This guide is intended to help schools and districts that wish to implement a more secure and structured approach to using Flint AI K-12 within a school-controlled environment. It outlines optional best practices for restricting access to other large language models (LLMs) such as ChatGPT, Bard, Claude, etc during school hours.
📝 Split-Access Process Summary:
Regular browser access blocks all LLMs, including Flint.
A dedicated, locked-down browser, gives students secure access only to Flint.
🔒 Important Note:
These measures are entirely optional and are not required to use Flint AI K-12.
Flint AI K-12 is already a secure, GDPR-compliant, and student-appropriate platform out of the box.
This lockdown model is only for schools who want to add an extra layer of access control during school hours.
These strategies apply only to school-managed devices and networks. Flint cannot prevent students from accessing other LLMs on personal devices, home networks, or unsupervised systems.
This guide includes detailed instructions for Chromebooks, Windows devices, iPads, and MacOS, as well as helpful third-party video tutorials.
✅ Step-by-Step Guide
Click on the arrow next to the number to see more information.
1. Host Flint on a Secure, School-Controlled Page
1. Host Flint on a Secure, School-Controlled Page
Purpose: Your school creates its own private webpage just for Flint. This makes sure students always go to a trusted, school-approved spot, preventing them from finding other public AI tools.
Action: Create a custom subdomain for Flint access (e.g.,
ai.schoolname.k12.us/flint). Deploy Flint via this page and ensure it's the sole entry point for students.
2. Allowlist Flint AI and Block Other LLMs
2. Allowlist Flint AI and Block Other LLMs
Purpose: Imagine your school's internet as a gatekeeper. This step tells the gatekeeper to let Flint AI through, but block all other major AI tools like ChatGPT.
Action: Use web filters (like GoGuardian, Securly, Lightspeed, or Cisco Umbrella) to allow access to Flint domains and block popular LLM domains such as
chat.openai.com,bard.google.com,claude.ai,poe.com, and any other known public AI access points.
3. Device Specific Split-Browser Access Model 💻🪟📱🍏
3. Device Specific Split-Browser Access Model 💻🪟📱🍏
Purpose: This means devices have two modes: a regular Browse mode where all AI tools are blocked, and a special, locked-down mode specifically for using Flint.
Action:
General Profile (Block All LLMs + Flint): Configure devices to block access to ChatGPT, Bard, Claude, Poe, and also
flintk12.comfor regular use. Push safe Browse and extension control policies.Kiosk Mode (Flint-Only Access): Set up a dedicated "kiosk" mode that locks the device to only access Flint, disabling other features like keyboard shortcuts and tab switching. Pair with monitoring tools for oversight.
🔒 DEVICE-SPECIFIC INSTRUCTIONS
💻 Chromebooks
💻 Chromebooks
General Profile (Block All LLMs + Flint)
In Google Admin Console:
Block access to ChatGPT, Bard, Claude, Poe
Also block
flintk12.comPush safe browsing and extension control policies
Kiosk Mode (Flint-Only Access)
Set up Kiosk Mode with a dedicated Flint app or URL
Lock the Chromebook to only access Flint
Disable keyboard shortcuts and tab switching
Pair with GoGuardian or Lightspeed for monitoring
🪟 Windows Devices
🪟 Windows Devices
Standard User Profile
Purpose: Your school creates its own private webpage just for Flint. While this isn't strictly required for Flint to work, it ensures students always go to a trusted, school-approved spot, giving your district additional control and preventing them from finding other public AI tools.
Action: Create a custom subdomain for Flint access (e.g.,
ai.schoolname.k12.us/flint). Deploy Flint via this page and ensure it's the sole entry point for students.
Assigned Access / Kiosk Mode
Create a dedicated user account (e.g.,
FlintUser)Use Assigned Access to launch Edge or Chrome in full-screen kiosk
Lock navigation to Flint only
Disable switching, Task Manager, hotkeys
Consider using Safe Exam Browser for assessment-like lockdown
📱 iPads (iOS)
📱 iPads (iOS)
General Profile (Block LLMs + Flint)
Use Apple School Manager + MDM (Jamf, Mosyle, etc.)
Block ChatGPT, Bard, Claude, Poe, and Flint
Guided Access (Flint-Only Mode)
Open Flint in Safari or Flint web app
Triple-click side or home button to enable Guided Access
Lock student into the app/session
Prevent switching, touch input, or exit without passcode
🍏 MacOS (Safari/Chrome)
🍏 MacOS (Safari/Chrome)
General Profile (Block Flint + Other LLMs)
Use Apple School Manager with an MDM like Jamf or Mosyle to:
Block Flint and other LLM domains on Safari or Chrome
Lock allowed domains and restrict app installation
Disable keyboard shortcuts and restrict access to system preferences
Flint-Only Access (Locked Mode Using Guided Access for Macs)
Set up Screen Time + Web Content Restrictions:
Go to System Settings > Screen Time > Content & Privacy
Limit access to only Flint’s domain
Restrict access to Siri, Spotlight, and other apps
Alternatively, use third-party tools like SimpleMDM or Jamf to lock Macs into Flint web access only
4. Enforce Browser Restrictions
4. Enforce Browser Restrictions
Purpose: These are extra rules for web browsers to ensure students can't get around the filters or use features that might bypass security.
Action: Push Chrome/Edge policies to:
Disable Incognito Mode
Block Extensions
Force SafeSearch
Allow only Flint URLs.
Implementation Notes
This guide offers general recommendations for IT teams to further enhance security and control over device access for Flint AI K-12. Flint AI K-12 is built with robust security and privacy-by-design principles. The steps outlined here are supplementary, designed to help you:
Create a highly controlled and focused learning environment.
Prevent access to other large language models (LLMs) from school devices and networks.
Streamline access to Flint AI K-12 as your approved educational AI tool.
⚠️ Please Note: Flint AI K-12 is not responsible for the functionality or outcomes of third-party software, hardware, or services referenced (e.g., web filters, MDMs, or external video tutorials). The successful implementation and ongoing maintenance of these supplementary security measures are solely the responsibility of your school or district's IT team. Your team must thoroughly test all settings and regularly review policies to ensure compliance with your specific environment and all applicable regulations. Flint AI K-12 cannot be held liable for any issues arising from the use or misuse of the information in this guide.