Category Archives: IT Management

Apple Workshops – Deploying iPads in Bulk

After a week of looking at the best way to cover the different variations of using Apple Configurator it seemed like destiny to come across a thread on EduGeek which looked at one of the principle methods by which schools could make use of Apple Configurator and iTunes. The thread can be found HERE and will no doubt have numerous updates where further questions get answered.

A massive thank you to Rydra for allowing me to reproduce the original post in the thread. I would heartily recommend people keep a track of this conversation, and other similar ones, over on EduGeek.net.

Process for bulk imaging an Ipad using mac OSX + Apple Config + iTunes

So I finally managed to pin down how to do this, though it took a while, and I’m going to have trouble in the future till Apple fix their entire operating ethos.

The problem, is that Apples configurator program, for mass deploying iOS devices, now only support the Apple Volume Purchasing Program. This is bad, because that is only available in the US for fully registered companies with a DUNS ID (cant be bothered to explain, but it’s a database in the US for businesses to register themselves.)
This means, that only free apps can be deployed as part of Apple configurator, not paid apps, unless you are in the US, where you can buy volume licensing for them.

So this is what I’ve had to do to get around it.

I recommend that you either run seperate accounts for your different device sets, or, if you have what I have, and that’s a single account, make different itunes libraries (it might be worth doing anyway even if you have multiple accounts)
To do this, hold down Alt + click on the itunes icon. Then create library…

This means, that for the different ipad varieties, yes you have to keep multiple copies of the same apps, but it makes your life a lot easier to manage the apps on your device.

The general process flow to follow is this

-Update iOS to latest version using Apple configurator; you can either let it go and download it, or you can download it yourself and point it at the upgrade file. You can plugin as many ipads as you’ve got USB ports (or hubs), but even better, once you set it up, you simply unplug the ones that were done, and plugin the next one(s) and it just carries on going till you hit the ‘stop’ button.
-From the apple configurator window (Prepare Tab > Settings), only select from the dropdown the iOS version you want. Do not change anything else in the window.
-Hit Prepare
-Swap in/out till done.
NOTE: HIT THE STOPP BUTTON WHEN YOUR DONE! I forgot at one point, and nearly factory wiped my master ipad when i plugged it in for imaging!)

-Install all apps, books, music, movies etc and arrange the way you want (NOTE: it’s best to do this using Itunes. I’ll explain later.)

-Transfer purchases from the ipad to itunes/the pc. This makes sure your PC has all the apps you want if any were added via the device rather than itunes.

-Hit sync. This makes sure what your ipad has, so does the PC and vice versa.

-Right click the Ipad in Itunes, and do a backup.

This will now give Itunes a full backup of the SETTINGS. Note, this does not save the apps themselves.

Now, the reason I said above that you need to use Itunes to setup the layout, is that there are 2 kinds of restore for the ipad.

If you use the summary page restore, it is a factory reset, and reinstalls the iOS from scratch, giving you a vanilla ipad. It will then apply your settings/preferences. The problem is, that it hasn’t put all your apps back on at this point. And if you were unlucky enough to have ticked ‘sync apps on setup’ and/or ‘sync new apps’, then it will put every single App on your account (that you’ve downloaded to the PC) on the device.

Now this is not really that cool. At one point we had more than 270 apps in our library here, most of it junk, and we ran out of home screens to put them all on. This is why I suggest having different libraries. Seperate libraries means you keep each library with only the apps you need for that set, and applying the app sets is as simple as shift selecting all the apps and dumping it onto the ipad.

Onto the restore part:
-Stick in your new ipad with nothing on it, fire up itunes, and then tick to sync apps (suggest unticking auto install new apps, this gets annoying if your trying out apps etc.) along with anything else you want to sync up. Because you have a seperate library with just the apps you want in it, you can just shift select all the apps, and dump them on the ipad!
-Wait till this is done syncing
-Once it has all the apps you want on the device, Right click the ipad in itunes, and select Restore.

THIS IS IMPORTANT.

This right click menu option does NOT reinstall the iOS! It ONLY restores the settings, therefore all apps on the device are left alone. Since all the apps you want are on the device, it can create your home screen layout the way you want it. Anything on the device it’s not sure of, it’ll dump it loose on the home screen (so you can have some customisation where required)

-Once this is done for all your ipads, it’s time to go back to the configurator.

-Setup profiles the way you want (To create a profile, click the ‘+’ at the bottom of the window). You can set restrictions, wifi settings, mail settings, whatever is in the settings on the device, you can control it here.

From the top:
-Give the set name. Tick the ‘number sequentially starting at 1’ button. If you want the numbers to start from a different number, tick it, then change the number and it updates itself.
-Supervision on/off means if you set it, only your PC can alter the settings on the device.
-iOS: assuming you did it earier, don’t touch this setting.
-Restore: don’t touch this setting, you did this stage during itunes.
-Profiles: Tick next to the profile you want to apply
-Hit prepare, and swap in/out devices till all are done.
-HIT STOP!

This will give you a set of ipads all with the same layout, same iOS, same app sets.

-From Apple config, select from the restore drop down: ‘Backup’
This makes an Apple config backup file for later use. label it appropriately.

In the event of needed to reinstall from scratch, follow the processes above entirely.
If you just want to reset the layout/settings, and assuming no apps were removed/added, you can simply hit ‘restore’ from here and it’ll restore back to your master. If you update your app set, you’ll have to do it all from scratch again.

—————-

(Original post by Rydra on Edugeek.net : http://www.edugeek.net/forums/mac/95070-process-bulk-imaging-ipad-using-mac-osx-apple-config-itunes.html)

The Data Protection Interlude – Apple

And so I take a quick interlude from my look at the recent Apple Workshops to think about a few queries some schools have raised in the last few weeks about Apple and Data Protection.

When it comes to their OS X devices (desktops and laptops) Apple have had some built in encryption for some time. FileVault was introduced in Mac OS X 10.3 and used to just encrypt user files. Not a perfect solution but the introduction of FileVault 2 in Mac OS X 10.7 (Lion) we now have a solution to encrypt the whole drive. The ICO has raised the need to encrypt laptops so if you have personal data on your MacBook then you should seriously look at FileVault for encryption. There are other commercial offerings and solutions which cover a variety of platforms, allowing for better audit and control … but yes, there are going to be at some cost. In the same way that BitLocker is a fantastic way to deal with the issue on Windows 7 laptops (which has been blogged about by the Microsoft Education UK team) then it is good to consider making use of the built-in tools provided by Apple.

When we come to Apple’s mobile OS, iOS, and the newer devices being used (iPhone 3GS and later models, all models of iPads and iPod Touch 3rd gen and later models) then these are all capable of going onto iOS 5. By default these devices make use of hardware encryption. Apple say, “Data protection enhances the built-in hardware encryption by protecting the hardware encryption keys with your passcode. This provides an additional layer of protection for your email messages and attachments. Third-party applications can use the data protection APIs in iOS 4 and later to further protect application data.”

The growing use of iOS devices as tools for Senior Leaders and teachers in schools will mean that sensitive emails and files are likely to be on these devices and so you need to take appropriate action to protect the data.

Apple do have a larger paper about iPad security and from my perspective it boils down to a few key facts.

1 – Set a passcode on your device. This will mean that should someone repeatedly attempt to get in then it will be wiped.

2 – Don’t rely on a simple passcode. Whilst it is nice and easy to have a simple code of 4 numbers, it is not exactly secure. You wouldn’t have a password of 4 characters for your desktop or laptop to log into your school network so why do it for a mobile device? If you look at your iPhone and check the pattern of smudges where your fingers type you can see where you enter it in … and the direction of the smudge can make it easy to guess. Other mobile OS have a similar problem so it is nothing new.

3 – If you are using smart covers on iPads then make sure that you turn off the feature to automatically unlock when you open the cover. This sort of defeats the object of security. Fine for classroom devices but not for those with personal / sensitive data on.

4 – Tools such as the iPhone Configuration Utility (ICPU) allow you to create a profile for devices to change some of these settings. If you are creating settings for school devices or to allow devices to connect to school systems then you should look at this to force improvements. This will include password length, complexity, Autolock time period (I have mine for 1 minute and the maximum number of failed attempts to login before the device is wiped (mine is set to 4).

5 – Remote wipe should be available … either via management tools within the school or if a personal device then via iCloud with Find My iPad.

Not an extensive list of how to deal with this and there are some other really pod guides out there, but hopefully this gets more people considering how they use Apple mobile devices and take a bit more care.

(image : Padlock by Marc Kjerland CC BY-SA 2.0 http://www.flickr.com/photos/marckjerland/4254099567/)

Apple Leadership Summit – The Workshops pt 3

We have now covered the most simplistic methods which many schools are using to manage iOS devices, and frequently these are shared devices we are talking about, not individual devices owned by the user. The issues that this can bring is that as you grow with the number of devices you have or reduce the amount of time you have available to cover support of the devices you have to look at more efficient and practicable solutions.

The next area covered in the workshop was the concept of profiles. Those who have looked into Group Policy Objects (GPOs) in the world of Windows or the use of WorkGroup Manager (WGM) on Mac OS X can see easy parallels and might look to apply the exact same concepts used to lock down machines. Apple were keen to stress that it is not about locking down but more a case of ensuring that certain settings were enabled and that you knew where the responsibility lay for control / changes of the settings.

In a similar way to the nuts and bolts of GPOs just being a method of forcing changes to the registry on a  Windows client, and WGM forcing changes of .plist files on a Mac OS X Client, the iPhone Configuration Utility (IPCU) creates a text file which, when loaded onto an iOS device, changes settings.

It covers a number of areas including security, Wi-Fi, VPN, email, calendar, address book and some application restrictions. We covered some of these setting in the previous post when we looked at on-device settings, but a profile can also be used to set up part of the information required and allowing the user to complete the rest. An example would be to put in all the details for the Exchange Server but leaving some fields blank so the user enters the information relevant to themselves. A more details guide on this can be found on the help section of the Apple website

Another important security area is around passcodes where you can set the complexity including whether you allow simple passcodes (ie repeating / ascending / descending sequences), whether you require alphanumeric values (must contain at least one letter), minimum length, age, auto-lock time period, history and, possibly the most important if considering the device would be used by a member of staff, how many failed attempts before the device is wiped (I’ll talk a bit more at a later date about encryption on iOS devices).

We also have to consider whether the profile can be removed by the user. The options include Always, With Authorization and Never … remembering that if you wipe the device (there are a variety of methods) it will take it back to requiring activation and you start again anyway with a clean slate. Also remember that, in the most basic setup, the profile is something a user (or the person setting it up) has to accept to install. When we look at Profile Manager later on we can consider some of the ethos behind putting particular settings into the profile so that the user has to agree to various settings as a method of gaining access to certain areas (eg email) and a common method of control for this is the granting of access to the secure, wireless network.

Profiles can be loaded via USB, can be emailed out to users to install, can be pulled down from websites or pushed out wirelessly via MDM solutions. One important thing to remember when exporting profiles from IPCU is security. These are text files and if you do a simple export can be read and changed via a plain text editor. You can sign the profile so any changes will noticed by the device if you try to install it but this basically changes it to read only mode. What should be considered as the only option is sign and encrypt the file. Just think … this profile could have all the settings needed by a user to join your hidden wireless network, usernames and passwords for mail servers (if using a profile per person or allocating a specific email account per device) and so on … do you really want that in plain text?

It is simple to sort though by just ensuring you export it signed and encrypted.

The next post will look at some of the uses of the new tool on the block, Apple Configurator, and what we were shown about what looks to be the first stage of a good methodology for managing and deploying devices in bulk.

Apple Leadership Summit – The Workshops pt 2

The workshop spent some time looking at the range of tools to support and manage iOS devices and so I’ll run through some of the areas which it covered. I’ll also try to highlight where most of us are when it comes to many schools trying to do ad-hoc management of devices. For the sake of short-hand I will use iPad to describe an iOS device … but I could easily say iPhone or iPod Touch.

The first things we are generally all used to using is iTunes. Those of us with personal devices or those who are using BYOD / student leased devices are likely to not see a lot of use of iTunes as it is done by the user instead. Some schools with only a handful of devices might be using iTunes managed from one machine to look after devices .

All devices, whichever method you use, needs to go through 4 phases and iTunes can manage all those.

  1. Activate
  2. Update
  3. Configure
  4. Sync

When you get an iPad out the box or when you do a remote wipe it needs to be activated. It can be done over the air (with the advent of iOS5) or it is commonly done using iTunes for many users. This allows you to set up basic things like language, country, enable / disable location services, connect to a network and restoring from a saved backup (an important idea to come back to later).  It is also possible to put iTunes in Activation-only mode so that the update / config / sync can be done by other users and other tools.

The iPad will then check to ensure that it has the latest version of iOS (remembering that it cannot restore a backup from a newer iOS version). You then configure the iPad as to how it will backup, whether it can sync over Wi-Fi, what it will sync (going into detail in the tabs for Apps, Tones, Music, Movies, TV Shows, etc), type of video quality (i.e. between HD and SD) and so on. In the general summary tab I personally think that people should have a good look at the ‘Configure Universal Access’ button as the use of voiceover and zoom can be quite handy for many learners.

Once you have the device the way you want it with the relevant Apps and media then it will sync, taking us through to the final action of setting up an iPad in the simplest manner, via iTunes. Of course, trying to do this for a raft of devices is neither practical nor efficient. The simplest method of doing this on bulk is to take one iPad, build it the way you like it and then restore the backup onto each new iPad as you activate it, which will go some way to automating the configuration and sync sections.

And this is where a lot of school stay … an ad-hoc arrangement where a HLTA or IT Technician has to build a new ‘image’ (well … backup an exemplar iPad) and load it onto the other devices. There is little ‘locking down’ of the machine and whilst it is a bit of a mess to cope with it can be a lot cheaper than spending a lot of time and money on the other tools.

There are some quick wins though. iTunes on its own will allow you to configure certain things but to really perfect a device you need delve into the on-device configuration. Setting up for home sharing can make it easy for learners to access resources shared via iTunes (always use a second AppleID for this in my experience) but the real benefits come when you look into Settings > General > Restrictions. Here you can turn off access to iTunes, installing or deleting apps, YouTube and even Safari … though Ned and co did warn us to be careful about this as some Apps make use of Safari to work. You can set the ratings for content, allow or block In-App purchases, and more. Well worth having a look at the Online Manual of iOS 5 for more information about what setting you can control.

And this deals with basic setup of the iPad. Fine for a handful of devices and there are some tools to make bulk restore / sync a possibility when also tied in with storage / security trolleys.

In the next blog post we look at iPhone Configuration Utility and who this will build a profile of setting for you similar to the manual job of using iTunes / on-device settings.

Apple Leadership Summit – The Workshops

There were 3 streams at the event and, although I really wanted to buck the stereotype and get more involved in the content creation stream, I really had to go to the infrastructure stream as there are so many questions and queries about Mobile Device Management (MDM) that needed looking into.

I blog fairly extensively about the last Leadership Summit here and here so I already had a good idea what we were in store for, and I have also done a fair bit of investigations already. The introduction of Lion Server changed a number of things, and newer tools which have been added on since are also changing ideas about how to plan and manage devices.

I’ve got to say a big thanks to Ned and the rest of the Apple team in the workshop. We all know that companies will toe a certain party line, and these folk are no different, but the allowances for healthy interjection from delegates, questions ranging from the slightly enquiring to the in-depth technical and still managing to keep the workshop pretty much on track meant that they had to field some difficult questions and gave some pretty good answers, and tried not to disappoint when they could offer no more than some basic “sorry, but there is no VPP yet” responses.

I’ve also got to say that there are some legal and regional things about MDM which were covered. The Apple folk did remind us that *we* have to make sure that *we* are happy that *we* are following the T&Cs, laws of the land, etc. The session was a technical one, not a legal and contracts one. There are differences about how we might opt to manage things in UK compared to US because of a number of facts, but the main one is that the Volume Purchase Program (VPP) does not operate in the UK so solutions which talk about bulk purchase and pushing out apps are technically possible in the UK, but not following the rules at this time! We did look at options about how to ensure you are fully licenced and that is another key fact to remember.

So, caveats done and we can continue.

The session started with each delegate introducing themselves and explaining what they were looking for from the session. It was good to see a range of primary, secondary and special schools, people employed by schools and 3rd party support firms, as well as representatives from RM and Jigsaw24. In general most are looking for ideas about how to deploy and manage devices, and about app deployment and the legalities behind it.

Presently we tend to think of traditional IT deployments of suites in classrooms, or we have started to move away from them to mobile classrooms. We then also have those who have gone (or are starting to go) down the one to one route to give an easy way of all being able to access devices (a common theme from the day, to be honest). iOS devices are slightly different and we have a number of options. How you plan your infrastructure is dependant on how you want to plan to use the devices.

We can split it into 3 areas. Device Sharing (closest to present day), One to One (mix of institutional and personal data) and User Responsible (highly personalised and almost anything goes). Once you have thought about which option you want then you can start to plan how to get there. Personally I think it is likely that once you start planning then you might find barriers to going down certain routes and you might have to make compromises … sometimes down to money, sometime down to the need to change the curriculum … it doesn’t mean you shouldn’t try but there might be times you have to be a little pragmatic.

Looking at the methods of managing devices we can see 6 areas.

iTunes – which we are pretty used to with them being consumer devices, but with a large manual requirement

On-device configuration – where we use the settings on the device or on particular apps, again a familiar task with a large manual requirement

iCloud – again something we might be used to

iPhones Configuration Utility (IPCU) – a way of generating profiles which can be applied to one or more devices. Those of us used to GPOs within Windows AD or WorkGroup Manager with macs will find this fairly familiar and the idea that a GPO is just a series of registry changes, or in WGM generates changes to .plist files … profiles are pretty similar.

Apple Configurator – the new kid on the block which is likely to be key for many of us. It allows for prep for mass deployment, supervising devices and assigning devices to individuals within the organisation.

And finally … Mobile Device Management (MDM) – the full blown tool which makes use of a framework provided by Apple to do all of the above. Within Apple’s toolset we have Profile Manager on Lion Server (used in conjunction with some of the above where needed) and you have an MDM lite solution …

There are a number of good 3rd party MDM solutions out there and to some extent it is a bit like making the decision about whether to use middleware on your network to manage Windows, whether it be RM’s CC3 or CC4 or one of the other products out there (Viglin’s Classlink, CSE, etc). It also depends on the mindset of the school. If it the attitude is “lock it all down” then you might want one route, and if you prefer a more ‘enabling’ and user reliant option then you go down another path.

So … there we have the first post … with the above tools you can go from delivering a shared device in a library which can be set up quickly for each user as it is booked out to them, a device which has all the settings for email etc and just requires the user to finish it off by putting in their username and password, you can stop the buying, deleting or even access to various apps, or you can bulk prep personal devices but to get access to your wifi settings they have to ‘log on’ to a certain managed profile. Over the next week I will try to cover each tool in a separate post.

The final thing I will say is that, whilst not explicitly mentioned, it is important to have a decent infrastructure for the devices to run over, and a presumption that most of the management / config will be done on a Mac (some tools don’t require a Mac but the significant ones will do).

Apple Leadership Summit – Intro

It is good to see Apple throw themselves into the education arena a bit more after having been notoriously shy over the last few years. With the corporate stance on attending tradeshow meaning that the official presence at BETT has not been a possibility it was wonderful to see a number of combined ASE/ADE/AASP stands, actually staffed by many of the same people who came along and worked on the Apple stand in previous years.

Having attended a previous Apple Leadership Summit last October I was glad to be able to get an invite to the latest one, held yesterday at Silverstone. Over the next post or two I’ll be covering most of my notes from the event and hopefully be able to give a significant update on where I left things after my blog posts after last year’s Summit.

The notes will take from my own notes, my tweets and some tweets from others.

I’ll try to split the posts into 3 areas: vision, practice and infrastructure design … the last one is likely to be a biggie so I will probably start there. Whilst most of what was covered is about mobile devices from Apple, a lot of the principles about how you plan and think about it can be translated to other offerings.

Opening up your options…

In these days of strain budgets, restricted investment and and tough decisions we have a bit of a bidding war to get the attention of schools. With Google Apps for Education being heavily pushed through grass roots and national projects we now see some of the counter-blow from Microsoft.

It was interesting to see today the report on the Microsoft UK Schools Blog, about the announcement from Kirk Koenigsbauer – Microsoft Office Division, which looks at changes to the price plan and offerings with Office365. In the UK we tend to still view it as Live@Edu  as the changes to Office365 had not really hit us here. The price plans have been a concern to some schools in various countries, especially when they start comparing them to other offerings out there which come out as no licence / subscription cost. It appears that Microsoft have listened to this.

The previous price plan meant there a was some cost for staff and if you wanted the extra tools then there was a cost for staff and students. Now, the A2 plan is free. This gives you the email and calendars, online storage, online share point, online web apps, IM and presence … and with it you now get Lync for video conferencing. Yes, there are still other add-ons which will have a cost, such as integration with your PBX, voicemail and so on.

This now puts it back into real contention with schools and I can even see a variety of specialists now offering to help deliver this into schools in a similar manner you get certified teachers / trainers with Google. Add branding, integration with your school Directory Services, pre-designed SharePoint templates … all of which you can do yourself, of course … and it becomes an interesting prospect.

So, what could be the downside. There are still questions about integration with your AD, as there is a cost for FIM I believe, and from a DM I had on twitter I am not sure about where it fits with EES. For many schools these will be moot points, but it could be a swing factor for a small number.

Overall … a good thing, but be prepared for fans of both Office365 and Google Apps to swing into action with why their preferred solution is the best thing. The key is to look at the differences and see which is most important to you.

My issues with BYOD

Firstly, let me state that I am an advocate for BYOD and anything else which gets more technology into the hands of learners so that it can be used *where appropriate* and that will also include some work to help SLT, Teachers and learners understand when it can be appropriate. As part of that I love to see the blog posts, articles, videos from folk at Microsoft, Google, Apple, Learning Without Frontiers and many, many more.

My first issue is around the shiny tech syndrome … the same issue that cropped up with IWBs and many other fantastic tools. You hear (or experience) a school saying “School A is using technology X and has fantastic results and we sort of understand why so *we* have to use it to!” and yes, I know this is a bit of a generalisation but we can all understand how it happens, the hard work folk involved have to put in to make it work as a result and that by some more careful thought it can be the success we all know it should be. This applies to so many different things in schools (and other sectors) so it is not just a technology thing. Having to think and plan about something can be mundane and boring but it can be, for your school, the thing that makes the difference. It is worth saying that not all schools need to plan as much as others … some schools have a culture of adaptability and innovation … and so can pick things up that bit quicker … going from a trial to full implementation with far less work, less planning, more trust between people involved (an important factor) and get wonderful outcomes. When trying to think of something to equate it to I tend to think how would a school deal with having to teach every lesson in song. If you think your school could adapt and change, very little training, understand the benefits … then this could be a sign you could go to BYOD with little educational pain.

And this gets to my second issue. BYOD and consumerisation of IT is wonderful. It puts good kit and tools in the hands of people who will make good use of it. There are barriers to this and some are practical, some are educational, some are technical and some are legal. This is where those schools who spend more time planing might be better off.

Let us deal with legal in this post … and this will not be a comprehensive list, will not form any sort of legal advice and should not be considered as a reason to go for BYOD or not to go for BYOD … merely a pointer for starting conversations with the relevant professionals who you would normally go to for advice and instruction (hopefully that covers my backside!) … so please take it as such. There are lengthy eSafety Law in Education discussions which can be had around the use of technology, online tools, walled gardens, etc and these should be considered. I cannot find a comprehensive list of what this involves other than schools should apply with the laws with regarding safeguarding … but I know that it will cover (and not a full list) The Education Act 1996, H&S legislation, Safeguarding Vulnerable Groups Act 2006, Common Duty of Care … as well as other legislation in place to deal with bullying, physical and mental harm.

And then you get onto what some regard as the mundane aspects of legislation … and whilst we have mentioned H&S already we do have to come back to that when we consider the problems some schools used to have with trailing wires in the early 1:1 laptop schemes … not so much of a problem now with mobile / handheld devices but not everyone will be bringing in iPads / Android tablets … there will be laptops, netbooks, ultrabooks … and devices will also need some charging during the day as learners forget to bring them in fully charged or as the battery slowly burns out. This also steps into the practical aspect so we can leave it there for the moment. The next bit is about security. As much as we might not like the idea, we have a responsibility to ensure that all the data, the personal information, the work created by staff and learners, the services that are provided in the school, the machines we work on each day and the devices we connect on the network are safe, secure and there will be no loss or damage.

When any device connects to a system there are both legal requirements and usually terms and conditions for that connection. With your phone it is the contract you sign and the law of the land. You are not allowed to disrupt communications, misuse data, use communications maliciously, etc as points of law. You then also agree a contract to say you will follow the rules of who you connect to … which includes the above laws (and more) and also things like the amount of data you can download / upload, damaging the name of the firm, etc … and in schools the contract *has* to be signed by the parent as a minor, as has been pointed out to me a few times recently, holds no or minimal legal power. To some extent this is similar to school rules though … but this means that you *have* to consider the damage which could be done. You might not allow some children to connect devices to the school systems due to previous actions in the same way you might not allow some children to use sharp knives in DT lessons due to the previous damage they had caused (which, technically, would be criminal damage and that is something you can hold against some children as a criminal offence … but how many schools do prosecute!)

So, we have covered the idea of a contract and that there are legal requirements for a safe system. This includes protection of data loss / damage, viruses, use of the school systems to launch attacks against other networks. As much as we might want to think that these should just be covered by who ever does your tech support … the buck stops with the Head and Chair of Governors. When schools have lost data and had to sign Undertakings with the ICO it is the head and Chair of Governors who have to do it … and it is their neck on the line for the fine and even jail.

I recently asked a group of schools about what laws they have to follow to run a school network, what standards are out there for this and who would they go to for advice. Majority of SLT put the onus on their IT Support (either in house or contracted) and even those who accepted that they could not devolve the responsibility (it is only ever shared) they had to accept the limitations of what they could reasonably manage to cover themselves.

Personally I would love to see a legal review of what it takes to run tech, including BYOD, in schools. It is worth saying that none of the above should put anyone off … just show them the areas that need dealing with and I hope to cover a few more areas (technical / practical) in the next posts.

A summary then. No matter how much we all want to focus on the inspirational benefits that BYOD brings, we also have to fact a few realities that it is like any other change a school faces. It has to be done for a good reason, has to be planned and has to take into consideration legal boundaries, operational requirements and a lot of the other boring stuff. Educational benefit is not a magic want that will sort or over-ride the other stuff … just a really good reason for putting the effort in to sort it in the first place.

So, what would folk like to see next?

A breakdown of managed wireless?

Dealing with proxies?

Day to day operation in schools?

I am open to ideas and information … I don’t have the answers and I am always looking for others to share what they have done so far and the lessons they have learnt.

BETT 2012 – The Summary

It may seem a little strange to write a summary without having written the other posts … but best to keep things short and sweet.

There will be more posts, but rather than the initial splurge of activity post-BETT I thought I would share ideas, opinions, what I saw, conversations I had, etc … but over a longer period … and it also means that I have the benefit of looking at blog posts from others too … and this year there are a plethora of posts!

I am pretty sure I can summarise the event pretty quickly …

From the point of view of a regular visitor / exhibitor … a few new things, not much of a change of emphasis (i.e. no sudden swings to IWBs, VLEs, tablets, content, $new_revolutionary_tech, etc) but more emphasis on showing use in classrooms / the difference it makes to a school.

Strategy … a fair chunk of the show was taken over by the idea that schools have to make the decisions now (a good thing) because there is no-one there to help them. I felt this is not quite true as there are a raft of people around to help schools … LAs still exist, communities of other schools are collaborating more, there are plenty of formal groups ranging from The Schools Network and NAACE through to think tanks and special interest groups such as Computing At Schools, and this is before we get to the amount of support and sharing going on via the exhibitors at the show. To some extent Mr Gove’s opening speech covered the importance of taking control of your own destiny and so on … but more on that in other posts.

Networking … for many this is the key to the show. We are not talking about the movers and shakers meeting in closed rooms, but innovative and exciting teachers / senior leaders / IT Support having a chance to meet with others of the same ilk, sharing ideas and projects. These range from people from the K-Team through to fellow EduGeek members. Sometimes it is a mutual friend who introduces people, sometimes it is the fringe events giving chance for people to find new connections (Collabor8 4 change) and sometimes it is the exhibitors joining the dots.

So, a hectic 4 days followed by a few weeks of picking through the various notes I made, videos and pictures taken, emailing new people I met and keeping in contact with old friends.

I will also try to link to specific blogs and articles I have found of interest during or post event … and looking forward to reading a lot more of how other felt about the show.

(Also posted via EduGeek Blogs)

Tech Support – By Schools, For Schools

I know some of you might already recognise the phrase including in the title, as it is a central tenet of the ICT Register, but the same ethos is wide spread within the education community. It doesn’t matter whether you are talking about school staff getting together at TeachMeets, having in-depth discussions via twitter though things like #ukedchat, online communities such as EduGeek.net or more local groups such as NorthantsBLT the growing role of schools taking ownership of their advice and guidance and how they share it with others is a very important part of how schools need to react to recent changes which have come out of DfE.

Many of the above are free … well, when I say free I really mean that they are paid for by people and schools using their own time for the benefit of others because they get the same sort of response back, or it is a bit of educational philanthropy on the part of others. This is brilliant in many ways, but can make it difficult to plan for sustainability. Also, there is nothing wrong with paying for advice, guidance, ideas, expertise, etc. There is often a saying used, “you get what you pay for!” and this is very true. People forget that the payment is not always cold, hard cash, but time and your own expertise … and when time, expertise, capacity and ideas are running short then people face the reality that paying for something is almost inevitable.

And this is one of the areas where I think some schools do it wrong. It shouldn’t be that paying for something in cash is the last option, it should be considered an option from the very beginning when you are planning what you need, what your goals are, how your school will develop / deliver things like CPD, technical support, parental engagement, etc.

Technical Support is a perfect example of where failing to plan can result in staff in the school, both techie and teacher, having to scrabble around to find information and guidance. I have been preparing a number of reports around the use of Framework for ICT Technical Support (FITS) within Northamptonshire schools and conversations with schools who have staff trained and accredited against FITS has shown what a difference planning makes. Except that it doesn’t just stop at the school gates. A number of schools are actively involved in supporting other schools. This will range from Lodge Park Technology College being actively engaged with the ICT Register and Microsoft’s Partners In Learning, Sir Christopher Hatton School providing support on Microsoft training courses and technical support to local schools, Wrenn School providing technical support to local schools and staff being active in online communities such as EduGeek.net, and both The Duston School and Southfield School for Girls providing staff time and expertise to chair local working groups such as the Schools Broadband Working Group and NetworkNorthants (the local IT Community for technical staff in schools and school support providers). Some of this is for free (i.e. no charge to others) but some of it does have a cost and is well worth it.

Having another school cover your tech support or provide advice around it has some major benefits. This can range from educational understanding and expertise, through to experience of deploying some education specific technologies. Couple this with easy access for teachers to talk with teachers, SLT to talk with SLT, you can having a winning combination.

So I was please to see, over the weekend, a tweet from a friend on the south coast. Tim Dalton is the IT Consultant at The Wildern School, the school which runs its own TV Studio (BBC Schools Report), has previously run YouTube style services for other schools, has developed advice and guidance on using media technologies in schools … and much more. Tim put a tweet out letting his PLN know that they are doing it again, taking their expertise and bundling it up for others. This time it is is punnet; a support, development and advisory service for other schools. Whether it is hands-on, regular tech support, development of software and applications for schools or advice and guidance around classroom use of technology and school strategy, Wildern hopes to be able to cater for your needs.

Yet another example of By Schools, For Schools …

Do you have more examples? Are you involved in similar to the folk at punnet or the other schools mentioned? Have you spoken with other schools to share ideas, expertise, tools and goals? Go on … now is your chance.