Diocese of Harrisburg Wide Area Network Handbook Page |2 Table of Contents Acceptable Use for Students ......................................................................................................... 24 Social Media Policy ...................................................................................................................... 29 Caring for the 2900 Series Cisco Router ........................................................................................3 Connectivity Issues with Router and Other Issues .........................................................................3 Configuring External DNS Entries .................................................................................................7 Configuring Public IP Addresses ....................................................................................................6 Diocese of Harrisburg Remote Email Users ...................................................................................7 Diocese of Harrisburg Intranet........................................................................................................8 Glossary for Web Tools ................................................................................................................ 36 Help Desk (Diocesan) ....................................................................................................................7 Internet Safety Rules for Minors................................................................................................... 28 Listserv Rules and Etiquette ...........................................................................................................9 Lightspeed Web Filtering ............................................................................................................. 12 New Members joining the Diocesan WAN Consortium (Non WAN Members) ......................... 10 New Members joining the Diocesan WAN .................................................................................. 10 Members desiring to withdraw from the Diocesan WAN ............................................................ 11 Purchasing Procedure.................................................................................................................... 12 Troubleshooting (Connectivity ) .....................................................................................................3 Before 8:00 am and after 5:00 pm ...........................................................................................6 Use of Spam Filtering ................................................................................................................... 22 Use of Video Conferencing Unit .................................................................................................. 15 Video Conferencing Directory............................................................................................... 17 Quick Guide for Video Conferencing Unit ............................................................................ 17 Use of Video Conferencing Unit During Off Hours .............................................................. 22 Use of Web Conferencing/Web camera capabilities .................................................................... 22 Page |3 Technical Information Care of the Cisco 2900 Series Router The specs for the Cisco 2921 router can be found at: http:www.hbgdioces.org/WAN. There are two Ethernet cables coming out of the 2921 router, one in interface GigabitEthernet 0/0 (should be an orange cable) and one in GigabitEthernet 0/1 (should be a blue cable). The GigabitEthernet 0/0 interface is for the WAN connection (typically Comcast, but is PennTeleData for several sites and is a cable modem connection for the VPN sites). The GigabitEthernet 0/1 interface is connected to your local internal network. There is also a power cable that goes out of the router and goes to the UPS. The UPS should be connected to your dedicated electrical circuit. If there is a connectivity problem with your router, see the Connectivity and Content Troubleshooting below. Connectivity Troubleshooting Make sure that no one has mistakenly caused a network loop. A network "loop" simply put is a data connection that logically connects to itself. Network loops will often affect everyone on a school network and cause significant network performance degradation and connectivity issues. Make sure that no one at your local level has modified the network in any way, thus causing a network loop. A visual clue that this has occurred is when the lights on your switch are a solid green rather than flashing green. Some symptoms of a network loop are: Internet access fails intermittently during the day. Local network performance or Internet access becomes very slow. Workstations cannot connect to servers or lose their connection to servers. Workstations are unable to check email or go to the Internet. Below are several visual examples of "network loops" which can cause an entire network to fail or at the very least cause intermittent network connectivity for workstations and servers. Page |4 For Connectivity Issues If connectivity (the inability to connect to WAN or Internet resources) becomes a problem, the following connectivity test procedure should be performed: 1. Check to see if www.hbgdiocese.org can be reached. This test is to see if the link to the Diocese HQ is operational. 2. Check to see if www.iu13.org can be reached. This test is to see if the link to IU13 is operational. Page |5 3. Check to see if you can access another website such as www.cnn.com or www.usatoday.com. This test is for connectivity to see if Internet is operational. 4. If all sites cannot be accessed, check to see if there are green lights on your router on the front panel as indicated in the figure below for items 1,5,6, and 9: a. If there are NO green lights present: i. Check to see if the router power cable is plugged in to the router as noted above as item 3 and to the UPS. ii. Check to see if the UPS has green lights on the front panel as shown below for: 1. Online LED (middle of 3 LEDs immediately to left of Power On and Power Off buttons) 2. Load (far left vertical column of LEDs) 3. Battery (far right vertical column of LEDs) iii. If the UPS and Router do not have power, check to see if the circuit breaker has been blown 1. If this is a recurring issue, then you need to see an electrician regarding an installation of a 120 v, 15 amp dedicated line for the UPS. 5. For WAN remote sites with a dedicated Ethernet WAN connection from Comcast: a. Check the status of the Comcast Ciena 311v switch: i. Power Light should be on (Green) ii. Status Light should be on (Green) iii. Comcast Fiber Uplink (Port 28, on Left side of switch) 1. Port 28 (Uplink Port) should have LX light on (showing link) and fiber connected 2. Port 28 TX and RX lights will blink as traffic is passed iv. Customer 10/100 BaseT Copper Ethernet port (port 1, in middle of switch) Page |6 1. Copper port 1 is the customer handoff port 2. LED status indicators are on the right side of the switch 3. Link light 1 should be on (shows link) this will blink as traffic is passed. b. Once Comcast is called, a call is made to the WAN Coordinator. The WAN Coordinator can be reached at: 717-657-4804 ext. 254. NOTE: You will need to provide the WAN Coordinator with the Comcast ticket number 6. For WAN remote sites with a VPN connection to the WAN: a. Check the status of your cable modem indicator lights: i. Confirm Power is on. ii. Confirm link to the 2921 router is active. iii. Confirm link to the cable service provider is active. b. Contact the WAN Coordinator. The WAN Coordinator can be reached at: 717-657-4804 ext. 254 Troubleshooting Support before 8:00am and after 5:00 pm Weekdays and Weekends If an entity has a problem with connectivity or WAN application access during non-school hours, the entity should call the WAN Coordinator at 717-712-9298 who will open up a help desk ticket and the problem will be addressed in a timely manner. Configuring Public IP Addresses Each WAN member is assigned a block of public IP Addresses from IU13’s allocation from the American Registry for Internet Numbers (ARIN). All Public IP Addresses are configured on the IU13 WAN core firewalls, not at the individual WAN remote sites. To add or change a Network Address Translation (NAT) for a public IP Address to be assigned to a particular internal IP address for a remote site, a remote site needs to contact the WAN Coordinator and provide the following information: o Internal IP address o Public IP address out of the site’s allocation o Applicable firewall security ruleset (e.g. permit http traffic in from the Internet for a new webserver),, o Any associated external DNS changes o Requested implementation timeframe (normal requests should be at least 2 business days in advance of desired implementation date). Page |7 Configuring External DNS Entries IU13 has two external name servers that are used to support external DNS zones for all WAN members, support both forward and reverse zones. To request an external DNS entry change for a zone, a remote site needs to contact the WAN coordinator with and provide the following information: o DNS record change type (e.g. Add, Modify, Delete) DNS information to be added/modified/deleted: Text format: Add a new DNS entry for www.abcschool.org using public IP address 1.2.3.4 Actual DNS record: Add the following record for zone abcschool.org: www IN A 1.2.3.4 o Requested implementation timeframe (normal requests should be at least 2 business days in advance of desired implementation date). Procedural Information The helpdesk procedure is applicable for users with a diocesan email account. Those users that do not have an account could use wan@hbgdiocese.org. This email contact will alert the IT department of your issue. Follow the steps below when you email the IT department. The Diocese of Harrisburg’s Help Desk Requests for Assistance All requests for assistance from the IT Department are required to come through the Help Desk System by manually entering a request to helpdeskmail@hbgdiocese.org from your diocesan email account with the following information: o Request Date o Requestor: (Your Name) o Phone with extension if applicable o Alternate Phone (Cell Phone if applicable) o Subject of the Difficulty (ex: Study Island) o Priority: Please indicate the urgency of request and a date to be completed o Then a detailed explanation of the nature of this help request. The Diocese of Harrisburg’s Email for Remote Users There are two different ways you can access your Diocesan email account: Webmail o Open your Internet browser and go to the following web address: https://webmail.hbgdiocese.org o Enter your Diocesan username and password to login o You now are logged into your Diocesan email Page |8 Remote Access o Open your Internet browser and go to the following web address: https://apps.hbgdiocese.org o Enter your Diocesan username and password to login o Click on Outlook 2007 to open your Diocesan email o NOTE: You will need the Citrix receiver installed for Remote Access o If you have any questions or concerns about any of the information provided on this card please email the helpdesk at helpdeskmail@hbgdiocese.org or call 717-657-4804 ext 281. The Diocese of Harrisburg’s Intranet There are two different ways you can access the Diocesan Intranet: Remote Access o Open your Internet browser and go to the following web address: https://apps.hbgdiocese.org o Enter your Diocesan username and password to login o Click on Diocesan Intranet o If prompted for username and password enter HBGDIO\Username and your password Through the Internet o Open your Internet browser and go to the following web address: www.inside.hbgdiocese.org o Enter your HBGDIO\Username for the username and your Diocesan password in the password field o If you do not have a Diocesan account, enter in the following: o Username: HBGDIO\iguest Password: DioHbg11 Help Desk Emergency Situations An emergency is a situation in which you require assistance within the next 10 minutes due to extreme circumstances. Follow up with a phone call to the Diocesan Office (717) 657-4804 with an emergency extension of 281. You will be presented with a menu. When you select ‘1’ for emergency, the call will ring on all IT personnel telephones. Help Desk Hours of Operation Please remember that although you can enter a request into the system 24 hours a day, 7 days a week, the hours of availability for the IT team are 8:00 am to 5:00 pm Monday through Friday. Page |9 Listserv Rules & Etiquette The Diocese of Harrisburg in partnership with IU 13 has established a listserv for communication between Technology Coordinators, Business Managers, and the Technology Committee of the Diocese. In order to join the Diocesan Listserv’s, contact the Wan Coordinator by sending an email specifically asking for this activity. Include in the body of the email the name of the person and the person’s email. Emails sent to the Listserv should use the following address. For Technology Coordinators: dio.techcoord@lists.iu13.org Emails sent to the listserv will be stored until the WAN Coordinator review the message. Only when the message is approved by the WAN Coordinator will the entire group receive the email. Do not respond to the actual listserv by respond to the user who sent the email. By joining the list serve and using these e-mail lists, you agree that you have read and will follow the rules and guidelines below:. Use caution when discussing specific products. Information posted on the lists is available for all to see, and comments are subject to libel, slander, and antitrust laws. All defamatory, abusive, profane, threatening, offensive, or illegal materials are strictly prohibited. Such postings would be immediately deleted by the listserv WAN Coordinator without warning. Please include a signature tag on all messages. Include your name, school/parish, city, and e-mail address. State concisely and clearly the topic of your comments in the subject line. This allows members to respond more appropriately to your posting. Only send a message to the entire list when it contains information that everyone can benefit from. Send messages such as "thanks for the information" or "me, too" to individuals--not to the entire list. Do this by using your e-mail application's forwarding option and typing in or cutting and pasting in the e-mail address of the individual to whom you want to respond. Administrative messages such as “remove me from the list” should be sent to the Wan Coordinator instead to the list serve itself. If you change your email address, send an email to the WAN Coordinator with the information. All posts to the listserv will be monitored by the WAN Coordinator. Posts that are deemed unworthy due to their subject or nature will be deleted by the Wan Coordinator without warning. P a g e | 10 Membership Information New Tier 2 and Tier 3 Members Joining the Diocese WAN Consortium (Tier 2 – Connected to Tier 1 Member for Services) (Tier 3 – Members of the Consortium at Large) The purpose of the Diocese of Harrisburg WAN Consortium is to perform activities and provide services that would be beyond the capabilities of any individual entity. Members of the Diocese of Harrisburg WAN Consortium at large and Tier 2 members will be able to participate in bulk purchasing of services and technology, leading to lower costs. When feasible, other Diocese entities may be permitted to participate in bulk purchasing. Additionally, Tier 2 members will be able to utilize the WAN services offered through the Tier 1 member to which they are connected. If an entity wishes to join the Diocese of Harrisburg WAN Consortium, they are to contact the WAN Coordinator in writing on the entity’s letterhead expressing the desire to join. The written document should include the following: 1. The written statement of intent or Letter of Commitment; 2. Whether they desire to be a Tier 2 or Tier 3 member; 3. Tier 2 applicants must have the associated Tier 1 member’s written approval for connection to them; Tier 1 members will be contacted by the WAN Coordinator for verification; 4. A signed Memorandum of Understanding for the WAN; 5. Contact information (name, email, telephone number, and extension) of the following: a. Principal, Business Manager, Pastor, or Executive Director; b. Contact person responsible for technical items; i. Such as: Technology Coordinator, Network Administrator, etc. After the WAN Coordinator is contacted, the entity will be added to the Technical and Business Manager targeted communication listing, and information will be provided to the entity regarding services and pricing of new technology. New Tier 1 Members Directly Connected to WAN Services If an entity wishes to join the Diocese of Harrisburg WAN Consortium and connect directly to the Diocese network as a Tier 1 member, they are to contact the WAN Coordinator in writing on the entity’s letterhead expressing a desire to join. The written document should include the following: 1. The written statement of intent or Letter of Commitment; 2. A signed Memorandum of Understanding for the WAN; 3. The exact mailing address and phone number of the building of the entity to be connected; 4. Contact information with signatures (name, email, telephone number and extension) of the following: a. Principal, Business Manager, Pastor, or Executive Director; P a g e | 11 b. Contact person responsible for technical items; i. Such as: Technology Coordinator, Network Administrator, etc. After the WAN Coordinator is contacted, Comcast will be advised of the new member. Comcast will perform a site survey and compose and submit a proposal to the WAN Coordinator. Equipment and software provided through the grant process is the property of the Diocese and will be tagged and recorded as such. The Parish/School will return any equipment or software that was provided to them for which they did not pay and which was funded through the grant process at the time of withdrawing from this initiative. The post-grant membership pricing structure for Tier 1 members is as follows: The entity is responsible for the connectivity build-out costs and any equipment needed for connectivity (pulling the fiber, the router – including configuration and installation, web cameras, web conferencing units, etc); The monthly fee for services is the same as any other entity in the consortium at the time of membership; Please note: If Comcast cannot service the new member, an alternate service provider will be arranged. Entities can purchase additional levels of connectivity above the base-level offering and are responsible for the additional costs of the increased connectivity. All services (applications, professional development opportunities, targeted communication capabilities) that are available to other members of the consortium will also be provided to the new member. New Tier 1 School members are responsible for: Having an up-to-date Technology Plan submitted to the WAN Coordinator; Filing for E-rate reimbursement for their local telephone and cell phone costs Members desiring to withdraw from the Diocesan WAN Contracts with Comcast and services provided by the WAN are on a five year basis. If an entity wishes to break the contract (except for the closing of that entity), it is responsible for the full payment of the remaining part of the contract to the Diocese of Harrisburg. That desire has to be expressed in writing to the School Wide Area Coordinator. The School WAN Coordinator will then contact Comcast for the cancellation of the contract with that specific entity. Once the contract has been broken, all equipment that the WAN provided will be returned to the Diocese. The equipment includes: The Cisco 2900 Series Router Video Conferencing Unit Web Cameras P a g e | 12 The entities passwords and public IP addresses will be removed from the Network All equipment returned to Diocese must match the serial numbers of the equipment given to the entity. Purchasing Procedure One power of a consortium is the purchasing aspect. If an entity desires the purchase of any type of technical or computer related hardware/software, the entity is asked to do the following: 1. An email should be sent to the WAN Coordinator regarding the need to purchase equipment. This will set into motion research by the IT team regarding the lowest cost that could be ascertained by the diocesan staff. 2. An email should be sent to the listserv at: dio.techcoord@lists.iu13.org with the information that was posted on the procurement page. This would alert all other school entities regarding a need to purchase equipment. Please give this process at least 4 weeks for the IT staff to get back to the individual entities. Services Use of Lightspeed -- Web Filtering Device Each entity has been given a user name and password in order to configure their individual Lightspeed Policy. If you have forgotten your username/password, please contact the WAN Coordinator. If you want to change your password and/or your override, please contact the WAN Coordinator. Google and Bing are the only two search engines in which Safe Search is compatible. So, on your policy level blocks/allows, you should block all search engines except Google and Bing. Safe Search is a feature of the web filter that blocks questionable thumbnails pictures in the image component of the Google search. Note: Other search engines (yahoo) are not supported for Safe Search P a g e | 13 Modification of Your Lightspeed Filtering Policy 1. Go to 10.70.23.4 2. When prompted, enter the username and password you were supplied. Example: Username: hbgdio\DioCntrAD Password: abc123 3. Click on the word Policies in the black bar. 4. Click on Policy Assignments on the left hand menu P a g e | 14 5. Click on your IP range. 6. Click the edit button next to the Content Filter Policy 7. Click on edit set under Property Sets P a g e | 15 8. Remember to hit the save buttons after making any changes. 9. Please check whatever policy you would like to allow over ride. These boxes must be checked so that your teachers can over ride the general filtering policy. Use of Video Conferencing Unit Notes about Unit Setup Bridge – A device from IU13 that allows more than two users to use the Video Conferencing Unit at one time. Currently, the bridge at IU13 can only maintain a 20 person conference o When the bridge is used, you have no far end control of camera o When the bridge is used, mute microphones until needed P a g e | 16 o To schedule use of the bridge, contact the WAN coordinator at the Diocese at least two weeks prior to the event in order to schedule use of the bridge. The following information is required to schedule the bridge. A. Date, Start Time, Length of meeting B. School name who is the moderator C. Number of participants D. Contact information including phone number of participants (To be used when troubleshooting or testing) E. E164 Address of Moderator F. E164 Address or IP addresses of Participants Cables needed for set up -- The only cable that does not come with the unit is a DVI to a HDMI cable. This can be purchased in Radio Shack or Staples. Connecting with other VC units – When connecting to other units within the WAN, you need to “call” the number that is located on the bottom of the home screen. o If you would like an outside unit to call you, this is the IP address in which that entity needs to call you: 206.82.16.155##plus the number that you find on the bottom of your home screen – yes that’s two # o To call the bridge: 7171000 o Diocesan ID #70011# – If you plan to tape the session o Diocesan ID #70001# -- If you do not plan to tape the session Note: An entire directory of all entities receiving a vc unit is on the WAN page on the diocesan website. Microphone – When setting up the unit, make sure that microphone is located in the middle of the room. The microphone has a 20 foot range. Setting up VC Unit – Connect all cables BEFORE powering up the unit P a g e | 17 Directory of Schools on the WAN Name Annunciations BVM School Bishop McDevitt High School Delone Catholic High School Good Shepard School Harrisburg Diocese Holy Name of Jesus School Immaculate Conception School Lancaster Catholic High School Lebanon Catholic High School Our Lady of Lourdes Regional High School Our Lady of the Angels School Our Mother of Perpetual Help Resurrection Catholic School Sacred Heart of Jesus School Saint Andrew School Saint Anne School Saint Columba School Saint Francis Xavier School Saint Joseph School (Dallastown) Saint Joseph School (Danville) Saint Joseph School (Hanover) Saint Joseph School (Mechanicsburg) Saint Joseph School (York) Saint Leo the Great School Saint Margaret Mary School Saint Patrick School (Carlisle) Saint Patrick School (York) Saint Rose of Lima School Saint Theresa School Harrisburg Catholic – St. Patrick Campus Trinity High School York Catholic High School Quick Guide for VC Unit I. Powering the Polycom HDX on and off To Power ON the Polycom HDX, do one of the following: • Press the power button on the remote control. • Press the power switch on the front of the system. E164 Address 70171 70121 70111 70091 70011 70021 70351 70081 70031 70071 70241 70231 70291 70141 70281 70221 70341 70271 70331 70251 70151 70051 70201 70321 70101 70311 70161 70191 70041 70181 70131 70061 P a g e | 18 The Polycom splash screen is displayed within about 10 seconds. To power OFF the Polycom HDX, do one of the following: • Press and hold the power button on the remote control for 2 seconds. • Press and hold the power switch on the front of the system for 2 seconds. The indicator on the front of the Polycom HDX provides this information: Indicator Light Off System Status System is powered off. 1. System is initializing. Steady green/blue light Blinking green/blue light Blinking green/blue light (on 1 sec, off 2 sec) II. 2. System is awake and not in a call System received an IR signal while awake and not in a call System is asleep, not in a call. Placing and Receiving calls To place a call by entering a name or number: 1. In the dialing field, enter the dialing information. Depending on the capabilities of your system and the system you are calling, the dialing information will look like one of these samples: 10.11.12.13 (IP address—include the dots via * key) 19782922854 (ISDN number) 2. Enter any additional information needed for the call. The available settings depend on the type of call and your system’s configuration. Not all calls require these settings: Call Quality – Specify the call rate or call type for this call. Auto to let the system determine the best quality for the call. Second ISDN number – Use two numbers only when the person you are calling instructs you to do so. Extension – If you need to dial an extension (E.164 address), enter the extension in the second entry field. If your system is not configured with a second entry field, you can enter the extension when the gateway prompts you. You can also specify characters in the dial string as instructed by the system administrator. 3. Press Call on the remote control to place the call. Call progress indicators appear on the screen to show that the call is in progress. When the indicators turn green, the call is connected. To receive an incoming call: 1. By default Polycom HDX units are configured to answer incoming calls automatically, therefore there would be nothing needed on your part to answer the call. 2. If you system does not answer calls automatically you will need to press the button when the system is ringing Ending a video call: Call P a g e | 19 1. Press Hang Up on the remote control. 2. If prompted, confirm that you want to disconnect from the far site(s). Changing how incoming calls are answered: 1. Go to System > Admin Settings > General Settings > System Settings > Call Settings. 2. Select Auto Answer Point-to-Point Video to set the answer mode for calls with one site, or select Auto Answer Multipoint Video to set the mode for calls with two or more other sites. 3. Select one of the following: Yes – Answers calls automatically. No – Enables you to answer calls manually. Do Not Disturb – Refuses incoming calls automatically. The caller receives a message that the site is unavailable. III. Placing a multipoint call To place a multipoint call by adding sites to a call: 1. Call the first site. 2. When the call connects, press Call on the remote control. 3. Place a call to the next site. 4. Repeat steps 2 and 3 until all sites are connected. IV. Showing content from PC To start showing content: 1. Verify that the cable is connected to the correct port on the Polycom HDX 2. Make sure the computer is connected and powered on. 3. Press input. Content on the remote control or press Camera and select the computer Audio from the content input is muted unless the content input is selected as a video source. To stop showing content: 1. Press camera. V. Content on the remote control or press Monitor Layout Dual monitor or Dual Monitor Emulation: Camera and select the main P a g e | 20 Using Dual Monitor Emulation in a call During calls using Dual Monitor Emulation, users can press the remote control to scroll through the following screen layouts: Near and far sites, same size, side by side Far site big, near site small Near site big, far site small Near site, full screen Far site, full screen The last layout viewed is used for the next call. VI. Display button on the Controlling what you see You can use the remote control to select and adjust the main camera or any other near-site or farsite video sources, such as document cameras, computers, VCRs, or DVD players. You may be able to adjust other auxiliary cameras or far-site cameras that support pan, tilt, and zoom movement. To adjust a camera using the remote control: a. Press Near or Far to select either near-site or far-site control. During a multipoint call being hosted by a system in the call, you can only adjust a camera at the far site that is currently speaking. b. Press the arrow buttons on the remote control to move the camera up, down, left, or right. c. VII. Press Zoom on the remote control to zoom out or in Controlling what you hear To adjust the volume: 1. Press Volume on the remote control. Changing the volume affects only the sound you hear at your site. To mute or un-mute the microphone: Press Mute on the remote control. P a g e | 21 If a Polycom microphone is connected to your system, you can also mute the call by pressing on the microphone. VIII. Remote Control Layout P a g e | 22 Use of Video Conferencing Unit during Off Hours If there are plans to use Video Conferencing during off hours, a call or an email to the WAN Coordinator must be sent 2 weeks before expected service. This enables us to request after hours support from IU 13 if the system looses connectivity. The broadcasting entity should have an alternative plan if technical difficulty takes place such as an Elluminate session or a teleconference. These alternative plans should also be communicated with the WAN Coordinator as well. Testing of all video conferences should be conducted at least a day prior to the event and then again 2 hours prior to the event to ensure there are no issues. If you experience difficulty connecting, try dialing an external test site such as Polycom Israel located in the directory. Use of Web conferencing/web camera capabilities Visit www.elluminate.com for free webinars, on-line trainings, and manuals. The Elluminate manual can also be found on the diocesan website at www.hbgdiocese.org/wan. It is a great guide for the use of the Elluminate client. Each school has received a username and password from the WAN Coordinator. If you have forgotten or lost your username and/or password, please contact the WAN Coordinator. If a school wishes to conduct an elluminate session, they are to contact WAN Coordinator with the following information: Date of Session Reason for Session Begin and expected end time of session Number of participants The WAN Coordinator will establish a session and send the link to the individual who requested it. That individual should forward the link to invitees of the session. The link allows guests to the session to access the site. Use of Spam filtering Spam filtering protects the user from unsolicited or undesired email messages. The Barracuda Spam Filters that we are using from the IU 13 provide filtering on inbound emails only. What this means is that the filters look at emails that are pointing to certain domains (the email address of members on the WAN). Entities on the WAN that have their own e-mail servers are the only entities that can use this service. The filter does not block messages that are hosted out of the sphere of the WAN. In order words, those entities that have their email hosted P a g e | 23 by other services (Gmail, GoDaddy, etc.) are not filtered by the spam filter. Those services have their own filter. Spam caught by the filter will be archived for 24 hours and then purged. Emails that contain a virus, or from a sender that is on the “black list” will automatically be quarantined. If you are repeatedly not getting emails from a sender that you know, please send the WAN Coordinator an email (wan@hbgdiocese.org) with the following information: Who is the message to Who is the message from Time and/or date in which the missing email was sent to you. The WAN Coordinator will send a help desk request to IU 13 to remedy the situation. When the Coordinator gets information back from the help desk, you will be informed of the remedy. Entities choosing to keep their own spam filter in place can do so. The spam filter at the IU will filter out spam per your domain (see above) and then those entities wishing to keep their own filter can provide a tighter policy for the local level. In other words, this can provide a two tiered spam filter. The filter at the IU 13 blocks the following attachments by default: Encrypted zip files .dll files .exe files P a g e | 24 Administration Information Student Use ACCEPTABLE USER POLICY Diocese of Harrisburg Purpose: Computers are a valuable tool for education at _______________________ School; the faculty/staff encourage the proper use of computer related technology including the Internet. Students and all users of computer technology have a responsibility to use these tools properly and in accordance with the policy below. No student will be able to use the Internet without this agreement signed and on file with the computer technology teacher and/or the office of the Dean of Students. Goals: To provide a variety of electronic tools to help students and teachers develop the ability to evaluate and synthesize information from a variety of sources To enable students to work effectively with various computer/communication technology. To encourage critical thinking and problem solving skills which will be needed in this increasingly electronic and global society. Responsibilities of User: Christian morality obliges each person to use all things in ways that are good and meaningful for human development. With right of access comes the responsibility to use the source both correctly and wisely. ____________________ students and staff and all those who use the school’s computers are expected to exercise wise judgment, common sense and good taste in selecting sites and material from the Internet. Staff will assist in monitoring Internet sites used but it is the responsibility of each user to monitor his/her use of technology resources, especially the Internet. General Guidelines for use of the Internet: Computers are to be used only for the purpose of academic or other authorized activities. All users are required to take simple Internet training (how to sign on, log off, etc.) from a teacher. The Network Administor or computer teacher has the right to monitor and to judge the acceptability of all activities. Students may not attempt to deprive authorized personnel of any necessary supervision or access. Any attempt to go around system security, (Hacking or any unauthorized activity) guessing passwords or in any way gain access to secured resources is forbidden. Uses of proxy sites or another other means to circumvent filtering software is strictly prohibited. P a g e | 25 No user may deliberately attempt to degrade the performance of any computer system. Users will not move, repair, reconfigure, modify or attach external devices to the systems. Use of the Internet for commercial gains or profits is not allowed from an educational site. E-mail may be used in correspondence with professionals or regarding subject matter relevant to research. The e-mail is only used with permission. No personal e-mail is permitted. No student is allowed to enter a chat room. Staff and other adult users are likewise asked to avoid chat rooms when using the school’s computer. Use of electronic mail and other Internet facilities to harass, offend or annoy other users is strictly forbidden. Transferring copyrighted material to or from _____________________ School without express permission of the owner is a violation of Federal Law. The student is deemed responsible to see that this does not occur. Additional rules and restrictions may be added at any time. Deliberate spreading of a virus through the use of the Internet or a disk is strictly forbidden. Internet: __________________________ School will adhere to the policy as stated in the Diocese of Harrisburg Policy Handbook. It includes the following paragraph: “The Internet is a public forum with unrestricted access. For this reason, the schools in the diocese restrict permission for the posting of information related to the school, the staff, and students on the Internet. No person is permitted to use the school name or images of the school, the school logo or seal, school staff or students in any form on the Internet or in any form of electronic communication without specific written permission from the school administration. The posting of any such information on any website, social networking site, bulletin board, chat-room, e-mail, or other messaging system without permission, or posting or transmission of images or information in any format related to the school, staff or students that are defamatory, scurrilous, pornographic, or which could be construed as threatening or impugning the character of another person is prohibited and will make any person involved in the posting or transmission of such subject to disciplinary action deemed appropriate by the administration of the school, or by the diocese.” P a g e | 26 Computer Use Rules: 1. Protect privacy. For reasons of personal safety, students will not post personal contact information about themselves or other people. This may include address, telephone number, school address, etc. Students will not knowingly or carelessly post false information about a person(s) or organization(s). 2. Research honestly. Consider that all work on the Internet is copyrighted. Students will not plagiarize works they find on the Internet. Plagiarism is taking the ideas or writings of others and presenting them as if they were your own. The illegal downloading of copyrighted software for use on home and school computers is prohibited. All sources for research taken from the internet for projects must be documented correctly. 3. Respect life. Fraudulent, harassing, violent, libelous, obscene, discriminatory, religiously offensive, ethically offensive, and other inappropriate materials or messages may not be e-mailed, printed, requested, displayed, uploaded, downloaded, or stored. 4. Respect property. Students will not make deliberate attempts to disrupt computer systems, or destroy data by spreading computer viruses or by any other means. These actions are illegal as well as immoral. Sanctions: 1. Students who do not use Internet and other computer resources in an ethical manner will lose computer use privileges at the school. Further disciplinary action will be determined by the Principal/Computer Teacher/Dean of Students. 2. Disciplinary or legal action may be taken by the school or other interested parties. Legal issues: Laws governing computer use currently exist in Pennsylvania. Violations of the above policies may constitute a criminal offense punishable under Pennsylvania or United States Federal law. As an example, under Pennsylvania law, “. . . it is a felony punishable by fine up to $15,000 and imprisonment up to seven years for any person to access, alter, or damage any computer system, network, software, database, or any part thereof, with the intent to interrupt the normal functioning of an organization (18 Pa. C.C. 3933)(a)(1) . . .” “ . . . Disclosing a password to a computer system, network, etc., knowingly and without authorization, is a misdemeanor punishable by a fine of up to $10,000 and imprisonment of up to five years, as is intentional and unauthorized access to a computer, interference with the operation of a computer or network, or alteration of computer software (18 Pa. C.S. 3933)(a)(2) and (3) . . .” P a g e | 27 Web Tools Use of New Web Tools Online communication is critical to our students’ learning of 21st Century Skills and tools such as blogging and podcasting offer an authentic, real-world vehicle for student expression. However, such technologies can open up real dangers to students. So, expectations for classroom blogs, wikis, student protected e-mail, and podcast projects or other web interactive use must follow all established Internet safety guidelines. Part of the process of using web 2.0 tools is educating minors about appropriate online behavior, including interacting with other individuals on social networking websites and in chat rooms and cyber bullying awareness and response. General Guidelines for Internet Safety areas follows: Blogging/Podcasting Terms and Conditions: The use of blogs, wikis, podcasts or other web 2.0 tools is an extension of a classroom and school. Therefore, any speech that is considered inappropriate in the classroom is also inappropriate in all uses of blogs, podcasts or other web 2.0 tool. This includes but is not limited to profanity, racist, sexist or discriminatory remarks. Students using blogs, podcasts or other web tools are expected to act safely by keeping ALL personal information out of their posts. A student should NEVER post personal information on the web (including, but not limited to, last names personal details including address or phone numbers, or photographs). Do not, under any circumstances, agree to meet someone you have met over the Internet. A student should NEVER link non-school sites that are hosted on remote, non-school web servers from your class’s blog or wiki. Example: personal MySpace or Facebook pages. Any personal blog a student creates in class is directly linked to the class blog which is typically linked to the student profile, and therefore must follow these blogging guidelines. In addition to following the information above about not sharing too much personal information (in the profile or in any posts/comments made), students need to realized that anywhere they use that login it links back to the class blog. Therefore, anywhere that login is used (posting to separate personal blog, commenting on someone else’s blog, etc.), the account should be treated as a school blog and follow these guidelines. Comments made on blogs are monitored and will be deleted when inappropriate. Never link to web sites from your blog or blog comment without reading the entire article to make sure it is appropriate for a school setting Students using such tools agree to not share their user names or password with anyone besides their teachers and parents and to treat blogspaces as classroom spaces. Speech that is inappropriate for class is also inappropriate for a blog. Students who do not abide by these terms and conditions may loose their opportunity to take part in the project and be subject to consequences spelled out by the student handbook. P a g e | 28 Students should respect and protect the intellectual property of others by not plagiarizing or infringing on copyrights on any school computer or through the use of web 2.0 tools. (No making illegal copies of music, games or movies) Internet Safety Rules for Minors Don't give out information about yourself like your last name, phone number, address or school — without asking your parents first. Never e-mail a picture of yourself to strangers. Be suspicious of those who want to know too much. There's no rule that says you have to tell them where you live or anything else personal. Trust your instincts. If someone makes you feel uncomfortable, leave. Avoid chat rooms or discussion areas that look sketchy or provocative, and don't let people online trick you into thinking of them as real-life friends if you've never met them in person. If somebody says something to you that makes you uncomfortable or if somebody sends you something or you see something that makes you uncomfortable, don't look around or explore: Get your parents instead — they know what to do. Making plans to meet your Internet buddies in real life is usually a bad idea. If you decide to do it anyway, have your parents help make the plans and go with you. Don't open up e-mails, files or Web pages that you get from people you don't know or trust. The same goes for links or URLs that look suspicious — don't click on them. Don't give out your password, except to responsible adults in your family. Be honest about your age. Membership rules are there to protect people. If you are too young to sign up, do not attempt to lie about your age. Talk with your parents about alternative sites that may be appropriate for you Student Signature _______________________________________________________ Grade __________________ Print Student Name _________________________________________________________ Parent Signature(s) _________________________________________________________ P a g e | 29 Technology Policy for Social Media “THE NEW DIGITAL TECHNOLOGIES ARE, INDEED, BRINGING ABOUT FUNDAMENTAL SHIFTS IN PATTERNS OF COMMUNICATION AND HUMAN RELATIONSHIPS. THE DESIRE FOR CONNECTEDNESS AND THE INSTINCT FOR COMMUNICATION THAT ARE SO OBVIOUS IN CONTEMPORARY CULTURE ARE BEST UNDERSTOOD AS MODERN MANIFESTATIONS OF THE BASIC AND ENDURING PROPENSITY OF HUMANS TO REACH BEYOND THEMSELVES AND TO SEEK COMMUNION WITH OTHERS. IN REALITY, WHEN WE OPEN OURSELVES TO OTHERS, WE ARE FULFILLING OUR DEEPEST NEED AND BECOMING MORE FULLY HUMAN. LOVING IS, IN FACT, WHAT WE ARE DESIGNED FOR BY OUR CREATOR.” Pope Benedict XVI Message for the 2010 World Communications Day Procedure Number Issue Date Effective Date 001-2012 7/26/12 8/1/10 Replace No. Issued Date Page SUBJECT Issued By Authorized By Social Media Policy JEJ Bishop McFadden DIOCESE OF HARRISBURG HUMAN RESOURCES POLICY & PROCEDURE MANUAL P a g e | 30 I. INTRODUCTION “THE NEW COMMUNICATION MEDIA, IF ADEQUATELY UNDERSTOOD AND EXPLOITED, CAN OFFER PRIESTS AND ALL PASTORAL CARE WORKERS A WEALTH OF DATA WHICH WAS DIFFICULT TO ACCESS BEFORE, AND FACILITATE FORMS OF COLLABORATION AND INCREASED COMMUNION THAT WERE PREVIOUSLY UNTHINKABLE. IF WISELY USED, WITH THE HELP OF EXPERTS IN TECHNOLOGY AND THE COMMUNICATIONS CULTURE, THE NEW MEDIA CAN BECOME – FOR PRIESTS AND ALL PASTORAL CARE WORKERS – A VALID AND EFFECTIVE INSTRUMENT FOR AUTHENTIC AND PROFOUND EVANGELIZATION AND COMMUNION.” Pope Benedict XVI – The Priest and the Pastoral Ministry in the Digital World Message for the 2010 World Communications Day II. BACKGROUND The Diocese of Harrisburg offers the following policies, procedures and guidelines to ensure the use of technology is safe for all the Faithful. These provide ministers, employees, and volunteers appropriate boundaries for using technology within their personal, spiritual, and social relationships with others. The utilization of social media communications should support one or more of the following purposes: education, evangelization, and ministry. III. POLICIES 1. Church and Ministry Websites Content posted in these sites must consistently represent the teachings of the Magisterium of the Catholic Church. A minimum of two adults, functioning with administrative capacity, are to have full access to all accounts/site(s). All communication between webmasters and visitors to the site is to be done through the organization’s email, not personal or private e-mail accounts. Photographs and information of parish, school, or staff, volunteers that appears on any page of the official ministry site must pertain directly to the church and/or related ministry. Only photos and information regarding parish or school volunteers or staff are to appear on any page/site, with the exception of photos and information regarding events or programs. Websites are not to contain personal and/or contact information about the youth associated with the ministry/parish. Written permission must be obtained prior to posting photographs, and/or other identifying information of minors/youth on websites. When posting photographs of minors/youth, only use the individual’s first name. P a g e | 31 Parents are to be informed, in writing, of the use of any photographs that are posted to any public internet site. Parents are required to sign a release form allowing such postings. A sample release form is available on the diocesan Internet site. The release must be maintained on file in the parish or school for at least two years after the photo has been removed from the site or posting. 2. Social Networking & Social Media All users of this media are to treat others with Christian charity and civility; this includes: dignity, respect, courtesy, integrity and patience. Harassment or online bullying (“cyber-bullying”) that includes humiliation, intimidation, ridicule, threats, and/or degradation on the part of minors/youth towards other minors/youth or by adults toward minors/youth and minors/youth toward adults will not be tolerated and may be reportable to civil authorities. A minimum of two adults are to be appointed to administer/manage the social networking site(s) used in conjunction with a Church ministry and institutions connected to the Diocese of Harrisburg. Sites used in conjunction with ministry are to be named to in a way that reflects the professional/ministerial relationship and purpose; official parish and school sites and accounts should be identified as the official site of the parish or school. All posts are to be Church or parish oriented. All posts and comments should be marked by charity and truth. They should be on topic and presume the good will of other posters. Discussion should take place primarily from a faith perspective. Posts that do not reflect these criteria should be deleted by the site administrator. Passwords and names of sites should be registered in a central location, and more than one adult should have access to this information. Passwords should be safeguarded by adult administrators to avoid the temptation for mischief. Postings or opinions are to consistently represent the teachings of the Magisterium of the Catholic Church. The organizational logo and/or standard images are to be on the site. This visibly indicates that the site belongs to the organization and not to an individual. Efforts are to be taken by those in ministry of the parish to ensure that minors/youth avoid posting any personal information about themselves that would assist in the following: The determination of the minor/youth physical location Information that could be used to manipulate the minor/youth Information that could do psychological harm or ruin reputations and future prospects of others (both adult and peer) P a g e | 32 Site(s) are to be monitored by organizational personnel in cases of emergency by the minor/youth. If minors/youth are to engage in blogging as a part of an officially sanctioned activity, such activity must be monitored by at least two adults. It is preferred that posts be approved by at least one of these adults prior to posting. Minors/youth are to identify their comments through the use of their first name or nickname only. No minors/youth are to be identified by full name or other personal information such as email addresses or phone numbers. Blog administrators are to edit names to ensure full identities of youth/adults are not revealed. 3. Communications Clergy and lay employees working with minors/youth are to use only organizational email rather than personal email accounts. Any use of live streaming or chat rooms that support or encourage exclusive relationships between adults and minors is forbidden. When posting videos online, extreme care is to be taken to protect the privacy of minors/youth. Videos are only to be utilized to promote ministerial activities. 4. Intellectual Property and Copyright Code of Conduct IV. No one is to copy unauthorized, copyrighted material including, but not limited to, digitization and distribution of photographs from magazines, books or other copyrighted sources, copyrighted music, and the installation of any copyrighted software for which the Diocese of Harrisburg or the end user’s employer does not have an active license. End-users accessing the Internet are to conduct themselves honestly and appropriately on the Internet, and respect the copyrights, software licensing rules, property rights, privacy, and prerogatives of others just as they would in any other business dealing. PROCEDURES 1. Social Networking & Social Media Clergy, employees, and volunteers are to avoid using email, texting or instant messaging for any confidential matter. Professional, ministry-based blogs are only to be used to promote events or programs and for the purposes of administrative coordination, evangelization, teaching, or sharing of information directly related to parish or school activities. Only administrators of the site(s) or account(s) may address a member’s behavior “offline.” These offline conversations can be conducted in P a g e | 33 person, over the telephone, or through organizational email. Site administrators are to contact appropriate church personnel indicating that such conversation has taken/will take place. If possible, administrators of the site(s) are to configure an alert feature so as to be notified when a posting has taken place, in order to in monitoring postings and responding to any inappropriate content. 2. Email, Texting and Instant Messages Care should be taken to maintain professionalism in all communication that is between employees, vendors, volunteers, and minors/youth. Use clear and concise language in order to avoid communications that could be misconstrued or misinterpreted. 3. Video and Chat Rooms V. Participants in recorded events must be notified in advance. GUIDELINES 1. Social Networking & Social Media Administrators of the site(s) are to educate minors/youth about the potential dangers and consequences of publically divulging personal information, such as: his/her full name, age, phone number and/or address. If this occurs, an administrator is to remove the post promptly if possible. Otherwise, an administrator is to ask the minor’s parent to have the minor remove the post. Church personnel are to be aware that parents might not know how to use the technology that their children do. Before material is sent to minors/youth, parents should be asked in what form (print, e-mail, etc.) they would like a copy of what is sent to their children. 2. Email, Texting and Instant Messages Church personnel are to be encouraged to save copies of conversations whenever possible, especially those that concern personal communication with a minor or young adult. 3. Intellectual Property and Copyright Code of Conduct Do not cite others, posts, or link to their material or to photos or videos of them, without their approval. 4. Video and Chat Rooms Streaming video is to be used for education, communication, and promotional purposes only. P a g e | 34 VI. RESOURCES Diocesan Diocese of Harrisburg Computer End User Policy Diocese of Harrisburg Code of Conduct for Clergy and Those in Formation for Priesthood or Diaconate Diocese of Harrisburg Code of Conduct for Adult Employees and Volunteers Code of Conduct for Minors in Youth Activities Other A Parents’ Guide to Facebook by Anne Collier and Larry Migid found at: http://www.connectsafely.org/Safety-Advice-Articles/facebook-forparents.html Social Media Guidelines - United States Conference of Catholic Bishops found at: http://www.usccb.org/comm/social-media-guidelines.shtml Digital Youth Research … Kids Informal Learning with Digital Media found at: http://digitalyouth.ischool.berkeley.edu/report P a g e | 35 ATTESTATION: I have read the Diocese of Harrisburg’s Technology Policy for Social Media. I understand the terms of this policy and agree to abide by them. I acknowledge that any violation of these policies could lead to disciplinary action up to and including termination of employment and/or criminal prosecution. Signature: Printed Name: Date P a g e | 36 Glossary Web Tools and Technologies Web tools and applications are about users and content, instead of just surfing on the Internet. It's about what the Internet can do for an active collaborator, rather than a passive viewer. One major advantage of Web tools is that the majority of them are free. Podcasting If an individual was interested in video games, they might search a podcast submission Web site (like Podcast.net) and download an audio review of a game to listen to on their computer. A Podcast is syndicated audio, or video produced by traditional media such as radio and television or by individuals passionate about a particular subject. Blogs They may then decide to comment about this audio review on their Blogger or Wordpress blog. A blog or Weblog, is a chronological, online diary. Individuals can subscribe to a person's blog, which allows them to read it and to write comments in response to blog posts. RSS If this weblog has an RSS feed in place, subscribers to the blog can choose to be automatically notified of this new blog post. RSS (or Really Simple Syndication), is a method for delivering regularly changing Web content. Many blogs and Internet publishers syndicate their content as an RSS Feed to allow people to subscribe to it easily. Social Bookmarking This individual may decide that they would like more people to be able to see and remark on the blog post. They could do this by submitting the blog post to a social bookmarking site like Del.icio.us. Social bookmarking sites are Web sites that allow shared lists of user-created Internet bookmarks to be displayed and commented on. Social bookmarking sites allow you to organize your bookmarks by allocating a number of 'tags' to them. This makes it easy for other people who may be interested in a particular group to find related bookmarks. Social Networking People who visit the bookmark site for this 'games review' tag are likely to see your bookmark. As more people find your bookmark and comment on it, you'll find yourself part of a collection of people who have a shared interest in video games - You are now 'social networking'. The above is from: http://www.webreference.com/promotion/web20/