Educational CyberPlayGround ®☰ Menu

best practices

 

alt tags are first and foremost for accessibility.
But Google and screen readers look at the same meta data, they just consume it differently. So alt tags do play a large part in SEO. With that said, I've never seen a hard limit on alt tags character counts like you have page titles, in fact I've seen references to 16 words in this field a couple of times, however if you need more than 140 characters to describe the image. It's not alt text.

Google itself urges that alt text should be written for accessibility:

Here are the official accessibility guidelines: https://www.w3.org/TR/WCAG20/

Make the W3C's Web Accessibility Initiate your first place to go for advice on accessibility. https://www.w3.org/WAI/

User-friendly: FREE--guide to writing Alt-text from the Social Security Administration. It's a great, well-written reference. FYI, SSA was one of the first government agencies to work on accessibility for barrier-free workplaces, equal-employment issues, as well as ICT/digital content in 1990s, long before Sec. 508 was even passed.

 

2016 California Data Breach Report Defines “Reasonableness” Standard for Data Protection - JD Supra #InfoSec

2016 Apple and Cisco acknowledge that 2.4GHz Wi-Fi is too unreliable and crowded
The document, which was released on February 3, is targeted at enterprises and details best practices for Wi-Fi networks supporting iOS devices, but we can take that advice to the home too. It says that “both Cisco and Apple’s joint recommendation [is that] the use of the 2.4 GHz band is not considered suitable for use for any business and/or mission critical enterprise applications.” 2.4GHz Wi-Fi, which is basically universally used by default in most devices, is a nightmare. That’s especially pronounced in urban environments like apartment buildings where the available channels are so crowded that speed is significantly impacted. And that’s not even including the fact that home appliances like microwave ovens can interfere with your speed. It’s almost impossible to get real performance out of the standard anymore, with most channels littered with hundreds of noisy Wi-Fi networks — mostly because people don’t know how to enable the more powerful 5GHz band.

American Institutes for Research,
1000 Thomas Jefferson St., NW, Washington, DC 20007
U.S. Department of Education, Office of Special Education Programs

508 CODE TOOLS TO TEST USABILITY AND COMPLIANCE

508 COMPLIANCE AND CONFUSION
Federal Government Webmasters Rules for usability, the Law makes all big websites accountable.

Special Needs Guidlines for Deaf, Autisim, ADD, ADHD, LD, Dyslexia and Gifted

WebContent.gov Best practices for content and design for Best Practice Web governance best practices

National Educational Computing Conference

The K-12 Online Conference invites participation from educators around the world interested in innovative ways Web 2.0 tools and technologies can be used to improve learning. This FREE conference is run by volunteers and open to everyone. http://k12onlineconference.org

The National Guild of Community Schools of the Arts and article

National Governors' Association & NGA Center for Best Practices
444 N. Capital Street, Suite 267
Washington, DC 20001-1512
Phone: (202) 624-5300
Publications: (301) 498-3738
Internet: http://www.nga.org/

BITAG is a non-profit, multi-stakeholder organization focused on bringing together engineers and technologists in a Technical Working Group (TWG) to develop consensus on broadband network management practices and other related technical issues that can affect users’ Internet experience, including the impact to and from applications, content and devices that utilize the Internet ecosystem. BITAG’s reviewed:

  • IPv6 Whitelisting
  • Large Scale Network Address Translation.
  • best practices for mitigating SNMP DDoS Attacks.
  • Port Blocking best practices

The practical reality is that blocking of Internet port numbers, either short or long term, is a common technique used by network providers, and often attributed to a variety of security concerns.

  • why ports are blocked
  • which ports are blocked
  • disclosure of port blocking policies
  • how such policies may affect applications
  • possible workarounds for impacted ports and applications.


Security bug bounty program. Our goal is to reward security researchers who follow responsible disclosure principles and proactively reach out to us if they’ve identified a vulnerability which would impact the safety of our marketplace or members. We believe that this is industry best practice.

2012 Critical infrastructure Security
The private sector is not telling the government about its vulnerabilities, and government is also keeping threat and vulnerability information from the private sector. ICS Cyber Security Conference about a nuclear power plant's possible vulnerabilities to cyberattacks were cut at the last minute, after an equipment supplier to the plant threatened to sue. The unnamed vendor reportedly said the presentations would have revealed too much about its equipment, even though the plant's officials had approved the presentation. The threatened suit was not an isolated instance. Those at the conference were also told that "a security firm that had uncovered the
thousands of pieces of control equipment exposed to online attacks did
not tell U.S. authorities where they were installed because it feared
being sued by the equipment owners.
Meet the network operators helping to fuel the spike in big DDoS attacks

SoftLayer, GoDaddy, AT&T, and iWeb make a list of top 10 most abused networks. 2012
A company that helps secure websites has compiled a list of some of the Internet's biggest network nuisances—operators that run open servers that can be abused to significantly aggravate the crippling effects of distributed denial-of-service attacks on innocent bystanders.

DDoS attacks aka DNS amplification, relies on open domain name system servers to multiply the amount of junk data attackers can direct at a targeted website. By sending a modest-sized domain name query to an open DNS server and instructing it to send the result to an unfortunate target, attackers can direct a torrent of data at the victim site that is 50 times bigger than the original request.
CloudFlare engineers determined attackers were abusing the open DNS resolvers belonging to a variety of large network operators. Many of these are well-known brand names: US-based SoftLayer, GoDaddy, AT&T, iWeb, and Amazon. The CloudFlare engineers compiled a list of the networks hosting the open DNS servers and ranked them by those responsible for the most damage. With 68,459 unique open resolvers participating in the ongoing attack, there was plenty of blame to go around. The list names networks located on every corner of the globe, including those owned by Amazon, Turk Telekomunikasyon Anonim Sirketi, and Nepal Telecommunications Corporation. Still, CloudFlare CEO Matthew Prince found that the top 10 offenders provided 15,611 of those servers—or almost 23 percent of the firepower behind the attack.
The top 10 network operators named by Prince are: PKTELECOM-AS-PK Pakistan Telecom Company Limited; HINET Data Communication Business Group; CRNET CHINA RAILWAY Internet(CRNET); THEPLANET-AS - ThePlanet.com Internet Services, Inc.; CHINANET-BACKBONE No.31, Jin-rong Street; SOFTLAYER - SoftLayer Technologies Inc.; OCN NTT Communications Corporation; AS-26496-GO-DADDY-COM-LLC - GoDaddy.com, LLC; ATT-INTERNET4 - AT&T Services, Inc.; and IWEB-AS - iWeb Technologies Inc.
"Wonder why there's been an increase in big DDoS attacks?" Prince wrote in a blog post published on Tuesday. "It's in large part because the network operators listed above have continued to allow open resolvers to run on their networks and the attackers have begun abusing them." Frequently, the advisories fall on deaf ears. "One of the great ironies when we deal with these attacks is we'll often get an e-mail from the owner of the network where an open resolver is running asking us to shut down the attack our network is launching against them," he explained. "They're seeing a large number of UDP packets with one of our IPs as the source coming in to their network and assume we're the ones launching it. In fact, it is actually their network which is being used to launch an attack against us."
Representatives of all four US-based companies responding operators stressed the issue of open, "recursive" DNS servers as a security issue and the difficulty of ensuring each DNS server running on their network is secured properly, in large part because improper configurations are often the result of decisions made by paying customers. "As an unmanaged hosting provider, SoftLayer does not make proactive direct changes to our customers' servers," said Ryan Carter, a manager in the abuse department at SoftLayer. "These customers are able to run their own authoritative name servers on their servers, and they're able to configure them for resolvers. DNS is the hardest simple protocol out there because so many people have no clue what it is or how it works. Instead of learning the best practices of DNS management, they'll take the path of least resistance to just get the functionality online." Open resolvers are vulnerable to multiple malicious activities and... the best practice is to prevent open resolvers. So when we detect open resolvers on our network we recommend to our users to follow the best practices. It is not that easy because the DNS products can sometimes default to open resolver when installed, and customers need to tweak the configurations to limit DNS resolution." If you're a manager at one of above-named operators—or at any of the almost 4,000 other operators named in the complete list, you might think about getting a hold of someone at CloudFlare. They'll be happy to help you make the Internet a more secure place by restricting access to your DNS servers.


The State Database
provides resources on a number of topics related to response to intervention (RTI). The resources, which range from policy documents and briefs to trainings and tools, were developed by states, districts, or territories, in the U.S. who are in different stages of implementing Response to Intervention.

NIST Updates Computer Security Guides
Guidelines focus on wireless security and protecting mobile devices from intrusion.

The Center for Best Practices in Early Childhood Education
The Center for Best Practices in Early Childhood Education is an umbrella title for a group of three state-funded and six federally-funded grant projects that deal with young children with disabilities, their families and teachers.

Community Management Best Practices
Build on what you have:
carleton.edu
Invite people to join the social networking groups you have. Post on the social networking groups about the opportunities for Alumni/Alumnae to recruit students.
https://apps.carleton.edu/carletonian/
Have a student and alumni resume database that alumni can search for free. Post on the social networking groups about athletes and musical groups that tour and where they will be when.

Apple - iCloud
Ultimately, iCloud security is a matter of trust between individual users and Apple. As confirmed by industry experts, Apple takes a number of precautions to prevent unauthorized access to user data by third parties, but those precautions don't secure your data from Apple itself. If you require—or simply want—greater assurance than that, turn off whatever iCloud features you don't need. One day, mobile device vendors and cloud service providers will be able to build a user-accessible infrastructure to support asymmetric PKI encryption, but that day is not today.


2012 Social Networking Benchmark
Report was just released and provides a good overview of how nonprofits are utilizing social media to brand themselves online, connect with new supporters, and raise money. I wrote up the key highlights here in case you don't have time to read the 40 page report this morning (though you should at some point soon BTW because it has awesome data). http://goo.gl/5GiIZ
One of the data points that I think will interest you is - are nonprofits aren't raising any money via social media (majority aren't fundraising). But for the 46% who are the study noted that the average value of a Facebook "Like" over 12 months following acquisition is about $214.81. And that the average acquisition for a Facebook "Like" is $3.50 and $2.05 for a follower on Twitter.

TCP and Internet Safety Task Force Release Report About Keeping Children Safe Online
An Internet safety task force, which includes representatives from The Children's Partnership, Verizon, Comcast, Cox, Google, Yahoo!, AOL, Symantec, Common Sense Media, the Internet Keep Safe Coalition (iKeepSafe), the National Parent-Teacher Association, and the Family Online Safety Institute, has issued a report about ways to improve online safety for children. The report, titled "PointSmart.ClickSafe: Task Force Recommendations for Best Practices for Online Safety and Literacy," focuses on three areas: education before a child goes online, control while the child is online, and having established procedures if problems do arise. The report offers best practices in cyber safety, as well as recommends ways that policymakers and industry leaders can help to increase Web safety and security for children. "Children need to learn how to use technology efficiently, effectively, and ethically so that they can participate fully in social, economic, and civil life in the digital age," the report states. To read the report, visit pointsmartreport.org/

FERPA 101 For Educators. This downloadable PDF introduces educators to the basics of the Family Educational Rights and Privacy Act and suggests ways to clearly communicate smart uses of data

 

© Educational CyberPlayGround ® All rights reserved world wide.