Victoria’s Department of Education is expanding its monitoring of devices’ internal traffic from staff to students' own devices at a number of schools. The department allready monitors staff this way.
The expansion will result in Zscaler SSL root certificates being installed on not only school-provided devices, but students’ personal devices if they connect locally to a school network.
The certificate allows student browser traffic to be decrypted for inspection, while still presenting to the user as if they were protected.
Organisations use Zscaler to surveil users’ web browsing and online activity, protect against the deliberate or accidental transmission of confidential data, and detect malware hiding in HTTPS traffic.
A Department spokesperson said the Zscaler application is used on all Department-owned computers and devices as part of cloud-based security measure when accessing the internet, and that the certificate acts as an extra safety measure by helping to determine if a website is safe to open while using the school’s internet. “The health and safety of all staff and students is the Department’s top priority. This includes being safe online,” the spokesperson said.
Electronic Frontiers Australia chair Justin Warren told iTnews Zscaler creates as many security threats as it resolves and is a grave violation of students’ privacy. Warren said students should be trained in security awareness and how to make their own decisions about risks.
CyberBeat is a grassroots initiative from a team of producers and subject matter experts, driven out of frustration at the lack of media coverage, responding to an urgent need to provide a clear, concise, informative and educational approach to the growing fields of Cybersecurity and Digital Privacy.
If you have a story of interest, a comment, a concern or if you'd just like to say Hi, please contact us
We couldn't do this without the support of our sponsors and contributors.