Category Archives: alternative technology

There’s many a slip twixt the cup and the lip

“You can please some of the people all of the time, you can please all of the people some of the time, but you can’t please all of the people all of the time”.”
― John Lydgate

BETT always provides something to talk about and this year has been know different. Whether it is announcing to 500 people at a TeachMeet that you and your wife are having a baby (and using Skitch on the scan!) through to the content of some of the seminars on stands.

One of the final sessions today was on the Google stand by Dan Leighton, Director of Technology at The Grammar School in Leeds, where he was basically covering about change in tech in Education. His slide deck is available here.

And a quick note for reference, the Google stand was directly opposite the EduGeek stand (sponsored by Smoothwall).

And why is that important? Well, as someone with 11 years leading EdTech in schools, Dan covered a number of things but the one picked out by friend at EduGeek was that he put out significant challenge that there are Network Managers who resist and block change, who say things don’t work when they can do and who even do things in a certain way to protect their jobs.

Ouch.

As an advocate for the professional identity of IT Support in schools several members shared the situation with me and I dutifully queried it via Twitter, challenging Google on the stance (as this is linked, to some extant, to the classroom in the cloud).

Google came back and said it was not their stance, apologised and then Twitter conversation sparked up around it.

Context is king here, and after discussing in Twitter it was clear that it was not the challenge about resistance to change but the fact that it appeared a swipe was taken at the whole profession.

The problem is… well… we *all* know the people described above. We have even done it ourselves at times.

Change is a difficult thing and to have someone not in our profession have a go at us for blocking it, well it won’t go down well.

However, there are always two sides. As a friend put it, a different lens. I caught up with Dan on Twitter and then via the phone and it is clear that the intended challenge was not aimed at all and sundry, that he has high regard for technical staff (having work in data centres in product design) and that the large barriers are communication and understanding the other person’s perspective.

An apology on Twitter from Dan, and clarifying that he truly does see a good Network Manager as an amazing resource.

But in conversation with EduGeek friends it has become clear that a wider explanation is needed.

Having not seen the presentation or been in the Q&A I am having to sit on the fence between EduGeek and Dan.

Looking at the points complained about, that all NMs were tarred with the same brush of being blockers, that NMs lie about things not working and that NM resist change to protect their jobs … Dan and I discussed these in refreshing openness.

It was never Dan’s intent to tar everyone with the same brush, to upset or insult. Yes, the issue needed highlighting and if listeners thought it was covering everyone that was not the intent. Apologies have been offered and hopefully accepted.

The challenge that some Network Managers say things don’t work when they do? Yes, that is the case. I’ve done it and have seen plenty others do it. The context though is that this is short hand for, “what you are asking for is Techinical feasible but has significant issues… from the resources (people) taken to set it up, the disruption to all other users, the cost, the reduction in functionality compared to what is already in place, it is not part of the 5 year IT development and maintenance plan…” and so on.

Without people effectively communicating, both sharing information and listening in an open manner, all people will hear is, “computer says no!” Moving to cloud services is not a simple change but that doesn’t mean it should not be looked at by all staff, evaluated and an appropriate decision made. If it is against the recommendations of the IT team and they still resist or refuse then that is a personnel issue, not technology.

Mordac, preventer of IT services was used to demonstrate this (from the Dilbert comic strip) and whilst that may be seen as harsh, most of us would have been viewed as that by others … either because we have not communicated or the others have not listened.

That some NMs resist change to protect their jobs? This is an extremely valid point and this is not something unique to IT in schools. What is sometimes not understood is that the job description any IT staff have is poor. That there is an expectation to know everything about everything with a plug. If you have an established skill set based on what you do in the school, and you are paid accordingly.

Change that skill set, change what you do and your job changes. It is like asking a head of English who also coordinates literacy to become a main scale History teacher because literacy is now part of the Humanities focus. This has become evident through BSF managed services and the push of Single Status. In some places these have reduced experienced and highly skilled Network Managers to the equivalent position of a science technician or HLTA. Their sort of change all depends only the Senior Leadership of the school, and those who value their staff will promote the flexibility of technology change but the security of job and terms. This is not to say schools might not get rid people as tools change. In the same way the ICT curriculum changed and some teachers moved on or subjects no longer get taught, the same will happen for IT teams.

It is not unexpected that some, who have seen others damaged due to school choices, might be resistant and seek security. This is a personnel thing again.

The only way all the works together is by having Network Managers recognised for the expertise and professionalism they bring, Teaches recognised for the expertise and professionalism they bring, effective communication between all concerned and an understanding of how to manage change.

Dan’s presentation and challenge might have pressed some of the wrong buttons for some, but the follow up conversation should show how the challenge is needed for some, should be the norm for others and that no insult needs to be taken on either side if there is concern about the stance of either side.

To Block or Not to Block, that isn’t the question!

With kind permission I am reposting Scott McLeod‘s ‘Dangerously Irrelevant’ Blog Post about 26 Internet Safety Talking Points.

I hope to then follow this up by looking at each point (one a day perhaps) to strip it down and look at both sides of the point.

—————–

For Leadership Day 2012, I thought I would gather in one place many of the talking points that I use with principals and superintendents about Internet safety…

 

  1. Even though they may use fancy terms and know more than you do about their domain, you never would allow your business manager or special education coordinator to operate without oversight. So stop doing so with your technology coordinator.
  2. The technology function of your school organization exists to serve the educational function, not the other way around. Corollary: your technology coordinator works for you, not vice versa.
  3. Mobile phones, Facebook, Wikipedia, YouTube, blogs, Wikispaces, Google, and whatever other technologies you’re blocking are not inherently evil. Stop demonizing them and focus on people’s behavior, not the tools, particularly when it comes to making policy.
  4. You don’t need special policies for specific tools. Just check that the policies you have are inclusive of electronic communication channels and then enforce the policies you already have on bullying, cheating, sexual harassment, inappropriate communication, illicit behavior, etc.
  5. Why are you penalizing the 95% for the 5%? You don’t do this in other areas of discipline at school. Even though you know some students will use their voices or bodies inappropriately in school, you don’t ban everyone from speaking or moving. You know some students may show up drunk to the prom, yet you don’t cancel the prom because of a few rule breakers. Instead, you assume that most students will act appropriately most of the time and then you enforce reasonable expectations and policies for the occasional few that don’t. To use a historical analogy, it’s the difference between DUI-style policies and flat-out Prohibition (which, if you recall, failed miserably). Just as you don’t put entire schools on lockdown every time there’s a fight in the cafeteria, you need to stop penalizing entire student bodies because of statistically-infrequent, worst-case scenarios.
  6. You never can promise 100% safety. For instance, you never would promise a parent that her child would never, ever be in a fight at school. So quit trying to guarantee 100% safety when it comes to technology. Provide reasonable supervision, implement reasonable procedures and policies, and move on.
  7. The ‘online predators will prey on your schoolchildren’ argument is a false bogeyman, a scare tactic that is fed to us by the media, politicians, law enforcement, and computer security vendors. The number of reported incidents in the news of this occurring is zero.
  8. Federal laws do not require your draconian filtering. You can’t point the finger somewhere else. You have to own it yourself.
  9. Students and teachers rise to the level of the expectations that you have for them. If you expect the worst, that’s what you’ll get.
  10. Schools that ‘loosen up’ with students and teachers find that they have no more problems than they did before. And, often, they have fewer problems because folks aren’t trying to get around the restrictions.
  11. There’s a difference between a teachable moment and a punishable moment. Lean toward the former as much as possible.
  12. If your community is pressuring you to be more restrictive, that’s when it’s time to educate, not capitulate. Overzealous blocking and filtering has real and significant negative impacts on information access, student learning, pedagogy, ability to address required curricular standards, and educators’ willingness to integrate technology. It also makes it awfully tough to prepare students for a digital era.
  13. ‘Walled garden’ online environments prevent the occurrence of serendipitous learning connections with the outside world.
  14. If you’re prohibiting teachers from being ‘friends’ with students online, are you also prohibiting them from being ‘friends’ with students in neighborhoods, at church, in volunteer organizations, at the mall, and in other non-school settings?
  15. Schools with mindsets of enabling powerful student learning usually block much less than those that don’t. Their first reaction is ‘how can we make this work?’ rather than ‘we need to keep this out.’
  16. As the lead learner, it’s your responsibility to actively monitor what’s being filtered and blocked and to always reconsider that in light of learning and teaching needs.
  17. If you trust your teachers with the children, you should trust them with the Internet. Addendum: Mistrust of teachers drives away good educators.
  18. If you make it too hard to get permission to unblock something, you might as well not have the option in the first place.
  19. Unless you like losing lawsuits, remember that students and staff have speech and privacy rights, particularly off-campus. Remember that any dumb decision you make is Internet fodder and has a good chance of going viral online. Do you really want to be the next stupid administrator story on The Huffington Post?
  20. When you violate the Constitution and punish kids just because you don’t like what they legally said or did and think you can get away with it, you not only run the risk of incurring financial liability for your school system in the tens or hundreds of thousands of dollars but also abuse your position of trust and send messages to students about the corruption of power and disregard for the rule of law.
  21. Never make a policy you can’t enforce.
  22. Don’t abdicate your teaching responsibility. Students do not magically gain the ability at the end of the school day or after graduation to navigate complex, challenging, unfiltered digital information spaces. If you don’t teach them how to navigate the unfiltered Internet appropriately and safely while you have them, who’s going to?
  23. Acceptable use and other policies send messages to students, staff, and parents. Is the predominant message that you want to send really that ‘the technologies that are transforming everything around us should first and foremost be feared?’
  24. Imagine a scale with two balancing pans. On one side are all of the anxieties, fears, barriers, challenges, and perceived problems that your staff, parents, and community members put forth. If you want effective technology integration and implementation to occur in your school system, it is your job as the leader to tip the scale the other way. Addendum: It is difficult to understand the learning power of digital technologies – and easy to dismiss their pedagogical usefulness – if you are not familiar enough with them to understand their positive affordances.
  25. In a hyperconnected, technology-suffused, digital, global world, you do your children a disservice – and highlight your irrelevance – by blocking out our present and their future.
  26. Educating is always, always more powerful than blocking.

BONUS 1. Elsewhere in your state – perhaps even near you – are school districts that have figured this out. They operate under the same laws, regulations, rules, and procedures that you do. If they can be less restrictive, why can’t you?

A huge thanks to everyone who has influenced my thinking and my writing in this area, including folks like Doug JohnsonSylvia Martinezdanah boydWill Richardson, and Tina Barseghian. I’m sure that I’ve forgotten a few talking points that I’ll just add later. Which one is your favorite (or least favorite)? What would you add to or change on this list?

For other Leadership Day 2012 posts, see the complete list of submissions and/or#leadershipday12.

Early Adoption – do you plan?

It is wonderful to continue to hear about people eager to look at the latest technology and see what a difference it makes in schools … and as an avid early adopter I do have to urge a note of caution at times … even to myself.

It has been interesting to catch up with a few others who are trying out iOS 6 and also having some fun playing / learning about the Raspberry Pi … but the best thing I have seen recently has been around Windows 8, the next system from Microsoft. If you haven’t had a recent read of the Microsoft UK Schools Blog recently then I suggest you pop over to look through the last couple of posts.

With the release of Windows 8 all very imminent it is no surprise that this appears to be a hot topic but I’ll let you into a little secret … I am pretty sure that no-one is expected to have it all up and running for when schools start back in a few weeks. In spite of a lot of access to release previews, healthy discussions on technical sites, serious cogitation by hardware manufacturers … the main point for me has been about awareness raising about what the change to a new system might mean.

If we take the post about chances to learn about Windows 8 then we can see that there are plenty of chances to look at development on Windows 8 (good for those involved in Computing@School) as well as a chance to look at curriculum resources. There is a free eBook available about programming apps on Windows 8 and making your network ready for Windows 8, but the best blog post for me has been the report from IDC about why you should move on from Windows XP.

From an IT Management point of view it is always interesting to see someone stick down figures around how much effort goes into managing and maintaining IT systems. Any form of change, regardless of whether it is for IT or anything else, will also incur a cost. It could be in capital costs (in IT this could be licences, hardware, etc), training, expertise or simply staff time. Balancing out whether you continue with the status quo or invest in making a move is sometimes a difficult choice but the above report from IDC really does hammer out that if you are still using XP now then you need to plan what you are going to do in the near future. They are not saying that you should jump now, but it does give you ammunition to start planning.

In schools this is vital as, no matter how much IT Support plan, it has to go hand-in-hand with how the school will deliver the curriculum, how the school will make use of IT to run on a day to day basis and also how the children respond to the change.

A lot of people have been looking at tablets in education, primarily iPads, and this is another good reason to start looking at what you are doing with technology. The arrival of Windows 8 will allow for schools to consider using iOS, Android, Windows 8 or any combination of the above. Change is inevitable … and it is better to look at it and ride the wave than crash and burn when someone demands something that is not going to work!

And this is the point where the innovators and early adopters are hitting a brick wall. I can remember listening to Ewan McIntosh tweeting that project management stifles innovation … and I can agree with this, because it is hard to push the boundaries of what you can do with tech when you can’t get access to it.

And this is the point where the planners, budget holders and senior leaders raise their head and ask about making sure money invested is done so wisely, that people don’t buy a lot of white elephants (we could dedicate a website to the amount of tech which is bought but never really used) and that what is bought and used actually has an impact and isn’t just there because it is a toy, a plaything, something shiny or because everyone else is using them.

And so we have to get to a compromise.

Early adopters need to have access to tech and they need to try things out. Systems in schools need to allow for some of this to go on but also to hold people accountable for what they are doing.

The report from IDC say that schools need to look at change. It shows that cost of keeping to the status quo (which will rise) and it gives a chance for people to start having ideas about what they need to do in the future. From chatting with various sources working on Windows 8 in education it is clear that testing things with OEM tablet manufacturers will be a good thing to do, running pilots in collaboration with other schools to look at Windows 8 devices, iOS devices and Android devices, comparing the ideas against earlier research on Windows Tablet devices (remember that tablets in education is nothing new … perhaps just improved) and then deciding how to adapt what you do with technology.

With Windows 8 coming out soon and the raft of devices it will generate (including the Microsoft Surface), the ever changing flavours of Android and the upcoming release of iOS6 from Apple … there will be a lot to try and there will be a lot of cross-over between all the different option.

(image from http://www.flickr.com/photos/sdasmarchives/5018415361/)

And the winner is … iOS6

Today was another peak in the circus of an Apple Fanboi!

The Apple World Wide Developer Conference always has some interesting things to see and today’s keynote was no different. There will always be some hype, some disappointment, some pragmatism and some anger … and different people will feel it about different things, even within the realm of Apple Fandom.

To be honest, there was nothing which was too unexpected. We saw some hardware improvements in the Pro notebook range, tweaks in the consumer (albeit expensive consumer) notebook range and a some other hardware updates didn’t make it into the keynote but have come up on the Apple Store. Until we see the new kit in the hands of testers and real people it is hard to say what difference they will make but two key items on the top end MacBookPro are likely to be spoken about a bit … access to 2 Thunderbolt ports give you high speed I/O to a range of devices, from displays, external RAID enclosures, adapters for Gigabit Ethernet / Firewire 800 / fibre channel and a range of capture devices … and you still have a HDMI port for a second display and video output anyway. Couple that with the Retina Display and you have a device for video editors, photographers and so on … giving them one of the best graphics experiences for seeing their work. Of course, the debate goes on about whether some people can notice the difference with screens of this high calibre, and whether this is a marketing gimmick … and so we will have to wait to see what it is like when people start using the machines in anger.

We saw a raft of features spoken about with Mountain Lion, the next incarnation of OS X (no longer even called Mac OS X … a disappointment to those of us who paid for the original Mac OS X Beta). A number of these have been covered before as we are now on Preview Release 4. The strength which appeared to be taken from the new features seemed to be the accessibility tools (dictation, etc) and the portability of your personal settings to other devices. We have already seen the push for iCloud and how this links with Photostream between your devices … and this increase with iMessage, Notes, Reminders, Sharing and so on …

The key areas I am looking at with Mountain Lion are around AirPlay and Notification Centre. As someone who has a lot of inbound information streams there are some tools I use to manage this, but Notification Centre looks as if it could make a big difference for me.

And then we get onto the area that everyone was waiting for … iOS6.

With no formal announcement of an iPhone5 we are all looking to see what the new OS will do on existing hardware. Although we were told it would work on legacy devices back to iPhone 3GS, 4th gen iPod Touch, the iPad 2 and the new iPad (and yes, that is how Apple term it on their site) we do not know how much of the functionality will work. Siri will work on the new iPad we are now told, but will it work on the iPad 2? I doubt it … in the same way it doesn’t work on an iPhone4. A lot of the updates make more sense for the iPhone and iPod touch than the iPad. Moving from Google to Apple’s own Map service, Passbook for holding electronics tickets for cinema, flights, etc (possibly a lead into Near Field Communications [NFC] for using an iPhone for payment services?), improvements in how you manage incoming phone calls and notifications (it has only taken them a few years) … but the accessibility improvements have also seen me amazed that Apple appear to have really understood a need on the iPad. Enabling a parent / carer / teacher to only allow one app on a device as well as restricting touch input on particular parts of the screen seem to be encouraging using iOS devices with children. Engaging them whilst not overloading them.

An area of concern is the increasing integration with Facebook … as much as I generally trust Apple we are now in the situation where the ever changing preferences on Facebook will also have to deal with how that is applied with iOS too.

There is a lot to take on board with it all and I would recommend people watch Tim Cook take the keynote, if nothing else to see the difference between him and Steve Jobs, as well as a lengthier demonstration of all of the above.

As for what it all means for schools and education …

Hardware – Apple personal computers (desktop / laptop) are expensive. They can work out good value if you buy the one which is right for your requirements and you know how to get the most out of them, but in the present times of austerity this is more and more difficult. It seems to be that more schools are going down the mobile device (iOS or Android … and eventually Windows 8 !) and this is understandable. The lack of a decent server in the Apple hardware range does show that management of any Apple Device is not taken that seriously (IMHO) by the folk at Cupertino. A disappointing comment to make, but one many experienced Mac Sysadmins would agree with.

Mountain Lion – Again, the lack of mention of how the Server tools will work means that it will be interesting to see how the devices fit into a school environment. The increased emphasis on a personalised device, with settings and information following you around via Apple’s iCloud, means that there could be clashes in an education environment. The major bonuses for me come in the way of Airplay as a means of ditching the Interactive Whiteboard (until you are ready to make the most of them) and tools such as Dictation.

iOS – Again, the emphasis on a personalised device does work well with BYOD, but the increasing number of schools I speak with who only see the shiny nature of it or the cost cutting side … iOS6 will do little to improve or support the use of BYOD over iOS5. Until we look at the management tools and what settings can be applied to encourage best use of the devices … then we should still plan on making the most of iOS5. Siri is a major improvement, but like all information services (google search, wikipedia) information on its own does not give you understanding and knowledge … so we have to understand the most appropriate use (teachers before technology folks). Accessibility will be an interesting area to work on and develop, and how we make the most of personal devices as a tool and not as a cheap (or expensive) gimmick to generate engagement for the sake of it.

I am trailing Mountain Lion on my work MacBookPro (starting to get on a bit but should be serviceable) and will put my thoughts on this blog as I discover things I like or loathe, or if I spot things that could be fun in the classroom, or things which could help a teacher or SLT change / improve their working life.

I will also be testing iOS6 on an iPad2 (my own one) to see what apps do and don’t work, to try to see if we can lock it down and tweak settings, and to see if there are restrictions on some functionality … hopefully helping people work out whether they need to go for the new iPad or if they can get away with a cheaper iPad 2.

If you have any particular areas you want me to test or try out then let me know. You lot are going to be more inventive than I am for a lot of this because you are pushing the limits in class already.

The Data Protection Interlude – Apple

And so I take a quick interlude from my look at the recent Apple Workshops to think about a few queries some schools have raised in the last few weeks about Apple and Data Protection.

When it comes to their OS X devices (desktops and laptops) Apple have had some built in encryption for some time. FileVault was introduced in Mac OS X 10.3 and used to just encrypt user files. Not a perfect solution but the introduction of FileVault 2 in Mac OS X 10.7 (Lion) we now have a solution to encrypt the whole drive. The ICO has raised the need to encrypt laptops so if you have personal data on your MacBook then you should seriously look at FileVault for encryption. There are other commercial offerings and solutions which cover a variety of platforms, allowing for better audit and control … but yes, there are going to be at some cost. In the same way that BitLocker is a fantastic way to deal with the issue on Windows 7 laptops (which has been blogged about by the Microsoft Education UK team) then it is good to consider making use of the built-in tools provided by Apple.

When we come to Apple’s mobile OS, iOS, and the newer devices being used (iPhone 3GS and later models, all models of iPads and iPod Touch 3rd gen and later models) then these are all capable of going onto iOS 5. By default these devices make use of hardware encryption. Apple say, “Data protection enhances the built-in hardware encryption by protecting the hardware encryption keys with your passcode. This provides an additional layer of protection for your email messages and attachments. Third-party applications can use the data protection APIs in iOS 4 and later to further protect application data.”

The growing use of iOS devices as tools for Senior Leaders and teachers in schools will mean that sensitive emails and files are likely to be on these devices and so you need to take appropriate action to protect the data.

Apple do have a larger paper about iPad security and from my perspective it boils down to a few key facts.

1 – Set a passcode on your device. This will mean that should someone repeatedly attempt to get in then it will be wiped.

2 – Don’t rely on a simple passcode. Whilst it is nice and easy to have a simple code of 4 numbers, it is not exactly secure. You wouldn’t have a password of 4 characters for your desktop or laptop to log into your school network so why do it for a mobile device? If you look at your iPhone and check the pattern of smudges where your fingers type you can see where you enter it in … and the direction of the smudge can make it easy to guess. Other mobile OS have a similar problem so it is nothing new.

3 – If you are using smart covers on iPads then make sure that you turn off the feature to automatically unlock when you open the cover. This sort of defeats the object of security. Fine for classroom devices but not for those with personal / sensitive data on.

4 – Tools such as the iPhone Configuration Utility (ICPU) allow you to create a profile for devices to change some of these settings. If you are creating settings for school devices or to allow devices to connect to school systems then you should look at this to force improvements. This will include password length, complexity, Autolock time period (I have mine for 1 minute and the maximum number of failed attempts to login before the device is wiped (mine is set to 4).

5 – Remote wipe should be available … either via management tools within the school or if a personal device then via iCloud with Find My iPad.

Not an extensive list of how to deal with this and there are some other really pod guides out there, but hopefully this gets more people considering how they use Apple mobile devices and take a bit more care.

(image : Padlock by Marc Kjerland CC BY-SA 2.0 http://www.flickr.com/photos/marckjerland/4254099567/)

Apple Leadership Summit – The Workshops pt 3

We have now covered the most simplistic methods which many schools are using to manage iOS devices, and frequently these are shared devices we are talking about, not individual devices owned by the user. The issues that this can bring is that as you grow with the number of devices you have or reduce the amount of time you have available to cover support of the devices you have to look at more efficient and practicable solutions.

The next area covered in the workshop was the concept of profiles. Those who have looked into Group Policy Objects (GPOs) in the world of Windows or the use of WorkGroup Manager (WGM) on Mac OS X can see easy parallels and might look to apply the exact same concepts used to lock down machines. Apple were keen to stress that it is not about locking down but more a case of ensuring that certain settings were enabled and that you knew where the responsibility lay for control / changes of the settings.

In a similar way to the nuts and bolts of GPOs just being a method of forcing changes to the registry on a  Windows client, and WGM forcing changes of .plist files on a Mac OS X Client, the iPhone Configuration Utility (IPCU) creates a text file which, when loaded onto an iOS device, changes settings.

It covers a number of areas including security, Wi-Fi, VPN, email, calendar, address book and some application restrictions. We covered some of these setting in the previous post when we looked at on-device settings, but a profile can also be used to set up part of the information required and allowing the user to complete the rest. An example would be to put in all the details for the Exchange Server but leaving some fields blank so the user enters the information relevant to themselves. A more details guide on this can be found on the help section of the Apple website

Another important security area is around passcodes where you can set the complexity including whether you allow simple passcodes (ie repeating / ascending / descending sequences), whether you require alphanumeric values (must contain at least one letter), minimum length, age, auto-lock time period, history and, possibly the most important if considering the device would be used by a member of staff, how many failed attempts before the device is wiped (I’ll talk a bit more at a later date about encryption on iOS devices).

We also have to consider whether the profile can be removed by the user. The options include Always, With Authorization and Never … remembering that if you wipe the device (there are a variety of methods) it will take it back to requiring activation and you start again anyway with a clean slate. Also remember that, in the most basic setup, the profile is something a user (or the person setting it up) has to accept to install. When we look at Profile Manager later on we can consider some of the ethos behind putting particular settings into the profile so that the user has to agree to various settings as a method of gaining access to certain areas (eg email) and a common method of control for this is the granting of access to the secure, wireless network.

Profiles can be loaded via USB, can be emailed out to users to install, can be pulled down from websites or pushed out wirelessly via MDM solutions. One important thing to remember when exporting profiles from IPCU is security. These are text files and if you do a simple export can be read and changed via a plain text editor. You can sign the profile so any changes will noticed by the device if you try to install it but this basically changes it to read only mode. What should be considered as the only option is sign and encrypt the file. Just think … this profile could have all the settings needed by a user to join your hidden wireless network, usernames and passwords for mail servers (if using a profile per person or allocating a specific email account per device) and so on … do you really want that in plain text?

It is simple to sort though by just ensuring you export it signed and encrypted.

The next post will look at some of the uses of the new tool on the block, Apple Configurator, and what we were shown about what looks to be the first stage of a good methodology for managing and deploying devices in bulk.

Apple Leadership Summit – Intro

It is good to see Apple throw themselves into the education arena a bit more after having been notoriously shy over the last few years. With the corporate stance on attending tradeshow meaning that the official presence at BETT has not been a possibility it was wonderful to see a number of combined ASE/ADE/AASP stands, actually staffed by many of the same people who came along and worked on the Apple stand in previous years.

Having attended a previous Apple Leadership Summit last October I was glad to be able to get an invite to the latest one, held yesterday at Silverstone. Over the next post or two I’ll be covering most of my notes from the event and hopefully be able to give a significant update on where I left things after my blog posts after last year’s Summit.

The notes will take from my own notes, my tweets and some tweets from others.

I’ll try to split the posts into 3 areas: vision, practice and infrastructure design … the last one is likely to be a biggie so I will probably start there. Whilst most of what was covered is about mobile devices from Apple, a lot of the principles about how you plan and think about it can be translated to other offerings.

My issues with BYOD

Firstly, let me state that I am an advocate for BYOD and anything else which gets more technology into the hands of learners so that it can be used *where appropriate* and that will also include some work to help SLT, Teachers and learners understand when it can be appropriate. As part of that I love to see the blog posts, articles, videos from folk at Microsoft, Google, Apple, Learning Without Frontiers and many, many more.

My first issue is around the shiny tech syndrome … the same issue that cropped up with IWBs and many other fantastic tools. You hear (or experience) a school saying “School A is using technology X and has fantastic results and we sort of understand why so *we* have to use it to!” and yes, I know this is a bit of a generalisation but we can all understand how it happens, the hard work folk involved have to put in to make it work as a result and that by some more careful thought it can be the success we all know it should be. This applies to so many different things in schools (and other sectors) so it is not just a technology thing. Having to think and plan about something can be mundane and boring but it can be, for your school, the thing that makes the difference. It is worth saying that not all schools need to plan as much as others … some schools have a culture of adaptability and innovation … and so can pick things up that bit quicker … going from a trial to full implementation with far less work, less planning, more trust between people involved (an important factor) and get wonderful outcomes. When trying to think of something to equate it to I tend to think how would a school deal with having to teach every lesson in song. If you think your school could adapt and change, very little training, understand the benefits … then this could be a sign you could go to BYOD with little educational pain.

And this gets to my second issue. BYOD and consumerisation of IT is wonderful. It puts good kit and tools in the hands of people who will make good use of it. There are barriers to this and some are practical, some are educational, some are technical and some are legal. This is where those schools who spend more time planing might be better off.

Let us deal with legal in this post … and this will not be a comprehensive list, will not form any sort of legal advice and should not be considered as a reason to go for BYOD or not to go for BYOD … merely a pointer for starting conversations with the relevant professionals who you would normally go to for advice and instruction (hopefully that covers my backside!) … so please take it as such. There are lengthy eSafety Law in Education discussions which can be had around the use of technology, online tools, walled gardens, etc and these should be considered. I cannot find a comprehensive list of what this involves other than schools should apply with the laws with regarding safeguarding … but I know that it will cover (and not a full list) The Education Act 1996, H&S legislation, Safeguarding Vulnerable Groups Act 2006, Common Duty of Care … as well as other legislation in place to deal with bullying, physical and mental harm.

And then you get onto what some regard as the mundane aspects of legislation … and whilst we have mentioned H&S already we do have to come back to that when we consider the problems some schools used to have with trailing wires in the early 1:1 laptop schemes … not so much of a problem now with mobile / handheld devices but not everyone will be bringing in iPads / Android tablets … there will be laptops, netbooks, ultrabooks … and devices will also need some charging during the day as learners forget to bring them in fully charged or as the battery slowly burns out. This also steps into the practical aspect so we can leave it there for the moment. The next bit is about security. As much as we might not like the idea, we have a responsibility to ensure that all the data, the personal information, the work created by staff and learners, the services that are provided in the school, the machines we work on each day and the devices we connect on the network are safe, secure and there will be no loss or damage.

When any device connects to a system there are both legal requirements and usually terms and conditions for that connection. With your phone it is the contract you sign and the law of the land. You are not allowed to disrupt communications, misuse data, use communications maliciously, etc as points of law. You then also agree a contract to say you will follow the rules of who you connect to … which includes the above laws (and more) and also things like the amount of data you can download / upload, damaging the name of the firm, etc … and in schools the contract *has* to be signed by the parent as a minor, as has been pointed out to me a few times recently, holds no or minimal legal power. To some extent this is similar to school rules though … but this means that you *have* to consider the damage which could be done. You might not allow some children to connect devices to the school systems due to previous actions in the same way you might not allow some children to use sharp knives in DT lessons due to the previous damage they had caused (which, technically, would be criminal damage and that is something you can hold against some children as a criminal offence … but how many schools do prosecute!)

So, we have covered the idea of a contract and that there are legal requirements for a safe system. This includes protection of data loss / damage, viruses, use of the school systems to launch attacks against other networks. As much as we might want to think that these should just be covered by who ever does your tech support … the buck stops with the Head and Chair of Governors. When schools have lost data and had to sign Undertakings with the ICO it is the head and Chair of Governors who have to do it … and it is their neck on the line for the fine and even jail.

I recently asked a group of schools about what laws they have to follow to run a school network, what standards are out there for this and who would they go to for advice. Majority of SLT put the onus on their IT Support (either in house or contracted) and even those who accepted that they could not devolve the responsibility (it is only ever shared) they had to accept the limitations of what they could reasonably manage to cover themselves.

Personally I would love to see a legal review of what it takes to run tech, including BYOD, in schools. It is worth saying that none of the above should put anyone off … just show them the areas that need dealing with and I hope to cover a few more areas (technical / practical) in the next posts.

A summary then. No matter how much we all want to focus on the inspirational benefits that BYOD brings, we also have to fact a few realities that it is like any other change a school faces. It has to be done for a good reason, has to be planned and has to take into consideration legal boundaries, operational requirements and a lot of the other boring stuff. Educational benefit is not a magic want that will sort or over-ride the other stuff … just a really good reason for putting the effort in to sort it in the first place.

So, what would folk like to see next?

A breakdown of managed wireless?

Dealing with proxies?

Day to day operation in schools?

I am open to ideas and information … I don’t have the answers and I am always looking for others to share what they have done so far and the lessons they have learnt.

Tech Support – By Schools, For Schools

I know some of you might already recognise the phrase including in the title, as it is a central tenet of the ICT Register, but the same ethos is wide spread within the education community. It doesn’t matter whether you are talking about school staff getting together at TeachMeets, having in-depth discussions via twitter though things like #ukedchat, online communities such as EduGeek.net or more local groups such as NorthantsBLT the growing role of schools taking ownership of their advice and guidance and how they share it with others is a very important part of how schools need to react to recent changes which have come out of DfE.

Many of the above are free … well, when I say free I really mean that they are paid for by people and schools using their own time for the benefit of others because they get the same sort of response back, or it is a bit of educational philanthropy on the part of others. This is brilliant in many ways, but can make it difficult to plan for sustainability. Also, there is nothing wrong with paying for advice, guidance, ideas, expertise, etc. There is often a saying used, “you get what you pay for!” and this is very true. People forget that the payment is not always cold, hard cash, but time and your own expertise … and when time, expertise, capacity and ideas are running short then people face the reality that paying for something is almost inevitable.

And this is one of the areas where I think some schools do it wrong. It shouldn’t be that paying for something in cash is the last option, it should be considered an option from the very beginning when you are planning what you need, what your goals are, how your school will develop / deliver things like CPD, technical support, parental engagement, etc.

Technical Support is a perfect example of where failing to plan can result in staff in the school, both techie and teacher, having to scrabble around to find information and guidance. I have been preparing a number of reports around the use of Framework for ICT Technical Support (FITS) within Northamptonshire schools and conversations with schools who have staff trained and accredited against FITS has shown what a difference planning makes. Except that it doesn’t just stop at the school gates. A number of schools are actively involved in supporting other schools. This will range from Lodge Park Technology College being actively engaged with the ICT Register and Microsoft’s Partners In Learning, Sir Christopher Hatton School providing support on Microsoft training courses and technical support to local schools, Wrenn School providing technical support to local schools and staff being active in online communities such as EduGeek.net, and both The Duston School and Southfield School for Girls providing staff time and expertise to chair local working groups such as the Schools Broadband Working Group and NetworkNorthants (the local IT Community for technical staff in schools and school support providers). Some of this is for free (i.e. no charge to others) but some of it does have a cost and is well worth it.

Having another school cover your tech support or provide advice around it has some major benefits. This can range from educational understanding and expertise, through to experience of deploying some education specific technologies. Couple this with easy access for teachers to talk with teachers, SLT to talk with SLT, you can having a winning combination.

So I was please to see, over the weekend, a tweet from a friend on the south coast. Tim Dalton is the IT Consultant at The Wildern School, the school which runs its own TV Studio (BBC Schools Report), has previously run YouTube style services for other schools, has developed advice and guidance on using media technologies in schools … and much more. Tim put a tweet out letting his PLN know that they are doing it again, taking their expertise and bundling it up for others. This time it is is punnet; a support, development and advisory service for other schools. Whether it is hands-on, regular tech support, development of software and applications for schools or advice and guidance around classroom use of technology and school strategy, Wildern hopes to be able to cater for your needs.

Yet another example of By Schools, For Schools …

Do you have more examples? Are you involved in similar to the folk at punnet or the other schools mentioned? Have you spoken with other schools to share ideas, expertise, tools and goals? Go on … now is your chance.

Think … erm … Different (part 2)

Thanks to all for the positive response to part one of the report on the Apple Birmingham Leadership Event. I have tried to continue to be as open as I can about the day, and whilst there is still considerable criticism in some parts about Apple and their strategy on technology, I hope I am giving some insight into how their tools can be used within schools. It is not intended to be a sales pitch but to give people as much information as possible to make decent evaluations on their options. I know there may be some inaccuracies in here and it is an opinion piece. Apple staff are unable to comment on it formally so if anyone who was there spots anything, please let me know.

——————

The afternoon also contained the Hands-on workshops and I opted for the technical strand, ably hosted and run by Chris Jinks from Apple. Out of my 5 Questions, a number of them were linked to the technical strand … not because I am a Geek, but because this seems to be one of the major areas which is a barrier to adoption of new tech. Lack of information and advice can be a key reason for failure of using any technology in an educational environment. it detracts from the benefits of the tools and the reason they are there in the first place. This is true no matter where the technology is from and is in no way Apple specific as a problem. However, the approach which Apple has taken in the past has sometimes been open for question. At a previous BETT show, Russell Dyas and myself were at the press briefing from Apple and when asked about giving more advice to schools on the technical side we were told that schools shouldn’t need to use in-house staff but buy the expertise in from ASEs and partners. That obviously went down well.

However, there is more information available to schools … if you know where to find it and who to ask. ASEs, ADEs and AASPs are still the first point of call for many areas but events like today are starting to fill in the gaps.

The session was a two-hour version of what is usually a full day training event. We knew it would be a tad sparse in some areas and Chris apologised about that, but there is a lot to squeeze in. Again, Apple like to breakdown the areas covered and look at it in the following blocks.

  • Mobility with Apple
  • Creating Content
  • Distributing Content
  • Managing Devices
  • Infrastructure for Learning

What is mobility? It is about my content. Anytime. Anywhere. Video, Audio, text, applications … things I create and consume (I was feeling like I was listening to Graham Brown-Martin from Learning Without Frontiers actually). This is about whether in a lab, at home, on the move, etc … important to remember the difference between 3G, WiFi, LAN. We looked at having to consider the broadest audience … desktops, laptops, mobile … think of who you are reaching and how. Consider the delivery mechanisms, work to standards and understand why some are moving away from certain tools. This is where the Flash-bashing started. Earlier in the day I had raised about the issues with the lack of Flash in education since there are many resources in Flash (with few plans to change from talking with some vendors) and the push is very much that Flash might have been very good once, but now is just not suitable because things like killing battery life, CPU overhead, etc. Likewise, when conversation go onto standards HTML5 was up there are the way to go … and I had to point out that it isn’t ratified, that there is the risk that it might go down a route Apple don’t want and that time / money could be wasted. However, Chris did ask what the alternative would be then … and after you rule out the use of Flash (and we can have a long discussion about Flash and open standards) there is little left to go for. As an aside, I have been party to a number of rants about how bad Flash is, especially for updating, things breaking and not being open, yet when someone decides to drop it (such as Apple or Microsoft for the Metro interface of Windows 8 ) you get an outcry of the masses … sometimes I think you just can’t win!

Back to the session though, and we looked at what were the building blocks (Text, Audio, Video) and the construction areas (podcasts, web, apps). Again, stressing the use of open formats, text comes in 2 forms – PDF and ePub. I did query (via Twitter) about whether Open Document format (ODF) should be included in there and after some research it is indeed a standard for office documents along with OOXML and even the UK Govt has previously stressed ODF and open standards should be used as a standard for sharing documents … and it has support from Apple but iWork still does not support ODF. We already know that PDF is fine when used in it’s simplest form but as soon as you start adding other objects into it (video, etc) then you are relying on additional code to make it work … and there in lies a problem. In schools it is so frustrating to receive materials as PDF from an exam board only to find you need a particular version of Adobe Reader to open it and that it will not open in any other PDF reader. This is where ePub comes into its own. It gives a greater user experience, allows for more user control such as changing font, text, colour, flexible orientation, etc. Personally I like to use Scrivener or Calibre to create ePub files. When looking at audio we talked about the importance of compression vs quality. MP3 still wins out as a format for many. For video we looked at the difference between Codecs and Containers, H.264, MPEG-4, MPEG-2 : m4v, mp4, 3gp, mov, avi, etc … and looked the simplicity of selection within the Apple toolset. Assembling all these parts together is the construction bit … and this is what makes the difference.

The Web is standards based … HTML5, CSS3 and JavaScript. At least these are where Apple technology is centred … mainly because it works and keeps things simple. We looked at the use of apps v web and a hybrid approach, but Chris was keen to say that Web Apps give the best method of dealing with a broad audience. We looked at using Pages to create ePubs and it does work extremely well …

Distributing content is an important factor in education still. As much as we might love the idea of user created content and co-creation as an approach within the pedagogy of your curriculum, you are pretty much guaranteed to have some content to distribute to the users / pupils / students. There are 2 ways to get content onto devices, via cable or via WiFi. Cable requires plugging in and using iTunes. This is suitable for personal or 1:1 devices but is a pig for class sets. Even setting up the small technology toolkits we have had going out to schools takes up time and I was glad that Peter Ford was doing it rather than me! I have to admit that iOS5 and Sync over WiFi has been very handy for me on my own devices … but again, that comes down to personal responsibility. When it comes to WiFi there are a number of tools for hosted shares for accessing WebDAV style solutions … WebDAV Navigator can be a handy app and many apps have tools to allow you to save to WebDAV too. I did ask about the use of iCloud and the Data Protection Act and at the moment there is no direct guidance / advice. As always with these things, if you have concerns or cannot confirm you are not covered then you should not use such services. On a personal note I think iCloud to a local server would be a good option … but I doubt we will see Apple do that for a variety of reasons, including security. The methods of ensuring that published apps are done via Apple’s services are also part of the locked down environment and I’ll leave it to iOS App Developers to give better explanations of how and why this works. As far as those deploying solutions in schools go … you are not bundling your own apps and pushing them out GPO style.

We then started to make use of a locally deployed Lion Server. This was key to how the workshop continued but with a bit of careful thinking a number of the features can be delivered via other options. We started by accessing the Wiki Server, an easy way of getting resources made available by the class teacher, in this case it was hosted on a local MacMini Server. Interestingly I was discussing the use of Wikis with Tom Rees (@trees2066) and we both agree that this is one of the best co-creation tools out there. Unfortunately, as far as I have been able to find out, Wiki access is a bit clunky still in Lion Server. If anyone has a good guide to allowing student control of the Wiki I would appreciate it.

Then we get onto controlling the devices. Yes … I know most are thinking the same I was … about time, but it really did make sense why the session followed the structure it does. You need to understand what type of resources may need to be used and how they are accessed first.

The session talked about the 3 options … the personal device (in a 1-to-1 situation), the institute owned device assigned to an individual (still 1-to-1) and the shared device. With a shared device it is a fixed setup, only admins make changes … and you have to return to base (i.e. the SysAdmins) to reset, update or redeploy.

With any 1-to-1 setup you are going to get a mix of institutional and private data. Apps could be owned by the institute (gifted?), provide updates one recovery capabilities … but there is a massive amount of user responsibility. The User is in charge, can do pretty much anything and chooses to accept the configuration to be part of the educational environment … but more on that later.

All new devices (or when devices get redeployed) have to go through 4 steps. Activate, update, configure and sync. Who will do these steps really depends on the model used. Mobile Device Management tools are key. It seems that Apple’s MDM tool actually uses the same provided sub-set of controls as the larger commercial offerings out there. There is a difference in the UI and when you buy in a commercial package you get told how it will work … I suppose this could be viewed as the same as using parts of RM’s CC3/4, which bolts on / controls aspects of Microsoft’s Active Directory.

A key aspect of using MDM though is the Certificate Signing Request. No matter what you use, this is a must (again, going back to the security mentioned earlier) and is needed as part of the Apple Push Notification Service … Security of updates of configurations is carefully thought out here … and yes, it needs to be thought out and planned, the central server / controller needs to be available … and at this point you realise that if you don’t have a central machine then you are going to struggle. If you already have an OSX Server to control any desktop / laptops from Apple … then this is where to start.

Centralised configuration can do a lot … sort out wireless settings, proxy settings, email, calendar … and much more. A number of these can also be provided on OSX Server, but you can also use other providers too. Exchange is big one in many schools now, but I have recently seen a setup accessing a hosted Sharepoint / Exchange solution from a VLE provider too. But back to the configuration … One important thing to remember … you cannot stop people removing apps via the central configuration, it is a setting you have to do on the local machine (Settings > General > Restrictions … then Enable Restrictions and turn Deleting Apps off).

The main config tool you will come across is the iPhone Configuration Utility to create Profiles of how devices will be configured. These are then initially pushed to connected devices (via cable) or pulled by the user. This is where OSX Server comes into play. The same box running the Wiki Server also enables devices to connect to a configuration service. Pretty simple really. Set up a guest wifi in your school which only gives you access to the config server. Connect to the server via a web page. Pull down the config (if you are allowed too … security starts with User Authentication) by authenticating, install the provided certificate and then the encrypted config comes down over the air. The details of what can be controlled via the iPhone Config Utility are covered in detail in Apple’s documentation and there is quite a bit covered there. This new config can then have the *real* WiFi network settings in it.

Those of you who have experience of dealing with .plist files for controlling Apple OSX devices via WGM or .adm files for GPOs will not be surprised that the settings are just XML strings … but the config tools do all the work for you.

The session showed some examples of over the air changes. We had YouTube running … and then it was gone. The app closed and was then gone from the device. Access to particular WebApps / resources pushed out as weblinks. Device access to OSX Server provided WebDAV used to show uploading of pictures and documents created in Apple apps such as Pages.

The session really did only touch the tip of the iceberg, and I think that even doing a full day would not cover all the questions many of us would have. Like many things, it would only be after a few weeks of hands-on testing of a deployment that we would have a good idea about the full extent of what can and can’t be done, the different places you have to go to to make changes, the extent to which Apple security controls so many things … and so we come onto the positives and limitations of central deployment.

I’m not going to strictly put them in order, because so many are linked.

The ability to have some control is needed and what you get is kept as simple as possible. This keeps the background load on the device pretty low, which has the positive affect of longer battery life, etc … let’s face it, we have all moaned at some point about the load AV software or certain middleware applies to devices … and it also means that there is less chance of conflicts of settings. The limitation is that you have to operate within boundaries of the tools and settings you have … you can’t suddenly think of a new tool or setting. If the option is to turn YouTube off then that is what you have … not just limit it to particular sections. For that you have to use another tool such as a proxy server / filtering solution. You can’t stick remote monitoring tools on there such as you might have on desktops (Impero, NetOp, AB Tutor Control) or the security key loggers (Securus, Policy Central) as this is not what it is designed for.

As a device which can be personalised you also have to accept that the user can choose to turn of your centralised controls. If they do then they loose access to all those settings you have loaded onto the device … the wireless, the email, weblinks, etc. Now, I know many will be screaming at the screen right now about that being useless in class environment … the disruption as yet another student needs to go to see IT Support to get things fixed … but surely this is just another bit of classroom management. If a child doesn’t turn up with the right PE kit, or damages equipment in Design Technology … then surely it is a discipline issue, not the problem of the equipment / technology. And yes, it does go back to what has been mentioned before about carefully thinking about which model you are going to use.

Personally, I can see a class set of iPads only really being usable if there is an OSX Server device in the same room and accessed by the class teacher. There will be some admin tasks around this and I can see that being a problem due to some restrictions about how much tech support / admin teachers should be doing. I think you do need this personal access to the OSX Server too as this will be a key tool for providing access to resources and pushing things to the devices. I do also worry about how files / resources on a class set of devices would be tidied up / cleaned out. This needs a bit more thought and planning really. In a 1-to-1 scheme this is the responsibility of the user, and you could say that tidying up the device could be seen as an activity by the child in the same way they would tidy up the classroom before leaving a lesson … but we all know things get missed. All it would take would be for one naughty child to find a dodgy picture or, probably even worse, take an unsuitable picture and maliciously leave it for someone else (another child) to find. This is not just a concern I have about Apple devices … far from it, I worry about the misuse of any handheld device … and the lack of pretty much any control on Android devices worry me even more. We’ll have to just see what happens when Windows 8 comes out too, but based on previous experience of working with Microsoft tools … I think this will be a bit more thought out.

So, a summary.

iPhones, iPod Touches and iPads can be centrally controlled in an educational environment. It is best designed for a 1-to-1 scheme rather than class sets, but that doesn’t mean it can’t work and work well. No matter what model you choose you will have to think carefully about how you want to deliver the curriculum, how you will push out access to resources, how you will change some of the school procedures to take into account the growing use of handheld devices and this really does mean thinking about how classroom management will deal with things rather than relying on technology to fix things for you. You need to look at how you deploy and control your wireless networks.

I would honestly recommend anyone looking at either class-sets or 1-to-1 schemes to talk with other schools already doing it. You must also talk with at least one Apple Solutions Expert or AASP. They will help you with access to Apple Distinguished Educators who can work with you to think about your curriculum to make the most of the investment made in the kit. It is not just about the cost of the equipment alone.

ASEs will also help you access other things too … including things like information / support from Apple Financial Services. If you are serious about going to a 1-to-1 scheme then the finances need to be carefully thought about. I have seen too many 1-to-1 schemes fail on that aspect or fail on the curriculum design.

There are plenty of good resources on the Apple site to go through (some already linked) and the case studies make interesting reading … and with enough time in-house staff will be able to deliver good, workable and stable solutions … but I would still like to see a comprehensive guide as to how to deliver this. However, we have already covered how Apple tend to deliver things … and, being honest, the expertise of ASEs is usually worth the investment in time and money.