Andy Deacon, Pre Sales Manager UK & I, LogPoint
There are lots of different reasons why you might need to consider safeguarding, but how does it affect your organization, what are your obligations ? It could be mandated via industry guidance, regulation or legislation. Maybe it’s more moralistic or driven by social responsibility. Whatever the motivations are, it can be a difficult subject to tackle. Especially in cyberspace, with often very technically adapt individuals as the subjects of your safeguarding responsibilities.
What is Safeguarding?
Essentially it is Preventing and Protecting individuals in your care, or potentially employment, from exposure to materials that may cause themselves or other individuals to come to harm; either mentally or physically.
What does it mean for IT?
From an IT security prospective, we may think that by blocking access to particular material online it’s enough. in reality, if someone really wants to access the information they will typically find a way. However, if that’s not through the organizational network or through supplied devices then it’s not your concern – Right?
It could be argued you have taken all the steps you could to stop access to that information. Therefore if something happens outside of your organization relating to that individual successfully accessing, and then acting upon, the information you may well be right in thinking you did all you could….
Morally, is this where we as IT professionals, teachers, governors should draw the line and say we did enough? When we consider where that line is, what is driving that decision? Is it purely philanthropic?
With the right tools in place, and a clear understanding of the safeguarding aims, we can do a little more than just the bare minimum. Monitoring of individuals online data is always undertaken with trepidation, but is it the monitoring of that individual’s activity and balancing that with their right to privacy that should concern us, or the ways this could potentially restrict academic endeavour, discussion and debate of controversial topics.
In order to get the balance right we need to have grown up discussions, understand who we are safeguarding and what are the dangers we need to be looking out for. Do we want to restrict access to researchers or teachers looking up information on controversial topics? No. But we might want to stop and be aware of people accessing that information for other reasons. Where possible we need to understand what that individuals motivations for accessing that information might be, using this information to define our policies and actions. What is acceptable for our own organizational functions and roles.
Part of how we can achieve this is through leveraging the power of Big Data analytics and Machine Learning. Correlating what the activity is with what we might know about that individual.
We know someone accessing self-harm forums could be a potential flag, but what is the context?; By understanding who that individual is, are they the welfare officer or are they a student, we provide context. Adding other key metrics like how many times have they tried to access that type of information, what key words are they searching for, we can make informed decision – quickly and efficiently.
With the power to view this context comes responsibility. We need to make sure that this data is only accessed by the relevant individuals, the people who can react, such as those responsible for safeguarding. These individuals rarely sit within the IT function, so we need to have the tools that allow IT to become facilitators of information without having access to the specific data. Only then can we really start to tackle the challenge of safeguarding.
Why not get in touch with your local account manager at LogPoint and find out more about how we can help you confidentially monitor, report and conform to your safeguarding requirements