Strengthening Highlights and preventing student loopholes Follow
The Google Chrome landscape is constantly changing. This page summarizes recent changes to the Highlights installation guide that can be used to strengthen your existing Highlights installation.
In this article
- Important links
- Disable Incognito Mode For Students
- Restrict third party Apps or Extensions
- Prevent students from using Chrome Task Manager
- Prevent access to Chrome Developer Tools
- Prevent students from using multiple Google accounts
- Force students to login to their Chrome Browser session
- Disable Guest Mode
- Prevent students connecting through non-school networks
- Prevent students from using bookmarklets
Important links
Disable incognito mode for students
Hāpara Highlights functions through a Google Chrome extension. When Chrome is in incognito mode, the browser does not load any extensions. We recommend preventing students from being able to launch Chrome in Incognito Mode to ensure the Highlights extension is always loaded:
admin.google.com > Devices > Chrome Management > User & browser Settings
Search for the Incognito Mode drop-down menu and select the Disallow incognito mode option. This option can be applied to only student OUs, allowing teachers to utilize incognito mode.
Restrict third party apps or extensions
Some apps and extensions can be used to stop Highlights and other extensions from working correctly. Such apps and extensions need to be blocked. Hāpara strongly recommends blocking the following extensions:
The instructions on how to do this are here.
Prevent students from using Task Manager to end processes
Students can use the Chrome Task Manager to end processes - including the Highlights extension. Hāpara recommends disabling this ability via:
admin.google.com > Devices > Chrome management > User & browser settings
Search for Task Manager and set the policy to disable the ending of processes.
Turning on this setting for student domains will increase the robustness of Highlights in the face of student interventions.
This policy became available in August 2016 and applies to Chromebook devices running version 52 and above. This policy does not apply to Windows, Mac devices using a Chrome Browser.
Prevent students using developer tools to end processes
Students can use the Chrome Developer Tools to inspect, break and end processes - including the Highlights extension. Hāpara recommends disabling this ability via:
admin.google.com > Devices > Chrome Management > User & browser Settings
Search for Developer tools and set the policy to Never allow the use of built-in developer tools.
Turning on this setting for student domains will increase the robustness of Highlights in the face of student interventions.
Prevent students from using multiple Google accounts
To provide a consistent and positive Hāpara experience, it's important that policies set in the Google Admin Console apply to all students. Preventing students from signing into multiple Google accounts at once on their Chromebook will decrease avoidance of these set policies.
See the full article detailing how to prevent students from using multiple Google accounts here.
Force student Chrome Browser login by default
By default, students are able to log into other Google Accounts within the Chrome Browser. This can enable students to avoid visibility
Using the G Suite Admin Console, an administrator can set the policy to force students to log in to their browser:
admin.google.com > Devices > Chrome Management > User & browser Settings
- Search for the Browser sign-in settings
- Select Force users to sign-in to use the browser:
Disable Guest Mode
Students can log in via Guest Mode and avoid Highlights visibility if this option is enabled. Hāpara recommends disabling Guest Mode for students via:
admin.google.com > Devices > Chrome Management > Device Settings
Search for the Sign-in Settings heading, and under the Guest Mode drop-down menu, select Disable guest mode.
Prevent students from connecting to non-school networks
Hāpara recommends IP restrictions when using Highlights, this allows visibility of student devices only while they're connected to the specified school networks.
However, if students connect to another network outside the specified IP ranges, like a guest network or personal WiFi hotspot, they may bypass Highlights visibility.
In the G Suite Admin console, you can configure your device policies to restrict network connectivity under Device Management > Network > General Settings.
See the full Google Restrict networks and network interfaces support article here
Preventing students from using bookmarklets
Google has recently released a change which will allow domain administrators to block users from using Bookmarklets in order to get around Hāpara Highlights. Bookmarklets are bookmarks stored in a web browser that contains JavaScript commands that add new features to an existing browser.
admin.google.com > Device Management > Chrome Management > URL Blacklist > Add
Google implemented this update in April 2018 for Chromebook devices running Chrome OS version 73 and above. This policy does not apply to Windows, Mac or other devices. To update a student's Chromebook, please see the instructions here.