks and exposures of the internal shared systems.
• Application assessment - This is an in-depth testing of a business application to be sure all exposures are addressed.
• Partner due diligence assessment - This identifies any risks and exposures where financial transactions flow between businesses and other enterprises. It gives an overview of the adequacy of any partner's security.

From this assessment comes a risk and cost matrix. Farm9 delivers a vulnerability report with prioritized matrix of weaknesses that can be exploited, recommended fixes, and technical references. Farm9 also presents a detailed report of network security tests and a best-practices certification, if best practices are met. The company completes a detailed how-to-fix document handed over to the client, and follows up with on-site briefings. The recommendations can range from where a certain necessary patch can be obtained and how to do the patch to suggested changes in a security procedure to make it stronger.

The initial assessment phase is very focused, and depending on the size of a school district and the number of people sent in by Farm9, is normally completed within two weeks. Then in a subsequent follow-up time, Farm9 presents the above deliverables.
A print report and data CD are given to the client from the assessment. Larger school districts are the ones tending to get security assessments currently, while among small and mid-sized districts, it tends to be the "early adopters" of technology securing these valuable assessments.

Poway Unified School District in California is one system that has engaged the services of Farm9 for a security assessment. We take a look at Poway's efforts in our Best Practices segment. For more information on the Farm9 security assessment, check out:
http://farm9.com/pdf/Assessment.pdf

Following is a sample of some other companies that perform security assessments:

BAI Security
Naperville, Ill.

SecuritySpace
Burlington, Ontario, Canada

Symantec
Cupertino, Calif.

Self-Assessment: The CoSN Cybersecurity Initiative

In the view of the Consortium for School Networking, cybersecurity is a critical issue that schools must not leave to outsiders. It is up to school boards, superintendents, and chief technology officers to assume the leadership to keep their learning communities and their virtual learning environment safe from a set of new threats. And, it's up to everyone in the district to remain involved. To this end, you need to know about the "Cyber Security of the Digital District" initiative of CoSN, in partnership with Mass Networks Education Partnership.

This program aims to help schools keep sensitive data from unauthorized access; make networks safe from attacks by viruses or being used as platforms for attacks on other systems; and protect schools from liability for copyright infringement on the part of school users.

In CoSN's view, the project is needed because schools have been transformed from stand-alone digital islands to sophisticated networks using data-driven decision making and interconnections between school users and the rest of the world. There is a lot of new information out there about security, but much of it doesn't deal sufficiently with the specific needs of K-12 schools - yet the threats are increasing. It's an absolute "huge issue," notes Keith Krueger, CoSN's executive director. More than two-thirds of all networked computers get struck by a virus each year, and half of reported system damage comes from within an organization. Yet, few school leaders are fully prepared to deal with the growing responsibility to make sure data and networks are protected and to respond appropriately should an attack or breach occur.

The CoSN initiative emphasizes that schools not cut corners or dollars and be sure to invest sufficient amounts in cybersecurity, despite budgetary pressures. Schools need to employ Total Cost of Ownership (TCO) analysis regarding expenditures for digital security. CoSN seeks to raise the level of self-responsibility and awareness, and to emphasize the need for schools to engage the entire staff in keeping networks and data safe and operational. If schools are not proactive, in all likelihood they will face more regulatory action and invite the kind of chaos that has happened in the health-care industry concerning the rules governing privacy of sensitive information.

Schools must start internally by pulling together stakeholders, defining what it is that you need to protect, taking an asset-based approach, and determining who might attack these assets and the existing vulnerabilities, according to Steven E. Miller, project director of the "Cyber Security" initiative and executive director of Mass Networks Education Partnership (MNEP).

The multifaceted CoSN project will equip schools with tools, vendor-neutral information, resources, ongoing professional development, and sharing of best practices from schools that are implementing sound approaches in digital security. The project is creating a toolkit that will help educators to understand the issues around network security, explain the problem to other stakeholders, assess their own situation, and begin to reduce their schools' risks. Central to the self-assessment piece is a checklist schools can use to assess their own digital assets, strategies, and processes.

CoSN is developing a Web site that will provide tools and information for policymakers and IT leaders; other tools such as slide shows that decision makers can use to engage and train district staff and teachers; workshop curriculum; and an online newsletter that will keep leaders informed about the latest developments in cybersecurity. The initiative also plans professional development including face-to-face workshops.

There are several steps that the project emphasizes in self-assessment of security readiness. First is the issue of physical security of one's network and information systems and a basic asset inventory. This asset inventory includes several categories, such as equipment, wires, and connections; data; operational systems; and people. Secondly, decision makers and technology directors must analyze each of the assets' vulnerabilities and prioritize in order to focus limited resources on what will provide the most benefits in security. Miller calls it the "80-20 rule: What are the 20 percent of things that will have 80 percent of impact?" Third is risk assessment and risk reduction, complete with an action plan. Fourth, schools must prepare for the fact that even if the strongest security protections are implemented, some breaches are inevitable. This is the crisis-management component, and addresses how schools should handle intrusions and breaches, how can damage be minimized, and preventing a recurrence. Dealing with a crisis and preventing it from occurring again involves three types of activity: dealing with technology, reforming policy, and working with people, according to CoSN.

Factors such as the growing use of wireless and PDAs are severely testing the limits of school security and will only do so more in the next couple of years. The technical community has a "glimpse" of the problems schools are facing, Miller says, but people are discouraged and need support and resources from school boards and the community. It is in this environment that the CoSN initiative has been launched to develop leadership and action in the educational community on cybersecurity. To find out more:

• Cyber Security for the Digital District
  
• Consortium for School Networking
  
• Mass Networks Education Partnership
  

Products and Services

There are many security vendors in this market space who perform network monitoring and management or offer firewall and VPN solutions. Some deliver combinations of these solutions and branded products. We are providing a large representative list of the companies.

First, however, let's have a look at some definitions. A VPN is a virtual private network, which denotes an entity - such as a company or district - using the Internet or some public telecommunications infrastructure to provide remote users and offices with secure access to their organization's network. A VPN, if well designed, is intended to improve security and operational costs over traditional leased lines to maintain a wide area network (WAN). A VPN works by using a shared public infrastructure while establishing privacy through security procedures and what are known as tunneling protocols.

For more information on how a VPN works, check out:
http://whatis.techtarget.com/definition/0,289893,sid9_gci213324,00.html

A firewall is a set of programs that protects the resources of a network from users from other networks. It is located at a network's gateway server and essentially prevents outsiders from having unauthorized access to its own data resources as well as controlling what outside resources the internal users have access to. Network firewalls may be software programs, hardware devices, or a combination of software and hardware.

For more information on how a firewall works, check out:
http://searchsecurity.techtarget.com/sDefinition/0,,sid14_gci212125,00.html

Following is a representative list of branded products and solutions. (We have placed these companies in categories for ease of checking them out and because many have a primary offering or solution. However, many of these companies are crossovers in that they combine offerings in a couple categories and also market solutions in areas such as desktop security.)

Firewall, VPN, and VPN Alternative Solutions

Network Analysis and Monitoring

Network Management

Altiris
Lindon, Utah

Apple
Cupertino, Calif.

Cisco Systems
San Jose, Calif.

Dell
Round Rock, Texas

Gateway
Poway, Calif.

Hewlett-Packard
Palo Alto, Calif.

Microsoft
Redmond, Wash.

Netopia
Emeryville, Calif.

Novell
Waltham, Mass.

Sun Microsystems
Santa Clara, Calif.

Privacy Policies

Many schools have no understanding about what a true and strong privacy policy should be. Privacy policies and procedures are a crucial component of your district's security. It does not suffice simply to proclaim that you will protect the privacy of students and staff.

Laws such as the Family Educational Rights and Privacy Act of 1974 (FERPA) address this area. While FERPA lays out exact responsibilities of schools with regard to student information, the No Child Left Behind Act amended FERPA to further guard confidentiality.

You put students at risk, as well as make your district vulnerable to financial losses, damage to community standing, and monetary penalties by not taking appropriate steps to protect the integrity and security of student records, including establishing a strong privacy policy.

John Tuomy, a security expert and former member of the Board of Education for the Palo Alto Unified School District in California, said that a solid privacy policy defines and explains exactly what student records are and outlines the requirements that hold a district responsible for privacy of records. The policy should also explain what confidentiality, release of information, and access are. There should be a designated leader in the district who is responsible for privacy of student information and data. Also, all staff must be trained thoroughly in the guidelines and standards for the district's privacy policy.

It is important to address the following questions:

• Is your privacy policy adequate?
• Has it been updated to reflect current regulations and procedures?
• Does it thoroughly and adequately serve the goal of protecting vital information from unauthorized access, use, or distribution?
• Are your privacy protections and procedures absolutely up to date in terms of the district's network infrastructure, levels of responsibility among staff, applications, and data?
  

Back to top

Best Practices: Network Security - Poway Unified School District

Poway Unified School District (PUSD) in California already had been leaning toward having a security analysis performed of its network infrastructure and applications, but when a high school student hacked into its computer system, the district decided there was no more time to waste. In August 2003, PUSD had a security assessment performed by Farm9, a California company that specializes in network and information security. This analysis and its findings are being used by PUSD to identify vulnerabilities from top to bottom within the network infrastructure and applications and to guide the district in the procedures and fixes needed to have a secure network environment on a continual basis.

Many industries, such as banks and financial institutions, conduct security assessments as a common business practice, but schools have not done so for the most part. PUSD has been a pioneer district in educational technology. The district has nearly 33,000 students, 31 different school sites, about 3,400 employees, and 10,000 computers throughout the district.

PUSD leaders, including Charlie Garten, executive director of Educational Technology and Information Services, and Deputy Superintendent John Collins, say the security assessment has been invaluable. They explain the process and what lessons are being learned through the audit.

While the district had been moving toward having a security assessment done, the security break-in definitely accelerated the situation. PUSD Superintendent Don Phillips got squarely behind the proposal to have a security analysis, and after it was approved, in August 2003, Farm9 came in to perform the audit. The assessment looks at all systems and apps closely, analyzes the risks, identifies and describes the weaknesses in a system, examines an enterprises' policies and procedures, and culminates in detailed remediation recommendations. Everything from authentication procedures, Internet vulnerability, and wireless deployment to application source code and network infrastructure comes under scrutiny.

The assessment includes three main phases:

1) In-depth review of policies, procedures, and roles;
2) Step-by-step vulnerability testing in which those doing the assessment sit both inside and outside of the firewall and determine what can be accessed without authorization and where security flaws exist; and
3) Close-up examination of the network configuration and other educational technology assets of the district.

The actual audit took approximately two weeks, Garten says. PUSD then was given a written report three weeks later and since then, has been going through a months-long process to follow up on and address all of the issues and problems raised by the security assessment. The audit report is about 200 pages long, and a 10-page executive summary and priority list are providing a foundational blueprint of where PUSD should proceed. The cost to PUSD has been approximately $40,000, but the funds are well spent, say those involved.

Among some of the facets of the security assessment Garten cited were the following:

• Firewall: Farm9 tested and gave PUSD a good rating on its firewall.
• Wireless: The firm also assessed the security of the district's wireless deployments. Wireless is a major security challenge, and Farm9 made security recommendations concerning the district's wireless technologies.
• Patches: Farm9 had PUSD do different Microsoft patches and then rated those implementations.
• Software apps: PUSD learned how some software applications were compromising security because there were back-door ways to get passwords, and found out how to address and fix this vulnerability. A security evaluation of software applications that are being implemented is paramount.

Farm9 also recommended the appointment of a CSO - a chief security officer. A district needs one top-level "powerful" person in charge who - if the district's system is hacked or compromised in any way - has to be in the position to say, "shut it off," if necessary. Secondly, a district needs to delineate a second role, that of someone who clearly has responsibility on the execution and maintenance side to make sure that all necessary patches, monitoring, and appropriate security policies and procedures are performed and in place.

PUSD is going out to bid on various recommendations made in the security assessment. The district is also taking other immediate steps called for in the assessment to ensure that its data warehouse and network will be secure as possible, and that security procedures are modified per the audit's recommendations. Policies and procedures were one of the main thrusts of the security assessment, and will be a top priority.

The district is also in the process of getting a company that will monitor its network 24-7.

As Garten explains, PUSD, like other districts, was aware that there were possible security flaws, but performing an assessment allowed Poway to know the extent and exact nature of these flaws - and how they can be addressed. "You can think you have a handle on it, but until you do one of these, you just don't know how huge the problem is," he says. While a number of the security fixes are not cheap, the risk of not doing them for any district could be much more expensive, in lost time and records, penalties, lawsuits, or other problems. And as rules have changed and districts are under far greater pressure and impetus to share data, districts have a huge obligation to parents, students, and the community to keep such data confidential. For these reasons, a security assessment is a crucial tool in establishing a safe, secure environment.

"The fact is, we are doing due diligence," Garten says. The audit process is not a one-time action; PUSD plans to do another security audit in another 12-18 months. It is an essential process in attempting to keep up and maintain strong security since there are new hardware and software being deployed at all times, many applications being added, and especially because hackers are constantly devising new ways to break in and get around existing security.

Garten and Collins, in going through the security assessment at Poway, say the process is well worth it.

Poway Unified School District
http://powayusd.sdcoe.k12.ca.us/

Farm9
http://farm9.com

Back to top

Below is an annotated list of technology-related education conferences (complete with links) that you may wish to attend in the next few months.

Ninth Annual K-12 School Networking Conference
"Personalization and Empowerment: No Child Left Behind and Technology" is the theme of the Consortium for School Networking (CoSN) annual K-12 networking conference. Educators, administrators, and education technology leaders participate.
March 2-3, 2004
Arlington, Va.
http://www.k12schoolnetworking.org/

Spring CUE 2004: Standards and Beyond
The spring conference of Computer-Using Educators, Inc. brings together technology leaders, educators, teachers, board members, and others to focus on the integration of technology in the curriculum. The conference explores using data to inform teaching and learning and meeting requirements of No Child Left Behind, among other topics.
March 18-20, 2004
Palm Springs, Calif.
http://www.cue.org/

International Technology Education Association: 66th Annual Conference
This annual gathering provides educators and teachers with new strategies to advance excellence in technological literacy and examines trends in technology education. Includes workshops, interest sessions, and trade show.
March 18-20, 2004
Albuquerque, N.M.
http://www.iteawww.org/D.html

Legislative and Policy Conference
Sponsored by the Council of the Great City Schools, this gathering for urban administrators, board members, and teacher-educators examines issues of concern to urban education. Topics to be explored include the implementation of No Child Left Behind and federal education funding for the fiscal year.
March 20-23, 2004
Washington, D.C.
http://cgcs.org/

National School Boards Association 64th Annual Conference
Workshops, clinics, an exposition, and speakers are featured at the NSBA's annual gathering, which examines strategies for raising student achievement, technology developments, challenges posed by NCLB, policy issues, funding, and many other topics.
March 27-30, 2004
Orlando, Fla.
http://www.nsba.org/conference/

Annual Meeting of the American Educational Research Association
AERA's program, entitled "Enhancing the Visibility and Credibility of Educational Research," considers what counts as evidence in high-quality educational research and how educational research informs and is informed by practice.
April 12-16, 2004
San Diego, Calif.
http://www.aera.net/meeting/index.asp

National Association of Elementary School Principals: 83rd Annual Convention
The annual conference of the National Association of Elementary School Principals features committee meetings, workshops, exhibits, and special events. Among the many discussions: the opportunities and challenges presented by NCLB, standards-aligned instructional leadership, and best data practices.
April 16-20, 2004
San Francisco, Calif.
http://www.naesp.org/ContentLoad.do?contentId=968

International Reading Association: 49th Annual Convention
Administrators, teachers, researchers, and other educators gather for premier professional development and networking opportunity in literacy education. Sessions, symposia, workshops, institutes, and exhibits make up the program. Convention program may be searched via the online e-planner.
May 2-6, 2004
Reno-Tahoe, Nev.
http://www.reading.org/2004/

NECC: National Education Computing Conference
The 25th annual gathering of the world's largest educational technology conference. Featured spotlight sessions, demonstrations, workshops and keynote sessions included. Major themes range from data-driven decision making and standards-based learning to emerging technologies and safety issues.
June 20-23, 2004
New Orleans, La.
http://center.uoregon.edu/ISTE/NECC2004/

Back to top

* * *
SUBSCRIBE TO FUTURE ISSUES
If you would like to receive future issues of SuperTECH NEWS, click here to subscribe . If you would like us to send the newsletter to any of your colleagues, please let us know or feel free to forward this issue on.

Let us know if the SuperTECH NEWS newsletter is helpful to you and what you would like to read about in future newsletters. Let us know if there are good practices and people we should write about... Call us if you want to know more about the CIO-Time Share Service.

E-MAIL: eliot@blegroup.com
OR CALL: 202.281.1763

BLE GROUP
3936 Livingston Street, NW
Washington, DC 20015
202.281.1763 phone
202.363.9192 fax

www.blegroup.com

SUPERTECH NEWS © 2004 BLE GROUP. All rights Reserved. Do not copy or reproduce without written permission.
NOTE: The BLE Group does not endorse any of the products mentioned in this newsletter.
These were selected to illustrate the types of products currently available.