Tag Archives: esafety

DIGITAL PARENTING – TEACHING CHILDREN ABOUT TECHNOLOGY AND THE RISKS

(originally posted for Mobile Guardian)

We always welcome working with schools on eSafety, especially when it comes with supporting agencies and schools in their delivery of Get Safe Online. That is one reason why Tony Sheppard, our new Technology Manager, took a trip to Chesterfield last week as Chesterfield Safer Neighbourhood Team were invited into one of the local Junior Schools.

Supporting the Get Safe Online programme is an important part in our role of providing tools to support technology in schools and ensure the same ethos of classroom management can be applied with or without mobile devices and stop technology being a barrier to learning by giving ownership and control to teachers where appropriate.”

It is not just about turning technology off or blocking inappropriate content, but also about helping schools, parents and children make appropriate decisions in the all-encompassing digital environment.

Whilst the Safer Neighbourhood Team covered the stats and facts, the laws and the wherefores, Tony talked about the difficult task parents face with connecting with their children about technology and the risks.

“When we talk about Digital Parenting, we are really just talking about Parenting. We have to remember that magic triangle for Parental Engagement.”

Parental Engagement Triangle

(Becta: Exploiting ICT for Parental Engagement, May 2008).

“For most parents the important area is dialogue between them and their children. When we think about where we get advice about parenting, in general, we have a large number of options for us. School, family, friends, local services (such as the library or community services), online … and from our children themselves. Remembering that Monday was World Mental Health Day, it is important to remember that listening is an important part of parenting.”

Childnet has produced a number of suggestions for conversation starters with children

  • Ask your children to tell you about the sites they like to visit and what they enjoy doing online.
  • Ask them about how they stay safe online. What tips do they have for you, and where did they learn them? What is OK and not OK to share?
  • Ask them if they know where to go for help, where to find the safety advice, privacy settings and how to report or block on the services they use.
  • Encourage them to help. Perhaps they can show you how to do something better online or they might have a friend who would benefit from their help and support.
  • Think about how you use the internet as a family. What could you do to get more out of the internet together and further enjoy your lives online?

Childnet also provides an example of a Family Agreement that can be used to support the appropriate use of technology.

There are many scenarios around family use of technology, and we can look at these over the coming weeks, partly because there is often direct correlation between the struggles parents and their children have and the struggles with classroom management.

  • The Nag Factor
  • The Unexpected Gift
  • Always Switched On
  • Don’t Ever Switch It Off
  • Compromising Photo
  • But Just How Much Are You Costing Me?
  • The Packet Of Crisps

Once you have thought about what you want to do with technology, and how it is going to be used, only then do you think about what technical controls you need to put in place and who provides them.

The latest edition of Vodafone’s Digital Parenting magazine also provides a wide range of advice and information and the magazine is freely available to all schools.

With parents, they need to think about their Internet Service Provider, Mobile Provider, home networks (controls on the router for WiFi passwords, timed access, etc.), built-in tools (advice from Microsoft, Apple, etc.) and Commercial tools (covering timed access and location controls, web filtering, control which applications can be used, control installation / deletion / in-app purchases).

The same questions can be asked within schools and it is always best to be proactive about making sure the tools you choose match how you manage your classrooms and manage the learning.

At Mobile Guardian we provide a home MDM and parental dashboard, as standard, to all parents at school utilising our technology. That way parents can manage school and home owned devices – for free!

To find out more, ask your school about Mobile Guardian and follow us on Twitter to keep up to date with all our safeguarding tips.

Why Information Security Standards make sense to School Leaders

Having worked with Learning Possibilities as a client, a consultant and as a Project Manager, I still find myself relating almost all my activities to the following phrase, “What Would School Leaders Think?”

For most people in schools, awareness of Information Security standards is limited, and usually only heard about when talking about data protection or when they have been told that they can’t or shouldn’t do something, by their IT Manager, the Local Authority or a Governor.

In fact, most schools should be able to easily understand not just the importance of Information Security but how it is assessed at companies like Learning Possibilities, and that understanding is all down to thinking like OFSTED.

As with OFSTED visits to schools, companies certified to ISO27001 (the principal Information Security standard) will have regular audits and inspections from an external body.

As with OFSTED, Leadership is key. It is not about recording security incidents or how quickly they are dealt with, it is not about recording how well your backups run and it is not about recording the results of penetration testing. It is about looking at how Leadership set objectives, evaluate them and justify subsequent decisions.

Yes, there is record keeping. Yes, there are processes and procedures that have to be followed. Yes, there is regular training on Information Management, Information Security and Data Protection. Yes, there are issues and risks to be dealt with. However, these are there to provide evidence to Leadership and the quality of work is more important than ticking boxes on the 114 controls across 14 groups.

Internal audits are the book scrutiny sessions and staff observations. External audits are the OFSTED visits. The Information Security Management System contains your Statement of Applicability (let’s call it your SEF), your policies and procedures, your record of decisions, your Objectives and Measures (5 year plan?).

It goes on. There are so many similarities and helps show School Leaders that Learning Possibilities understands the impact of OFSTED, not just because of the educational impact, but because we have our own version to go through. We also know all too well about it being about key decisions, not just weighing the pig!

External audits are done each year, and you recertify after 3 years. Out of the 3 possible outcomes only the top outcome, which is effectively a 100% adherence to the standard, gets you the certificate.

What does this mean for our customers? Well, the standard is a way of showing both the importance of Information Security to us as a company across all our work, and also that we put in the time and effort on it, ensuring that it is part of our core ways of working.

So, after a 13 month programme of work we are more than pleased to say that we passed our External Audits for this year and have now been issued with our certificate, after coming through with flying colours, the equivalent of Outstanding.

I say a 13 month programme of work … we have already started on the work for the next 3 years, including the work on the international update of ISO 9001:2008 to ISO 9001:2015, the standard for Quality Management. Another opportunity for us to hold ourselves open to inspection against the highest possible standards.

Cloud Storage – update

This is still an ongoing discussion in several places and occasionally I get a prod to look at something and respond. In this case it was a thread on EduGeek (again) and so I responded.

Below is a version of what I posted (with typos / language corrections)

When considering the use of cloud storage there are a number of areas to consider. 

  1. Under the Data Protection Act the most relevant of the 8 principles is principle 7.

    Appropriate technical and organisational measures shall be taken against unauthorised or unlawful processing of personal data and against accidental loss or destruction of, or damage to, personal data.

    In previous years the ICO has talked about reasonable steps, but they now make it clearer that it is ‘appropriate’ measures, and consideration of this has to be based on the type of data being stored / processes and the likely impact / damage should it be compromised.

    Translation? Before you decide where you can store things you have to consider what you are storing.

  2. When looking at cloud based storage you need to complete a risk assessment of what is being stored, where it is being stored (location of actually servers, company history, T&Cs, etc), what measures are being taken (technical and organisational) to protect it and what are the alternatives?In the past there has been lengthy discussion about the suitability of certain services. Google Apps, Microsoft’s Office365, Dropbox and so on. The principles above stay the same. The ICO talks about data being processed outside of the EEA, companies that have signed up the Safe Harbor agreement between US and EU, advice on cloud computing in general and so on. The important differences between private cloud, community cloud and public cloud (and the resulting hybrid model that is possible with some use of all 3) should be considered here.Translation? Putting things in the cloud is fine, but you have to plan what you are doing and take care to make sure about the partner / service you are working with.

Previous conversations about the use of dropbox can be summarised in the following points

  • Do we know where the data is? Yes, we now know they use Amazon storage based in the US.
  • If the Data is outside of EEA can we still use them? DropBox have now signed Safe Harbor so there is nothing there stopping you anymore.
  • Is it safe? Yes, for a given value of ‘safe’ … the data when stored it is not so much how the data is transferred, or how it is stored when it gets there … more a case of how is access controlled. This takes us back to the ‘appropriate technical and organisational measures’ part of theDPA.

Now let’s look at what considerations should be taken for *any* cloud based service. This is not a definitive check list, but it is a darned good place to start from chatting with most folk.

  • Check where and how the data is stored.
  • Consider if it is within EEA or in US and with Safe Harbor signed. If it is with a US company who has signed Safe Harbor but there is no guarantee the data is held in EEA or US then you have to consider the locations where it is stored and the impact any local laws there may have (e.g is it stored in Australia, Brazil, Thailand, etc and do any local laws mean data could be seized differently to if UK / EU / US laws were applied?) and how this affects you.
  • What are the guarantees around the company? Anyone can set up a service but do you trust the company? Have they passed any security audits? If they are a specific education company do you need to consider DRS checks?
  • Now the data is stored outside of the school what are the restrictions on access / processing? Technical? Organisational? What are your audit trails for this?

Bringing it back to DropBox again … the main concern here is how the data is accessed and cached on local drives. Is the account a ‘personal’ account that is being used? What guarantee that you can control the data should that personal account no longer have the right to access the data?

  • Scenario 1 – HoD needs data to be shared with teachers in her department. She has a DropBox account, as do others. She uploads a coursework logging spreadsheet into a shared folder and others access / complete it. A member of staff leaves so that access needs to be removed. Who removes it? As the service used is personal then it has to be the HoD? Is she aware of this?
  • Scenario 2 – HoD needs data to be shared with HoDs for other departments to target intervention children. The spreadsheet will contain reasons for intervention, including details of personal circumstances (which can include Sensitive, Personal Data). A member of staff is suspended due to allegations … how is that data then secured? The school has no oversight of the methods used to share the data and is reliant on all staff taking ownership of controlling data. The audit trail for this is horrendous!
  • Scenario 3 – The same data is being shared between HoDs. One HoD installs the client on their home computer which is used by all family members. At this point the school has not control over how the data is controlled. Guidance is needed to be provided (using organisational measures rather than technical measures) but again, the audit trail on this is horrendous.
  • Scenarion 4 – The same data is being shared between HoDs. One HoD installs the client on a personal mobile device. The device is then stolen. Is this a data breach? How was the device encrypted? Can it be remotely wiped?

The above scenarios would make most people shy away from using *any* cloud service … but actually, the ways of dealing and mitigating the risk is pretty much the same as if you are using school hosted services.

  1. Make sure that your AUP for staff covers the use of cloud services and the personal responsibility that each member of staff has to ensure that they only share data by controllable means. The school needs to assess whether their staff have a good understanding of Data Protection and Information Management, and then they can chose appropriate training as well.
  2. Make sure staff understand what levels of data are being processed. DPA talks about two levels, Personal Data and Sensitive Personal Data. Becta also worked on the use of Business Impact Levels and the UK Govt still gives advice around this too. CESG has the specific information if needed.
  3. When using email make staff understand what sort of data can be shared on that service. Good practice is to store the data in a controlled location and email the link to it, rather than emailing the file around. This is also good practice for managing mailbox size too. win-win!
  4. Where cloud storage and email are accessed on a device then make sure it is encrypted, secure and wipeable. If desktops the physical security is taken into account, for laptops the device encryption, but for mobile devices (phone / tablets) there is a strong level of importance on device encryption, strong passphrase for access and the ability to remotely wipe. It might be that tablet devices need to have 3G access purely to allow them to be remotely wiped. The company position on how this is dealt with on personal devices (and the audit trail for verification too).

So, back to the question. Can you use DropBox?
Yes … but make sure you consider the above 4 points, factor in the cost (both technical and organisational) for implementing it (and yes, that includes training, checking staff personal devices, etc), the politics involved (not usually dealt with by NMs but by SLT …) and the timescales involved.

Make sure that SLT know and understand that this is to do with the application of a Law within the school … and that you are not being negative or trying to stop people doing things …

Look at alternatives. Remote access to school systems so that the data never leaves your walled garden are very good but can get very expensive.

Instead of using personal tool have a look at verified cloud based services. Some have not licence costs (O365) but you then get limitations on it being a free service, shared with others … and you have to factor in school staff time on it, and other have a cost but you then know that the service is backed up by SLAs, etc (declaration of interest … I do work for such a cloud-based service!).

I hope this covers off most of the areas you needed to look at, answered some of the questions that might arise within the school too.

Internet Safety Talking Point 1

In my last blog post I republished Scott McLeod’s 26 Internet Safety Talking Points.

Over the next few weeks I am looking at each point to tease apart the ideals behind them, to try to see both sides of the discussion and to share examples about who others have work on the issues. A lot of this will be from a UK-centric position but hopefully it will provide some insight into the similarities and differences with our friends in other countries.

Today’s point is about responsibility and accountability.

Even though they may use fancy terms and know more than you do about their domain, you never would allow your business manager or special education coordinator to operate without oversight. So stop doing so with your technology coordinator.

This raises an important point. With great power comes great responsibility, and there is a group in schools who have a lot of power. Whatever you might think of your Network Manager or Technician, of your LA Support Manager or even the Academy Technical Director (I will generically use the term NM to cover these and similar positions), how they have gained power / ownership / responsibility / control will be so varied it would take several posts to pinpoint which applies to your case. We would also end up talking about stereotypes and pigeon-holing people.

In reality it is rarely for it to be one reason as to why a single person might be making major decisions which affect a wide range of people, and it would be wrong to always assume malice, arrogance, superiority complexes on their part. It would also be wrong to assume the ignorance of senior managers in schools, apathy of staff, poor funding and poor communication. However, I am sure all of the above would sound familiar to many.

Instead, let us look at the idea of responsibility and accountability.

Yes, the NM is likely to be the expert in the field as to what technology can work, how it can work, how to support it and so on, but the requirements which set out what technology is needed should not be set out by a single person, but by a group of stakeholders working out what is best for the school (or schools if part of a larger group). This involves planning, communication, compromises, compliance (with laws, local and school policies, etc) and it will require targets / outcomes. This is where the oversight and accountability comes in … and it doesn’t just apply to the NM. It is needed … and should be in place.

And this is where we hit a number of problems.

Firstly you might be in a school where there is no communication, planning, team-working, etc and so someone has to effectively be a visionary, trying to guess what is needed or to lead on the choice of technology, almost in a single-minded way as nothing would happen without this. This can effectively place all the power and control with a single person with no oversight. This is not specifically their fault, and Scott’s point, in my eyes, appear to be a shout out to Senior Leaders in schools to wake up, stop relying on a single person and to make it more of a team effort … not a call to snatch back power from someone else.

Within the UK there is a standard for IT Support (based on industry standards) called FITS. This clearly sets out how the NM, Senior Leaders and other stakeholders can establish the targets, hold people accountable for delivering on projects / work and set out the standards by which systems will work, how changes will be decided and managed, how choices of technology can be made and how this can be measured against the desired impact.

To Block or Not to Block, that isn’t the question!

With kind permission I am reposting Scott McLeod‘s ‘Dangerously Irrelevant’ Blog Post about 26 Internet Safety Talking Points.

I hope to then follow this up by looking at each point (one a day perhaps) to strip it down and look at both sides of the point.

—————–

For Leadership Day 2012, I thought I would gather in one place many of the talking points that I use with principals and superintendents about Internet safety…

 

  1. Even though they may use fancy terms and know more than you do about their domain, you never would allow your business manager or special education coordinator to operate without oversight. So stop doing so with your technology coordinator.
  2. The technology function of your school organization exists to serve the educational function, not the other way around. Corollary: your technology coordinator works for you, not vice versa.
  3. Mobile phones, Facebook, Wikipedia, YouTube, blogs, Wikispaces, Google, and whatever other technologies you’re blocking are not inherently evil. Stop demonizing them and focus on people’s behavior, not the tools, particularly when it comes to making policy.
  4. You don’t need special policies for specific tools. Just check that the policies you have are inclusive of electronic communication channels and then enforce the policies you already have on bullying, cheating, sexual harassment, inappropriate communication, illicit behavior, etc.
  5. Why are you penalizing the 95% for the 5%? You don’t do this in other areas of discipline at school. Even though you know some students will use their voices or bodies inappropriately in school, you don’t ban everyone from speaking or moving. You know some students may show up drunk to the prom, yet you don’t cancel the prom because of a few rule breakers. Instead, you assume that most students will act appropriately most of the time and then you enforce reasonable expectations and policies for the occasional few that don’t. To use a historical analogy, it’s the difference between DUI-style policies and flat-out Prohibition (which, if you recall, failed miserably). Just as you don’t put entire schools on lockdown every time there’s a fight in the cafeteria, you need to stop penalizing entire student bodies because of statistically-infrequent, worst-case scenarios.
  6. You never can promise 100% safety. For instance, you never would promise a parent that her child would never, ever be in a fight at school. So quit trying to guarantee 100% safety when it comes to technology. Provide reasonable supervision, implement reasonable procedures and policies, and move on.
  7. The ‘online predators will prey on your schoolchildren’ argument is a false bogeyman, a scare tactic that is fed to us by the media, politicians, law enforcement, and computer security vendors. The number of reported incidents in the news of this occurring is zero.
  8. Federal laws do not require your draconian filtering. You can’t point the finger somewhere else. You have to own it yourself.
  9. Students and teachers rise to the level of the expectations that you have for them. If you expect the worst, that’s what you’ll get.
  10. Schools that ‘loosen up’ with students and teachers find that they have no more problems than they did before. And, often, they have fewer problems because folks aren’t trying to get around the restrictions.
  11. There’s a difference between a teachable moment and a punishable moment. Lean toward the former as much as possible.
  12. If your community is pressuring you to be more restrictive, that’s when it’s time to educate, not capitulate. Overzealous blocking and filtering has real and significant negative impacts on information access, student learning, pedagogy, ability to address required curricular standards, and educators’ willingness to integrate technology. It also makes it awfully tough to prepare students for a digital era.
  13. ‘Walled garden’ online environments prevent the occurrence of serendipitous learning connections with the outside world.
  14. If you’re prohibiting teachers from being ‘friends’ with students online, are you also prohibiting them from being ‘friends’ with students in neighborhoods, at church, in volunteer organizations, at the mall, and in other non-school settings?
  15. Schools with mindsets of enabling powerful student learning usually block much less than those that don’t. Their first reaction is ‘how can we make this work?’ rather than ‘we need to keep this out.’
  16. As the lead learner, it’s your responsibility to actively monitor what’s being filtered and blocked and to always reconsider that in light of learning and teaching needs.
  17. If you trust your teachers with the children, you should trust them with the Internet. Addendum: Mistrust of teachers drives away good educators.
  18. If you make it too hard to get permission to unblock something, you might as well not have the option in the first place.
  19. Unless you like losing lawsuits, remember that students and staff have speech and privacy rights, particularly off-campus. Remember that any dumb decision you make is Internet fodder and has a good chance of going viral online. Do you really want to be the next stupid administrator story on The Huffington Post?
  20. When you violate the Constitution and punish kids just because you don’t like what they legally said or did and think you can get away with it, you not only run the risk of incurring financial liability for your school system in the tens or hundreds of thousands of dollars but also abuse your position of trust and send messages to students about the corruption of power and disregard for the rule of law.
  21. Never make a policy you can’t enforce.
  22. Don’t abdicate your teaching responsibility. Students do not magically gain the ability at the end of the school day or after graduation to navigate complex, challenging, unfiltered digital information spaces. If you don’t teach them how to navigate the unfiltered Internet appropriately and safely while you have them, who’s going to?
  23. Acceptable use and other policies send messages to students, staff, and parents. Is the predominant message that you want to send really that ‘the technologies that are transforming everything around us should first and foremost be feared?’
  24. Imagine a scale with two balancing pans. On one side are all of the anxieties, fears, barriers, challenges, and perceived problems that your staff, parents, and community members put forth. If you want effective technology integration and implementation to occur in your school system, it is your job as the leader to tip the scale the other way. Addendum: It is difficult to understand the learning power of digital technologies – and easy to dismiss their pedagogical usefulness – if you are not familiar enough with them to understand their positive affordances.
  25. In a hyperconnected, technology-suffused, digital, global world, you do your children a disservice – and highlight your irrelevance – by blocking out our present and their future.
  26. Educating is always, always more powerful than blocking.

BONUS 1. Elsewhere in your state – perhaps even near you – are school districts that have figured this out. They operate under the same laws, regulations, rules, and procedures that you do. If they can be less restrictive, why can’t you?

A huge thanks to everyone who has influenced my thinking and my writing in this area, including folks like Doug JohnsonSylvia Martinezdanah boydWill Richardson, and Tina Barseghian. I’m sure that I’ve forgotten a few talking points that I’ll just add later. Which one is your favorite (or least favorite)? What would you add to or change on this list?

For other Leadership Day 2012 posts, see the complete list of submissions and/or#leadershipday12.

And the winner is … iOS6

Today was another peak in the circus of an Apple Fanboi!

The Apple World Wide Developer Conference always has some interesting things to see and today’s keynote was no different. There will always be some hype, some disappointment, some pragmatism and some anger … and different people will feel it about different things, even within the realm of Apple Fandom.

To be honest, there was nothing which was too unexpected. We saw some hardware improvements in the Pro notebook range, tweaks in the consumer (albeit expensive consumer) notebook range and a some other hardware updates didn’t make it into the keynote but have come up on the Apple Store. Until we see the new kit in the hands of testers and real people it is hard to say what difference they will make but two key items on the top end MacBookPro are likely to be spoken about a bit … access to 2 Thunderbolt ports give you high speed I/O to a range of devices, from displays, external RAID enclosures, adapters for Gigabit Ethernet / Firewire 800 / fibre channel and a range of capture devices … and you still have a HDMI port for a second display and video output anyway. Couple that with the Retina Display and you have a device for video editors, photographers and so on … giving them one of the best graphics experiences for seeing their work. Of course, the debate goes on about whether some people can notice the difference with screens of this high calibre, and whether this is a marketing gimmick … and so we will have to wait to see what it is like when people start using the machines in anger.

We saw a raft of features spoken about with Mountain Lion, the next incarnation of OS X (no longer even called Mac OS X … a disappointment to those of us who paid for the original Mac OS X Beta). A number of these have been covered before as we are now on Preview Release 4. The strength which appeared to be taken from the new features seemed to be the accessibility tools (dictation, etc) and the portability of your personal settings to other devices. We have already seen the push for iCloud and how this links with Photostream between your devices … and this increase with iMessage, Notes, Reminders, Sharing and so on …

The key areas I am looking at with Mountain Lion are around AirPlay and Notification Centre. As someone who has a lot of inbound information streams there are some tools I use to manage this, but Notification Centre looks as if it could make a big difference for me.

And then we get onto the area that everyone was waiting for … iOS6.

With no formal announcement of an iPhone5 we are all looking to see what the new OS will do on existing hardware. Although we were told it would work on legacy devices back to iPhone 3GS, 4th gen iPod Touch, the iPad 2 and the new iPad (and yes, that is how Apple term it on their site) we do not know how much of the functionality will work. Siri will work on the new iPad we are now told, but will it work on the iPad 2? I doubt it … in the same way it doesn’t work on an iPhone4. A lot of the updates make more sense for the iPhone and iPod touch than the iPad. Moving from Google to Apple’s own Map service, Passbook for holding electronics tickets for cinema, flights, etc (possibly a lead into Near Field Communications [NFC] for using an iPhone for payment services?), improvements in how you manage incoming phone calls and notifications (it has only taken them a few years) … but the accessibility improvements have also seen me amazed that Apple appear to have really understood a need on the iPad. Enabling a parent / carer / teacher to only allow one app on a device as well as restricting touch input on particular parts of the screen seem to be encouraging using iOS devices with children. Engaging them whilst not overloading them.

An area of concern is the increasing integration with Facebook … as much as I generally trust Apple we are now in the situation where the ever changing preferences on Facebook will also have to deal with how that is applied with iOS too.

There is a lot to take on board with it all and I would recommend people watch Tim Cook take the keynote, if nothing else to see the difference between him and Steve Jobs, as well as a lengthier demonstration of all of the above.

As for what it all means for schools and education …

Hardware – Apple personal computers (desktop / laptop) are expensive. They can work out good value if you buy the one which is right for your requirements and you know how to get the most out of them, but in the present times of austerity this is more and more difficult. It seems to be that more schools are going down the mobile device (iOS or Android … and eventually Windows 8 !) and this is understandable. The lack of a decent server in the Apple hardware range does show that management of any Apple Device is not taken that seriously (IMHO) by the folk at Cupertino. A disappointing comment to make, but one many experienced Mac Sysadmins would agree with.

Mountain Lion – Again, the lack of mention of how the Server tools will work means that it will be interesting to see how the devices fit into a school environment. The increased emphasis on a personalised device, with settings and information following you around via Apple’s iCloud, means that there could be clashes in an education environment. The major bonuses for me come in the way of Airplay as a means of ditching the Interactive Whiteboard (until you are ready to make the most of them) and tools such as Dictation.

iOS – Again, the emphasis on a personalised device does work well with BYOD, but the increasing number of schools I speak with who only see the shiny nature of it or the cost cutting side … iOS6 will do little to improve or support the use of BYOD over iOS5. Until we look at the management tools and what settings can be applied to encourage best use of the devices … then we should still plan on making the most of iOS5. Siri is a major improvement, but like all information services (google search, wikipedia) information on its own does not give you understanding and knowledge … so we have to understand the most appropriate use (teachers before technology folks). Accessibility will be an interesting area to work on and develop, and how we make the most of personal devices as a tool and not as a cheap (or expensive) gimmick to generate engagement for the sake of it.

I am trailing Mountain Lion on my work MacBookPro (starting to get on a bit but should be serviceable) and will put my thoughts on this blog as I discover things I like or loathe, or if I spot things that could be fun in the classroom, or things which could help a teacher or SLT change / improve their working life.

I will also be testing iOS6 on an iPad2 (my own one) to see what apps do and don’t work, to try to see if we can lock it down and tweak settings, and to see if there are restrictions on some functionality … hopefully helping people work out whether they need to go for the new iPad or if they can get away with a cheaper iPad 2.

If you have any particular areas you want me to test or try out then let me know. You lot are going to be more inventive than I am for a lot of this because you are pushing the limits in class already.

My issues with BYOD

Firstly, let me state that I am an advocate for BYOD and anything else which gets more technology into the hands of learners so that it can be used *where appropriate* and that will also include some work to help SLT, Teachers and learners understand when it can be appropriate. As part of that I love to see the blog posts, articles, videos from folk at Microsoft, Google, Apple, Learning Without Frontiers and many, many more.

My first issue is around the shiny tech syndrome … the same issue that cropped up with IWBs and many other fantastic tools. You hear (or experience) a school saying “School A is using technology X and has fantastic results and we sort of understand why so *we* have to use it to!” and yes, I know this is a bit of a generalisation but we can all understand how it happens, the hard work folk involved have to put in to make it work as a result and that by some more careful thought it can be the success we all know it should be. This applies to so many different things in schools (and other sectors) so it is not just a technology thing. Having to think and plan about something can be mundane and boring but it can be, for your school, the thing that makes the difference. It is worth saying that not all schools need to plan as much as others … some schools have a culture of adaptability and innovation … and so can pick things up that bit quicker … going from a trial to full implementation with far less work, less planning, more trust between people involved (an important factor) and get wonderful outcomes. When trying to think of something to equate it to I tend to think how would a school deal with having to teach every lesson in song. If you think your school could adapt and change, very little training, understand the benefits … then this could be a sign you could go to BYOD with little educational pain.

And this gets to my second issue. BYOD and consumerisation of IT is wonderful. It puts good kit and tools in the hands of people who will make good use of it. There are barriers to this and some are practical, some are educational, some are technical and some are legal. This is where those schools who spend more time planing might be better off.

Let us deal with legal in this post … and this will not be a comprehensive list, will not form any sort of legal advice and should not be considered as a reason to go for BYOD or not to go for BYOD … merely a pointer for starting conversations with the relevant professionals who you would normally go to for advice and instruction (hopefully that covers my backside!) … so please take it as such. There are lengthy eSafety Law in Education discussions which can be had around the use of technology, online tools, walled gardens, etc and these should be considered. I cannot find a comprehensive list of what this involves other than schools should apply with the laws with regarding safeguarding … but I know that it will cover (and not a full list) The Education Act 1996, H&S legislation, Safeguarding Vulnerable Groups Act 2006, Common Duty of Care … as well as other legislation in place to deal with bullying, physical and mental harm.

And then you get onto what some regard as the mundane aspects of legislation … and whilst we have mentioned H&S already we do have to come back to that when we consider the problems some schools used to have with trailing wires in the early 1:1 laptop schemes … not so much of a problem now with mobile / handheld devices but not everyone will be bringing in iPads / Android tablets … there will be laptops, netbooks, ultrabooks … and devices will also need some charging during the day as learners forget to bring them in fully charged or as the battery slowly burns out. This also steps into the practical aspect so we can leave it there for the moment. The next bit is about security. As much as we might not like the idea, we have a responsibility to ensure that all the data, the personal information, the work created by staff and learners, the services that are provided in the school, the machines we work on each day and the devices we connect on the network are safe, secure and there will be no loss or damage.

When any device connects to a system there are both legal requirements and usually terms and conditions for that connection. With your phone it is the contract you sign and the law of the land. You are not allowed to disrupt communications, misuse data, use communications maliciously, etc as points of law. You then also agree a contract to say you will follow the rules of who you connect to … which includes the above laws (and more) and also things like the amount of data you can download / upload, damaging the name of the firm, etc … and in schools the contract *has* to be signed by the parent as a minor, as has been pointed out to me a few times recently, holds no or minimal legal power. To some extent this is similar to school rules though … but this means that you *have* to consider the damage which could be done. You might not allow some children to connect devices to the school systems due to previous actions in the same way you might not allow some children to use sharp knives in DT lessons due to the previous damage they had caused (which, technically, would be criminal damage and that is something you can hold against some children as a criminal offence … but how many schools do prosecute!)

So, we have covered the idea of a contract and that there are legal requirements for a safe system. This includes protection of data loss / damage, viruses, use of the school systems to launch attacks against other networks. As much as we might want to think that these should just be covered by who ever does your tech support … the buck stops with the Head and Chair of Governors. When schools have lost data and had to sign Undertakings with the ICO it is the head and Chair of Governors who have to do it … and it is their neck on the line for the fine and even jail.

I recently asked a group of schools about what laws they have to follow to run a school network, what standards are out there for this and who would they go to for advice. Majority of SLT put the onus on their IT Support (either in house or contracted) and even those who accepted that they could not devolve the responsibility (it is only ever shared) they had to accept the limitations of what they could reasonably manage to cover themselves.

Personally I would love to see a legal review of what it takes to run tech, including BYOD, in schools. It is worth saying that none of the above should put anyone off … just show them the areas that need dealing with and I hope to cover a few more areas (technical / practical) in the next posts.

A summary then. No matter how much we all want to focus on the inspirational benefits that BYOD brings, we also have to fact a few realities that it is like any other change a school faces. It has to be done for a good reason, has to be planned and has to take into consideration legal boundaries, operational requirements and a lot of the other boring stuff. Educational benefit is not a magic want that will sort or over-ride the other stuff … just a really good reason for putting the effort in to sort it in the first place.

So, what would folk like to see next?

A breakdown of managed wireless?

Dealing with proxies?

Day to day operation in schools?

I am open to ideas and information … I don’t have the answers and I am always looking for others to share what they have done so far and the lessons they have learnt.

Think … erm … Different (part 2)

Thanks to all for the positive response to part one of the report on the Apple Birmingham Leadership Event. I have tried to continue to be as open as I can about the day, and whilst there is still considerable criticism in some parts about Apple and their strategy on technology, I hope I am giving some insight into how their tools can be used within schools. It is not intended to be a sales pitch but to give people as much information as possible to make decent evaluations on their options. I know there may be some inaccuracies in here and it is an opinion piece. Apple staff are unable to comment on it formally so if anyone who was there spots anything, please let me know.

——————

The afternoon also contained the Hands-on workshops and I opted for the technical strand, ably hosted and run by Chris Jinks from Apple. Out of my 5 Questions, a number of them were linked to the technical strand … not because I am a Geek, but because this seems to be one of the major areas which is a barrier to adoption of new tech. Lack of information and advice can be a key reason for failure of using any technology in an educational environment. it detracts from the benefits of the tools and the reason they are there in the first place. This is true no matter where the technology is from and is in no way Apple specific as a problem. However, the approach which Apple has taken in the past has sometimes been open for question. At a previous BETT show, Russell Dyas and myself were at the press briefing from Apple and when asked about giving more advice to schools on the technical side we were told that schools shouldn’t need to use in-house staff but buy the expertise in from ASEs and partners. That obviously went down well.

However, there is more information available to schools … if you know where to find it and who to ask. ASEs, ADEs and AASPs are still the first point of call for many areas but events like today are starting to fill in the gaps.

The session was a two-hour version of what is usually a full day training event. We knew it would be a tad sparse in some areas and Chris apologised about that, but there is a lot to squeeze in. Again, Apple like to breakdown the areas covered and look at it in the following blocks.

  • Mobility with Apple
  • Creating Content
  • Distributing Content
  • Managing Devices
  • Infrastructure for Learning

What is mobility? It is about my content. Anytime. Anywhere. Video, Audio, text, applications … things I create and consume (I was feeling like I was listening to Graham Brown-Martin from Learning Without Frontiers actually). This is about whether in a lab, at home, on the move, etc … important to remember the difference between 3G, WiFi, LAN. We looked at having to consider the broadest audience … desktops, laptops, mobile … think of who you are reaching and how. Consider the delivery mechanisms, work to standards and understand why some are moving away from certain tools. This is where the Flash-bashing started. Earlier in the day I had raised about the issues with the lack of Flash in education since there are many resources in Flash (with few plans to change from talking with some vendors) and the push is very much that Flash might have been very good once, but now is just not suitable because things like killing battery life, CPU overhead, etc. Likewise, when conversation go onto standards HTML5 was up there are the way to go … and I had to point out that it isn’t ratified, that there is the risk that it might go down a route Apple don’t want and that time / money could be wasted. However, Chris did ask what the alternative would be then … and after you rule out the use of Flash (and we can have a long discussion about Flash and open standards) there is little left to go for. As an aside, I have been party to a number of rants about how bad Flash is, especially for updating, things breaking and not being open, yet when someone decides to drop it (such as Apple or Microsoft for the Metro interface of Windows 8 ) you get an outcry of the masses … sometimes I think you just can’t win!

Back to the session though, and we looked at what were the building blocks (Text, Audio, Video) and the construction areas (podcasts, web, apps). Again, stressing the use of open formats, text comes in 2 forms – PDF and ePub. I did query (via Twitter) about whether Open Document format (ODF) should be included in there and after some research it is indeed a standard for office documents along with OOXML and even the UK Govt has previously stressed ODF and open standards should be used as a standard for sharing documents … and it has support from Apple but iWork still does not support ODF. We already know that PDF is fine when used in it’s simplest form but as soon as you start adding other objects into it (video, etc) then you are relying on additional code to make it work … and there in lies a problem. In schools it is so frustrating to receive materials as PDF from an exam board only to find you need a particular version of Adobe Reader to open it and that it will not open in any other PDF reader. This is where ePub comes into its own. It gives a greater user experience, allows for more user control such as changing font, text, colour, flexible orientation, etc. Personally I like to use Scrivener or Calibre to create ePub files. When looking at audio we talked about the importance of compression vs quality. MP3 still wins out as a format for many. For video we looked at the difference between Codecs and Containers, H.264, MPEG-4, MPEG-2 : m4v, mp4, 3gp, mov, avi, etc … and looked the simplicity of selection within the Apple toolset. Assembling all these parts together is the construction bit … and this is what makes the difference.

The Web is standards based … HTML5, CSS3 and JavaScript. At least these are where Apple technology is centred … mainly because it works and keeps things simple. We looked at the use of apps v web and a hybrid approach, but Chris was keen to say that Web Apps give the best method of dealing with a broad audience. We looked at using Pages to create ePubs and it does work extremely well …

Distributing content is an important factor in education still. As much as we might love the idea of user created content and co-creation as an approach within the pedagogy of your curriculum, you are pretty much guaranteed to have some content to distribute to the users / pupils / students. There are 2 ways to get content onto devices, via cable or via WiFi. Cable requires plugging in and using iTunes. This is suitable for personal or 1:1 devices but is a pig for class sets. Even setting up the small technology toolkits we have had going out to schools takes up time and I was glad that Peter Ford was doing it rather than me! I have to admit that iOS5 and Sync over WiFi has been very handy for me on my own devices … but again, that comes down to personal responsibility. When it comes to WiFi there are a number of tools for hosted shares for accessing WebDAV style solutions … WebDAV Navigator can be a handy app and many apps have tools to allow you to save to WebDAV too. I did ask about the use of iCloud and the Data Protection Act and at the moment there is no direct guidance / advice. As always with these things, if you have concerns or cannot confirm you are not covered then you should not use such services. On a personal note I think iCloud to a local server would be a good option … but I doubt we will see Apple do that for a variety of reasons, including security. The methods of ensuring that published apps are done via Apple’s services are also part of the locked down environment and I’ll leave it to iOS App Developers to give better explanations of how and why this works. As far as those deploying solutions in schools go … you are not bundling your own apps and pushing them out GPO style.

We then started to make use of a locally deployed Lion Server. This was key to how the workshop continued but with a bit of careful thinking a number of the features can be delivered via other options. We started by accessing the Wiki Server, an easy way of getting resources made available by the class teacher, in this case it was hosted on a local MacMini Server. Interestingly I was discussing the use of Wikis with Tom Rees (@trees2066) and we both agree that this is one of the best co-creation tools out there. Unfortunately, as far as I have been able to find out, Wiki access is a bit clunky still in Lion Server. If anyone has a good guide to allowing student control of the Wiki I would appreciate it.

Then we get onto controlling the devices. Yes … I know most are thinking the same I was … about time, but it really did make sense why the session followed the structure it does. You need to understand what type of resources may need to be used and how they are accessed first.

The session talked about the 3 options … the personal device (in a 1-to-1 situation), the institute owned device assigned to an individual (still 1-to-1) and the shared device. With a shared device it is a fixed setup, only admins make changes … and you have to return to base (i.e. the SysAdmins) to reset, update or redeploy.

With any 1-to-1 setup you are going to get a mix of institutional and private data. Apps could be owned by the institute (gifted?), provide updates one recovery capabilities … but there is a massive amount of user responsibility. The User is in charge, can do pretty much anything and chooses to accept the configuration to be part of the educational environment … but more on that later.

All new devices (or when devices get redeployed) have to go through 4 steps. Activate, update, configure and sync. Who will do these steps really depends on the model used. Mobile Device Management tools are key. It seems that Apple’s MDM tool actually uses the same provided sub-set of controls as the larger commercial offerings out there. There is a difference in the UI and when you buy in a commercial package you get told how it will work … I suppose this could be viewed as the same as using parts of RM’s CC3/4, which bolts on / controls aspects of Microsoft’s Active Directory.

A key aspect of using MDM though is the Certificate Signing Request. No matter what you use, this is a must (again, going back to the security mentioned earlier) and is needed as part of the Apple Push Notification Service … Security of updates of configurations is carefully thought out here … and yes, it needs to be thought out and planned, the central server / controller needs to be available … and at this point you realise that if you don’t have a central machine then you are going to struggle. If you already have an OSX Server to control any desktop / laptops from Apple … then this is where to start.

Centralised configuration can do a lot … sort out wireless settings, proxy settings, email, calendar … and much more. A number of these can also be provided on OSX Server, but you can also use other providers too. Exchange is big one in many schools now, but I have recently seen a setup accessing a hosted Sharepoint / Exchange solution from a VLE provider too. But back to the configuration … One important thing to remember … you cannot stop people removing apps via the central configuration, it is a setting you have to do on the local machine (Settings > General > Restrictions … then Enable Restrictions and turn Deleting Apps off).

The main config tool you will come across is the iPhone Configuration Utility to create Profiles of how devices will be configured. These are then initially pushed to connected devices (via cable) or pulled by the user. This is where OSX Server comes into play. The same box running the Wiki Server also enables devices to connect to a configuration service. Pretty simple really. Set up a guest wifi in your school which only gives you access to the config server. Connect to the server via a web page. Pull down the config (if you are allowed too … security starts with User Authentication) by authenticating, install the provided certificate and then the encrypted config comes down over the air. The details of what can be controlled via the iPhone Config Utility are covered in detail in Apple’s documentation and there is quite a bit covered there. This new config can then have the *real* WiFi network settings in it.

Those of you who have experience of dealing with .plist files for controlling Apple OSX devices via WGM or .adm files for GPOs will not be surprised that the settings are just XML strings … but the config tools do all the work for you.

The session showed some examples of over the air changes. We had YouTube running … and then it was gone. The app closed and was then gone from the device. Access to particular WebApps / resources pushed out as weblinks. Device access to OSX Server provided WebDAV used to show uploading of pictures and documents created in Apple apps such as Pages.

The session really did only touch the tip of the iceberg, and I think that even doing a full day would not cover all the questions many of us would have. Like many things, it would only be after a few weeks of hands-on testing of a deployment that we would have a good idea about the full extent of what can and can’t be done, the different places you have to go to to make changes, the extent to which Apple security controls so many things … and so we come onto the positives and limitations of central deployment.

I’m not going to strictly put them in order, because so many are linked.

The ability to have some control is needed and what you get is kept as simple as possible. This keeps the background load on the device pretty low, which has the positive affect of longer battery life, etc … let’s face it, we have all moaned at some point about the load AV software or certain middleware applies to devices … and it also means that there is less chance of conflicts of settings. The limitation is that you have to operate within boundaries of the tools and settings you have … you can’t suddenly think of a new tool or setting. If the option is to turn YouTube off then that is what you have … not just limit it to particular sections. For that you have to use another tool such as a proxy server / filtering solution. You can’t stick remote monitoring tools on there such as you might have on desktops (Impero, NetOp, AB Tutor Control) or the security key loggers (Securus, Policy Central) as this is not what it is designed for.

As a device which can be personalised you also have to accept that the user can choose to turn of your centralised controls. If they do then they loose access to all those settings you have loaded onto the device … the wireless, the email, weblinks, etc. Now, I know many will be screaming at the screen right now about that being useless in class environment … the disruption as yet another student needs to go to see IT Support to get things fixed … but surely this is just another bit of classroom management. If a child doesn’t turn up with the right PE kit, or damages equipment in Design Technology … then surely it is a discipline issue, not the problem of the equipment / technology. And yes, it does go back to what has been mentioned before about carefully thinking about which model you are going to use.

Personally, I can see a class set of iPads only really being usable if there is an OSX Server device in the same room and accessed by the class teacher. There will be some admin tasks around this and I can see that being a problem due to some restrictions about how much tech support / admin teachers should be doing. I think you do need this personal access to the OSX Server too as this will be a key tool for providing access to resources and pushing things to the devices. I do also worry about how files / resources on a class set of devices would be tidied up / cleaned out. This needs a bit more thought and planning really. In a 1-to-1 scheme this is the responsibility of the user, and you could say that tidying up the device could be seen as an activity by the child in the same way they would tidy up the classroom before leaving a lesson … but we all know things get missed. All it would take would be for one naughty child to find a dodgy picture or, probably even worse, take an unsuitable picture and maliciously leave it for someone else (another child) to find. This is not just a concern I have about Apple devices … far from it, I worry about the misuse of any handheld device … and the lack of pretty much any control on Android devices worry me even more. We’ll have to just see what happens when Windows 8 comes out too, but based on previous experience of working with Microsoft tools … I think this will be a bit more thought out.

So, a summary.

iPhones, iPod Touches and iPads can be centrally controlled in an educational environment. It is best designed for a 1-to-1 scheme rather than class sets, but that doesn’t mean it can’t work and work well. No matter what model you choose you will have to think carefully about how you want to deliver the curriculum, how you will push out access to resources, how you will change some of the school procedures to take into account the growing use of handheld devices and this really does mean thinking about how classroom management will deal with things rather than relying on technology to fix things for you. You need to look at how you deploy and control your wireless networks.

I would honestly recommend anyone looking at either class-sets or 1-to-1 schemes to talk with other schools already doing it. You must also talk with at least one Apple Solutions Expert or AASP. They will help you with access to Apple Distinguished Educators who can work with you to think about your curriculum to make the most of the investment made in the kit. It is not just about the cost of the equipment alone.

ASEs will also help you access other things too … including things like information / support from Apple Financial Services. If you are serious about going to a 1-to-1 scheme then the finances need to be carefully thought about. I have seen too many 1-to-1 schemes fail on that aspect or fail on the curriculum design.

There are plenty of good resources on the Apple site to go through (some already linked) and the case studies make interesting reading … and with enough time in-house staff will be able to deliver good, workable and stable solutions … but I would still like to see a comprehensive guide as to how to deliver this. However, we have already covered how Apple tend to deliver things … and, being honest, the expertise of ASEs is usually worth the investment in time and money.

Have really asked all the questions you need to about online storage?

File System by iBjorn

Because I have a background of being involved in discussions around data protection I sometimes get a prod about online storage and web 2.0 tools. Over the last 6 months I have had quite a few over online storage options, but I have never really stuck down on (electronic) paper what my concerns are and why I have them.
There are a few concerns I have, some centre around ownership of files and data, some around data protection and some around management of the tools.

Online storage often comes under attack over IPR of images, concerns about control, heated rants about how company x is making use of *our* files / photos to generate revenue on a free service, etc … and we only have ourselves to blame for not reading the T&Cs fully, for not keeping abreast of changes to the T&Cs (though some companies make life extremely difficult to find the changes or contribute to those changes) and for not accepting that if we take part in a free service then there are likely to be limitations and issues. We take on that risk ourselves and we need to accept some responsibility for that. Whether we are talking about LinkedIn using profile photos of members in their marketing by default, changes to FaceBook privacy options, changes in security / ownership when companies merge products … there have been so many times when the masses rise up indignantly to protest and then rush around making changes and, in the worse cases, swap services … and yes, I have been there, expressing my frustration too.

This is increasingly important if we are asking children to make use of these tools as we are being trusted in our judgement and selection of these tools … after all not all children, across the broad age range we have using these tools, are emotionally, intellectually or perhaps even legally in a position to make some of these choices on their own … but that is a discussion for another time probably.

But discussions today centred around online storage, and in particular the growing use of DropBox to remove the need for USB memory devices. For those who have not come across DropBox.com, it is a an online storage system which will synchronise selected folders from one or multiple devices to an online repository. Folders or sub-folders can be shared for automated synching with other users, making it a fantastic tool for collaborative sharing of files and materials. There are a number of other tools like this ranging from Microsoft’s SkyDrive, shared document libraries in Sharepoint, Moxy, Box.net, ADrive and many more. DropBox and SkyDrive are both free so that is why you will see them in heavy use … especially in education. Free comes with limits though and sometimes that can be the amount of space, sometimes the SLA doesn’t really exist and sometimes there is a lack of control over certain aspects of functionality or how it changes.

When it comes to DropBox though, my main concern is that users are significantly at risk of breaching the Data Protection Act and they don’t even know it. This is especially important right now as it is being recommended to NQTs who might not know any better … let’s face it, there is not that much about Copyright law, Data Protection and IPR within teacher training and, from what I have seen and been told, there is a presumption that this is covered within schools by school policies … and we all know how wonderful many schools are for having decent Data Protection policies and explaining them to *all* staff.

I know that my blog is read by a wide range of people so I just need to go back a little to cover an aspect or two of the Data Protection Act. The DPA has 8 principles, which are pretty self explanatory and the 2 most important principles to look at for this conversation are 7 & 8.

If we start with DPA Principle 8 first … this about where data can be stored, moved through, processed, accessed, etc. And this is the first place we fall down with DrpoBox. There is an ongoing query that has never been fully answered about whether DropBox.com is compliant with this.

Personal data shall not be transferred to a country or territory outside the EEA unless that country or territory ensures an adequate level of protection for the rights and freedoms of data subjects in relation to the processing of personal data.

Now, what this means is that if you use your online storage and sharing to move about or access anything that can be deemed ‘personal data’ (which for teachers can range from pictures of children, their personal details, information about their progress, medical information and so on) then you have to do it within the European Economic Area or other countries where we have set agreements. With the US this is called the U.S. – EU Safe Harbor and there is a list of companies who have been certified with this and across what aspects. It is important to remember that being certified is only part of this … the specifics of what has been agreed is equally as important and that will differ from company to company. I have previously commented about iCloud and Apple before to reflect this.

When you look at the list you will spot that DropBox.com is not there. When you dig through the T&Cs for DropBox you will find that they use Amazon for their storage facilities … which is good … Amazon *are* on the Safe Harbor list so that seems to tick the boxes … apart from they don’t say that they will only ever use Amazon and they don’t say how they use them, and what agreements they have in place. Ah … so we are back to square one then.

I have asked the question twice now of DropBox.com and not even had tickets opened. There is a discussion at the moment about this on the forums and still no definitive answer.

To deal with this I know some users of DropBox will make use of other security solutions to bolster how they deal with DropBox. This involves using an encryption tool to create a secure folder / file which is then synchronised via the only service. A common tool for this is TrueCrypt and that works fine at a technical level … meeting the criteria of DPA Principle 7, where you are taking suitable technical measures to ensure the security of data … but the principles are not pic and mix … you have to meet them all. Right now I use an encrypted folder on Dropbox for my non-sensitive files (so only I and others I trust can access them) and do not use it at all for sensitive items.

For sharing pictures for stimulus with others (teachers / children), for sharing videos, etc, especially cross-platform and when using apps on mobile devices, then I can see that it will be fine for use in UK schools … but for staff to share in general … no … not yet.

SkyDrive does meet the criteria as the data centre used is in Ireland, but it is still worth thinking carefully about what you are sharing with others and how.

Article published on EduGeek.net and copyright to EduGeek.net and Tony Sheppard

Image : File System by iBjorn (CC BY-SA 2.0)

Can you ever have too much of a good thing?

Well, it looks like you can.

I’ve recently been tracking down a number of web 2.0 tools to ensure I register / protect my online identity. I am known as Tony Sheppard and as GrumbleDook with such equality online that it is hard to separate the two. However, since there is a rather good Jazz musician called Tony Sheppard I have opted to protect my identity as GrumbleDook.

IMG_0934

Most people recognise my avatar or variations of it and I am always looking for ways to tweak it a little, make it more interesting or relevant, but without losing the importance of this being my online representation.

However (and there is always a however), I am not the only GrumbleDook out there … and I was recently castigated via email for some comments which had been made by someone else. At this point I had to spend some time explaining that I am not an online poker player, I am not an urban photographer / artist, I am not American, I do not live in Brighton / Watford / Washington / Phoenix / Sydney / Hong Kong, and I have never played in a brass band.

The fact that all of the above can be found to be linked to 7 separate individuals and I am not any of them made me wonder that because I do have a goodly number of the related domain names, I have registered accounts for a large number of web 1.0/2.0 accounts under the name of GrumbleDook and I am more often than not the person who appears in searches for GrumbleDook in the search engine of your choices … it is not surprising that someone might presume that all GrumbleDooks are actually me … especially as some are pretty techie related too!

I have spoken with people before about protecting your online identity (having had a student in an earlier school once register an account with an online service as they knew my online nickname … and having to deal with the fall out) and I still believe that it is important. The idea of a person as a brand has been spoken about by people far more knowledgeable and eloquent than me … but if I ever want to operate as a business, or ensure that anything I publish to the ‘net is recognisable as mine then it is something I have to keep up with.

I have come to the conclusion that although we may put a lot of time and effort in establishing our presence online, there are limited ways you can do this and there will always be confusion. I would also recommend that, where possible, you identify where the other people are who may share some aspects of your identity and if you can come to some sort of arrangement then it makes it better.

Will the world end if I don’t manage to ensure that *I* am GrumbleDook on particular services? No … I missed out on Facebook, there are many forums out there with GrumbleDooks on, I don’t have all the domains registered … yet … and I also have to remember that I have taken the name based on a character in a popular comedy (though not many people like the first series … some the joke is lost on many) … and so I do not have an exclusive right to the use of it.

There are examples of parents trying to do similar as I have done from when their children are born … and whilst I can understand this, I also have to point out that part of establishing an online presence is also about the social aspect of life. Many people will grow and change over the years … a number of friends and colleagues have changed their online presence over the years, rebuilding their identity. For me, I would find this difficult as my personal and professional identities are closely linked. I also believe that trying to change a personal identity is difficult but can understand the need at times to do so.

Where does this leave me now? I have a number of business tools I am starting to evaluate (including Office365 and Google Apps), and for me to continue with the professional brand of GrumbleDook, then I have to ensure that I get in there first with such tools. The grey areas come when we look at Social Networking tools … as I would consider many of these as professional tools, but others might consider them as personal tools.

Over the coming weeks I am going to be updating part of my blog to incorporate other tools I am trying to I will start using my ‘About’ page to say what is me … and even create a page to say when it is not me.

I would be interested in how others have approached some of these issues (even from fellow GrumbleDooks), with both the good and the bad in life.