Tag Archives: strategy

The changing face of Data

Change never stops. There is always something else. Kyu Shin Do. Kaizen.

The latest thing I have a chance to work on, is to support schools as they get to grips with the changes that GDPR brings. But isn’t this another piece of red tape that will be a burden to schools? Well, yes, there are additional things schools will be obliged to do, but many things they should be doing already, if they are taking data protection and information handling seriously in the first place.

About 10 years ago I was sat on a working group for Becta, looking at Information Handling and Data Protection, and a lot of the advice was pretty full of common sense and those schools that picked it up, updated practices as further advice from the ICO was released and generally kept abreast of changes … well, for them the changes brought in by GDPR are an evolution, not a revolution … and this is important to remember.

Some improvements in processes; ensuring that you discuss with data processors about what they are doing with the data the school, as data controller, lets them process; having someone to have that oversight as Data Protection Officer; and so on … but these are all manageable with the right tools.

However, some schools are not up to speed. Some schools have only seen the scare headlines in some of the more sensationalist press (I won’t even link to them, they are that annoying and wrong). Some schools are being promised silver bullet solutions or are being told it will cost extortionate amounts of money to get the right experts in. In short, for some it is the Wild West.

It doesn’t need to be. There is good advice out there. There are people working to right the wrongs caused by these myths. The ICO has even started a series of blog posts around debunking these myths.

GDPR in Schools have already started to help schools understand their position and what they need to consider. They have developed a tool to help schools manage and record what data they handle, who and how it is processed and, possibly most importantly, why they are processing it. And this approach, to help schools fulfil a legal obligation in as simple a manner as possible, is one of the reasons why I am happy to announce I have joined GDPR in Schools as their Operations Manager.

Over the coming weeks we will discuss more around obligations, some of the legalities, some of the myths and how we need to make sure the dog is wagging the tail and not the other way around. We will continue discussions on EduGeek.net’s Data Protection & Information Handling sub-forum, join in discussions on LinkedIn and Twitter (#GDPRubbish can be an amusing yet illuminating hashtag to follow), and continue to publish advice through our blogs.

If you have any questions, please don’t hesitate to ask. Some questions can’t even be answered by DfE or ICO yet, but we will be there, on your behalf, asking the questions and pressing for answers.

Do we *REALLY* know how much is spent on IT?

A tweet was posted by @MSETCHELL yesterday (mattianuk on EduGeek) about being asked to work out the cost of the entire network.

This didn’t strike me as a strange request to be honest. It just seemed to be a standard pain-in-the-backside, paper-generating, unread-report-producing exercise … probably needed because of some arcane bid proposal which schools sometimes get involved in to try to squeeze money out of any available pot or group. It is worth saying the businesses do the same thing when applying for EU funds, regeneration funding, moving locations, etc … so it happens all over the place.

I replied that

I thought that would be fairly easy to generate? Have asset library with original costs, calculate depreciation, etc

But Matt said he had a full inventory but not purchase costs.

It struck me about this being another example of where silos exist in schools, this time between departments of support / admin staff rather than between curriculum departments.

It also made me wonder what do people record in their asset library? How do them maintain it? Who is the ultimate owner?

At Learning Possibilities, we work based on ISO27001 : 2013 (part of our standard of working for a variety of contracts, as well as best practice) and knowing your assets is vital, whether they are physical, intangible or information assets. Whilst the standard is over the top for most schools it does clearly align with standards such as the Framework for ICT Technical Support (A school friendly Service Management IT Management regime based on ITIL v2 and v3, with elements of other good practices from areas such as PRINCE2 and LEAN).

An asset library should not just be about the make, model, serial number and location of a physical piece of kit; it should include other relevant information too. When you install a network in a school you spend a certain amount on cabling … this is also an asset that is often missed. Is the cabling infrastructure in your school suitable for the next 5 years? Are you expected to go Gig to the desktop? PoE?

I’ll be posting a thread on EduGeek to discuss this in more detail about what could and should be recorded but I thought I would set out the basic principles here.

  1. All assets have an initial value (on purchase), a replacement value (how it would cost to replace it based on whether you do like for like replacement or old for new) and a depreciated value (how much they are worth now with their value going down due to an agreed method … and there are a variety of methods).
  2. All assets have a set period of useful life. This might be set out when you purchase the device and be based on a variety of factors. Usually these will be the warranty and support periods for the product, how frequently it receives updates, an estimate on how long you think the functionality will fit your needs and so on.
  3. All assets should be associated with a purchase order, when a direct purchase was made.
  4. All assets should have an ‘owner’. This is the person who is responsible for them to the institute and not necessarily the person who manages them on a day to day basis. An example would be the MIS hold information about timetabling, personnel, students, etc but the SIRO is ultimately responsible. In the same way the iMacs being used in Music are ‘owned’ by the Network Manager, not the Head of Music.
  5. Assets have to be written off at some point in their life. This can only be done by an authorised member of staff.

There are probably more I could add, but this is a starting point for most people.

Some of the above information might be able to be held in the software you use for asset management. Some might already be held in other systems, such as the finance systems.

It will be up to each school whether there is any replication / duplication of the information held … and who updates the relevant asset libraries too.

From the above this should be enough so that the Head and BM can easily see what the value of the network is (in financial terms) and what the total direction is over a period of time, see what is about to be at end of supported life and what they need to replace like for like (in general terms).

Not only does this allow for SLT to plan, it helps them decide on whether maintaining a status quo with regards to IT is affordable or whether changes need to be considered on financial grounds. Changes on curriculum, or leadership grounds are a separate discussion, and that has a slightly different set of criteria and measurement.

There are plenty of ways you can check whether others you work with, as partners or suppliers, are following similar models … a basic tool for IT management. For us it is our work on ISO27001: 2013, but for others it could be ITIL v3 certification of staff, FITS certification,  ISO/EIC 20000 certification. At Learning Possibilities we ask it of some of our partners and are happily reassured.

Have a chat with your own school to see who manages what areas of assets, how the Facilities Management team monitor and write things off, how the Business Manager controls what is put down as needing covering for insurance? See what standards they look at when working with others?

 

Internet Safety Talking Point 2

This is my latest blog post based on Scott McLeod’s 26 Internet Safety Talking Points.

Over the next few weeks I am looking at each point to tease apart the ideals behind them, to try to see both sides of the discussion and to share examples about who others have work on the issues. A lot of this will be from a UK-centric position but hopefully it will provide some insight into the similarities and differences with our friends in other countries.

Today’s point is about Decision Making

The technology function of your school organization exists to serve the educational function, not the other way around. Corollary: your technology coordinator works for you, not vice versa.

To use technology you should have a reason, understand what you want it to do and also understand how you can measure whether it is achieving it or not.

Oh dear … this sound like we are going to talk about planning again.

In the past a number of choices about technology have been a little chicken and egg with what has been used. There have been pilot projects or innovative schools who have gone out and done something interesting with new or emerging technology. The technology has inspired them to try something new and when it has worked you then find research to look into it on a wider scale. This is where folk like Becta came in … as well as groups such as the Association of Learning Technology, NAACE, Besa and so on. They took the research to the next level, either as partnerships with schools, those doing the research, with suppliers or as the controller of funds (or any combination) … resulting in ring-fenced funds to allow schools and LAs to implement a given technology.

So the idea that the technology should be based on your choice has not always been the way it should have been, but it was usually instigated based on good practice and research. How will it was implemented is then debatable and how much that removed control and decision making from individual schools is another point some will raise.

But where does the technology coordinator (NM, ICT Coordinator, LA Technology Manager) sit in this? To some extent they might have chosen the specific technology based on available funds, with a certain set of features, but the pedagogy behind it all should be pretty agnostic and be able to use whatever is provided. An IWB is an IWB … and whilst specific software might have benefits over other solutions the idea of it being used by learners is common … it is just the method which might change. The arguing point against this is around wireless tablets connected to projectors (removing the requirement for the learner to come to the front of the class … an important feature in some schools with learners who do not engage when in front of their peers) or the ‘add-on’ tools such as voting systems (actually a separate technology in their own right but can work well with IWBs).

The other arguing point around this is about policies and strategies. I hate to say it but there is a little thing called the law. In fact it is the Law. It deserves the capitalisation. And this varies across the world. There are many things which educationally would seem to be perfect decisions but are then put on hold or stopped because the NM / Tech coord / etc says no. This is not done lightly, nor is it done without consideration for what benefits will be lost and it is usually done with some attempt at compromise. Areas where there will be clashes ranging from safeguarding, copyright and intellectual property, data protection and information management, funding and classroom management. A good NM will educate you about these (if you are not up to speed) and will work with you to get the most out of tech … but they are frequently the gatekeeper as to what tech you can use because they have the knowledge about the bits which will cause problems. In the same way you have people to tell you not to try blowing up the science lab (in spite of how much fun it was when we were at school to see people do experiments that blackened the ceiling), or have people who tell you not to use certain classrooms due to them falling down … you have people who will say not to use certain technologies in certain ways. I’ll discuss the legal side of this in a later post … but just try to believe that a good NM is talking these into account and advising Senior Leaders, classroom teachers, office staff, parents, learners, local community and the random people who ring up the school because of things you post on the internet.

Yes, the Technology Coordinator works for you, but part of that job is choosing or helping to choose appropriate technology and keeping you safe. Don’t give them a job and then tell them they can’t do it!

On the other side, your NM should not keep things as a dark art and be the only person making choices. Any choices made should be clearly explained and, as per the last blog post, show where they are held accountable. Likewise the choice of technology should not force you down a particular educational route, but it can be an inspiration for doing something different. Be aware of the differences and look at the early adopters to see what they did and what worked / failed.

Internet Safety Talking Point 1

In my last blog post I republished Scott McLeod’s 26 Internet Safety Talking Points.

Over the next few weeks I am looking at each point to tease apart the ideals behind them, to try to see both sides of the discussion and to share examples about who others have work on the issues. A lot of this will be from a UK-centric position but hopefully it will provide some insight into the similarities and differences with our friends in other countries.

Today’s point is about responsibility and accountability.

Even though they may use fancy terms and know more than you do about their domain, you never would allow your business manager or special education coordinator to operate without oversight. So stop doing so with your technology coordinator.

This raises an important point. With great power comes great responsibility, and there is a group in schools who have a lot of power. Whatever you might think of your Network Manager or Technician, of your LA Support Manager or even the Academy Technical Director (I will generically use the term NM to cover these and similar positions), how they have gained power / ownership / responsibility / control will be so varied it would take several posts to pinpoint which applies to your case. We would also end up talking about stereotypes and pigeon-holing people.

In reality it is rarely for it to be one reason as to why a single person might be making major decisions which affect a wide range of people, and it would be wrong to always assume malice, arrogance, superiority complexes on their part. It would also be wrong to assume the ignorance of senior managers in schools, apathy of staff, poor funding and poor communication. However, I am sure all of the above would sound familiar to many.

Instead, let us look at the idea of responsibility and accountability.

Yes, the NM is likely to be the expert in the field as to what technology can work, how it can work, how to support it and so on, but the requirements which set out what technology is needed should not be set out by a single person, but by a group of stakeholders working out what is best for the school (or schools if part of a larger group). This involves planning, communication, compromises, compliance (with laws, local and school policies, etc) and it will require targets / outcomes. This is where the oversight and accountability comes in … and it doesn’t just apply to the NM. It is needed … and should be in place.

And this is where we hit a number of problems.

Firstly you might be in a school where there is no communication, planning, team-working, etc and so someone has to effectively be a visionary, trying to guess what is needed or to lead on the choice of technology, almost in a single-minded way as nothing would happen without this. This can effectively place all the power and control with a single person with no oversight. This is not specifically their fault, and Scott’s point, in my eyes, appear to be a shout out to Senior Leaders in schools to wake up, stop relying on a single person and to make it more of a team effort … not a call to snatch back power from someone else.

Within the UK there is a standard for IT Support (based on industry standards) called FITS. This clearly sets out how the NM, Senior Leaders and other stakeholders can establish the targets, hold people accountable for delivering on projects / work and set out the standards by which systems will work, how changes will be decided and managed, how choices of technology can be made and how this can be measured against the desired impact.

To Block or Not to Block, that isn’t the question!

With kind permission I am reposting Scott McLeod‘s ‘Dangerously Irrelevant’ Blog Post about 26 Internet Safety Talking Points.

I hope to then follow this up by looking at each point (one a day perhaps) to strip it down and look at both sides of the point.

—————–

For Leadership Day 2012, I thought I would gather in one place many of the talking points that I use with principals and superintendents about Internet safety…

 

  1. Even though they may use fancy terms and know more than you do about their domain, you never would allow your business manager or special education coordinator to operate without oversight. So stop doing so with your technology coordinator.
  2. The technology function of your school organization exists to serve the educational function, not the other way around. Corollary: your technology coordinator works for you, not vice versa.
  3. Mobile phones, Facebook, Wikipedia, YouTube, blogs, Wikispaces, Google, and whatever other technologies you’re blocking are not inherently evil. Stop demonizing them and focus on people’s behavior, not the tools, particularly when it comes to making policy.
  4. You don’t need special policies for specific tools. Just check that the policies you have are inclusive of electronic communication channels and then enforce the policies you already have on bullying, cheating, sexual harassment, inappropriate communication, illicit behavior, etc.
  5. Why are you penalizing the 95% for the 5%? You don’t do this in other areas of discipline at school. Even though you know some students will use their voices or bodies inappropriately in school, you don’t ban everyone from speaking or moving. You know some students may show up drunk to the prom, yet you don’t cancel the prom because of a few rule breakers. Instead, you assume that most students will act appropriately most of the time and then you enforce reasonable expectations and policies for the occasional few that don’t. To use a historical analogy, it’s the difference between DUI-style policies and flat-out Prohibition (which, if you recall, failed miserably). Just as you don’t put entire schools on lockdown every time there’s a fight in the cafeteria, you need to stop penalizing entire student bodies because of statistically-infrequent, worst-case scenarios.
  6. You never can promise 100% safety. For instance, you never would promise a parent that her child would never, ever be in a fight at school. So quit trying to guarantee 100% safety when it comes to technology. Provide reasonable supervision, implement reasonable procedures and policies, and move on.
  7. The ‘online predators will prey on your schoolchildren’ argument is a false bogeyman, a scare tactic that is fed to us by the media, politicians, law enforcement, and computer security vendors. The number of reported incidents in the news of this occurring is zero.
  8. Federal laws do not require your draconian filtering. You can’t point the finger somewhere else. You have to own it yourself.
  9. Students and teachers rise to the level of the expectations that you have for them. If you expect the worst, that’s what you’ll get.
  10. Schools that ‘loosen up’ with students and teachers find that they have no more problems than they did before. And, often, they have fewer problems because folks aren’t trying to get around the restrictions.
  11. There’s a difference between a teachable moment and a punishable moment. Lean toward the former as much as possible.
  12. If your community is pressuring you to be more restrictive, that’s when it’s time to educate, not capitulate. Overzealous blocking and filtering has real and significant negative impacts on information access, student learning, pedagogy, ability to address required curricular standards, and educators’ willingness to integrate technology. It also makes it awfully tough to prepare students for a digital era.
  13. ‘Walled garden’ online environments prevent the occurrence of serendipitous learning connections with the outside world.
  14. If you’re prohibiting teachers from being ‘friends’ with students online, are you also prohibiting them from being ‘friends’ with students in neighborhoods, at church, in volunteer organizations, at the mall, and in other non-school settings?
  15. Schools with mindsets of enabling powerful student learning usually block much less than those that don’t. Their first reaction is ‘how can we make this work?’ rather than ‘we need to keep this out.’
  16. As the lead learner, it’s your responsibility to actively monitor what’s being filtered and blocked and to always reconsider that in light of learning and teaching needs.
  17. If you trust your teachers with the children, you should trust them with the Internet. Addendum: Mistrust of teachers drives away good educators.
  18. If you make it too hard to get permission to unblock something, you might as well not have the option in the first place.
  19. Unless you like losing lawsuits, remember that students and staff have speech and privacy rights, particularly off-campus. Remember that any dumb decision you make is Internet fodder and has a good chance of going viral online. Do you really want to be the next stupid administrator story on The Huffington Post?
  20. When you violate the Constitution and punish kids just because you don’t like what they legally said or did and think you can get away with it, you not only run the risk of incurring financial liability for your school system in the tens or hundreds of thousands of dollars but also abuse your position of trust and send messages to students about the corruption of power and disregard for the rule of law.
  21. Never make a policy you can’t enforce.
  22. Don’t abdicate your teaching responsibility. Students do not magically gain the ability at the end of the school day or after graduation to navigate complex, challenging, unfiltered digital information spaces. If you don’t teach them how to navigate the unfiltered Internet appropriately and safely while you have them, who’s going to?
  23. Acceptable use and other policies send messages to students, staff, and parents. Is the predominant message that you want to send really that ‘the technologies that are transforming everything around us should first and foremost be feared?’
  24. Imagine a scale with two balancing pans. On one side are all of the anxieties, fears, barriers, challenges, and perceived problems that your staff, parents, and community members put forth. If you want effective technology integration and implementation to occur in your school system, it is your job as the leader to tip the scale the other way. Addendum: It is difficult to understand the learning power of digital technologies – and easy to dismiss their pedagogical usefulness – if you are not familiar enough with them to understand their positive affordances.
  25. In a hyperconnected, technology-suffused, digital, global world, you do your children a disservice – and highlight your irrelevance – by blocking out our present and their future.
  26. Educating is always, always more powerful than blocking.

BONUS 1. Elsewhere in your state – perhaps even near you – are school districts that have figured this out. They operate under the same laws, regulations, rules, and procedures that you do. If they can be less restrictive, why can’t you?

A huge thanks to everyone who has influenced my thinking and my writing in this area, including folks like Doug JohnsonSylvia Martinezdanah boydWill Richardson, and Tina Barseghian. I’m sure that I’ve forgotten a few talking points that I’ll just add later. Which one is your favorite (or least favorite)? What would you add to or change on this list?

For other Leadership Day 2012 posts, see the complete list of submissions and/or#leadershipday12.

Early Adoption – do you plan?

It is wonderful to continue to hear about people eager to look at the latest technology and see what a difference it makes in schools … and as an avid early adopter I do have to urge a note of caution at times … even to myself.

It has been interesting to catch up with a few others who are trying out iOS 6 and also having some fun playing / learning about the Raspberry Pi … but the best thing I have seen recently has been around Windows 8, the next system from Microsoft. If you haven’t had a recent read of the Microsoft UK Schools Blog recently then I suggest you pop over to look through the last couple of posts.

With the release of Windows 8 all very imminent it is no surprise that this appears to be a hot topic but I’ll let you into a little secret … I am pretty sure that no-one is expected to have it all up and running for when schools start back in a few weeks. In spite of a lot of access to release previews, healthy discussions on technical sites, serious cogitation by hardware manufacturers … the main point for me has been about awareness raising about what the change to a new system might mean.

If we take the post about chances to learn about Windows 8 then we can see that there are plenty of chances to look at development on Windows 8 (good for those involved in Computing@School) as well as a chance to look at curriculum resources. There is a free eBook available about programming apps on Windows 8 and making your network ready for Windows 8, but the best blog post for me has been the report from IDC about why you should move on from Windows XP.

From an IT Management point of view it is always interesting to see someone stick down figures around how much effort goes into managing and maintaining IT systems. Any form of change, regardless of whether it is for IT or anything else, will also incur a cost. It could be in capital costs (in IT this could be licences, hardware, etc), training, expertise or simply staff time. Balancing out whether you continue with the status quo or invest in making a move is sometimes a difficult choice but the above report from IDC really does hammer out that if you are still using XP now then you need to plan what you are going to do in the near future. They are not saying that you should jump now, but it does give you ammunition to start planning.

In schools this is vital as, no matter how much IT Support plan, it has to go hand-in-hand with how the school will deliver the curriculum, how the school will make use of IT to run on a day to day basis and also how the children respond to the change.

A lot of people have been looking at tablets in education, primarily iPads, and this is another good reason to start looking at what you are doing with technology. The arrival of Windows 8 will allow for schools to consider using iOS, Android, Windows 8 or any combination of the above. Change is inevitable … and it is better to look at it and ride the wave than crash and burn when someone demands something that is not going to work!

And this is the point where the innovators and early adopters are hitting a brick wall. I can remember listening to Ewan McIntosh tweeting that project management stifles innovation … and I can agree with this, because it is hard to push the boundaries of what you can do with tech when you can’t get access to it.

And this is the point where the planners, budget holders and senior leaders raise their head and ask about making sure money invested is done so wisely, that people don’t buy a lot of white elephants (we could dedicate a website to the amount of tech which is bought but never really used) and that what is bought and used actually has an impact and isn’t just there because it is a toy, a plaything, something shiny or because everyone else is using them.

And so we have to get to a compromise.

Early adopters need to have access to tech and they need to try things out. Systems in schools need to allow for some of this to go on but also to hold people accountable for what they are doing.

The report from IDC say that schools need to look at change. It shows that cost of keeping to the status quo (which will rise) and it gives a chance for people to start having ideas about what they need to do in the future. From chatting with various sources working on Windows 8 in education it is clear that testing things with OEM tablet manufacturers will be a good thing to do, running pilots in collaboration with other schools to look at Windows 8 devices, iOS devices and Android devices, comparing the ideas against earlier research on Windows Tablet devices (remember that tablets in education is nothing new … perhaps just improved) and then deciding how to adapt what you do with technology.

With Windows 8 coming out soon and the raft of devices it will generate (including the Microsoft Surface), the ever changing flavours of Android and the upcoming release of iOS6 from Apple … there will be a lot to try and there will be a lot of cross-over between all the different option.

(image from http://www.flickr.com/photos/sdasmarchives/5018415361/)

And the winner is … iOS6

Today was another peak in the circus of an Apple Fanboi!

The Apple World Wide Developer Conference always has some interesting things to see and today’s keynote was no different. There will always be some hype, some disappointment, some pragmatism and some anger … and different people will feel it about different things, even within the realm of Apple Fandom.

To be honest, there was nothing which was too unexpected. We saw some hardware improvements in the Pro notebook range, tweaks in the consumer (albeit expensive consumer) notebook range and a some other hardware updates didn’t make it into the keynote but have come up on the Apple Store. Until we see the new kit in the hands of testers and real people it is hard to say what difference they will make but two key items on the top end MacBookPro are likely to be spoken about a bit … access to 2 Thunderbolt ports give you high speed I/O to a range of devices, from displays, external RAID enclosures, adapters for Gigabit Ethernet / Firewire 800 / fibre channel and a range of capture devices … and you still have a HDMI port for a second display and video output anyway. Couple that with the Retina Display and you have a device for video editors, photographers and so on … giving them one of the best graphics experiences for seeing their work. Of course, the debate goes on about whether some people can notice the difference with screens of this high calibre, and whether this is a marketing gimmick … and so we will have to wait to see what it is like when people start using the machines in anger.

We saw a raft of features spoken about with Mountain Lion, the next incarnation of OS X (no longer even called Mac OS X … a disappointment to those of us who paid for the original Mac OS X Beta). A number of these have been covered before as we are now on Preview Release 4. The strength which appeared to be taken from the new features seemed to be the accessibility tools (dictation, etc) and the portability of your personal settings to other devices. We have already seen the push for iCloud and how this links with Photostream between your devices … and this increase with iMessage, Notes, Reminders, Sharing and so on …

The key areas I am looking at with Mountain Lion are around AirPlay and Notification Centre. As someone who has a lot of inbound information streams there are some tools I use to manage this, but Notification Centre looks as if it could make a big difference for me.

And then we get onto the area that everyone was waiting for … iOS6.

With no formal announcement of an iPhone5 we are all looking to see what the new OS will do on existing hardware. Although we were told it would work on legacy devices back to iPhone 3GS, 4th gen iPod Touch, the iPad 2 and the new iPad (and yes, that is how Apple term it on their site) we do not know how much of the functionality will work. Siri will work on the new iPad we are now told, but will it work on the iPad 2? I doubt it … in the same way it doesn’t work on an iPhone4. A lot of the updates make more sense for the iPhone and iPod touch than the iPad. Moving from Google to Apple’s own Map service, Passbook for holding electronics tickets for cinema, flights, etc (possibly a lead into Near Field Communications [NFC] for using an iPhone for payment services?), improvements in how you manage incoming phone calls and notifications (it has only taken them a few years) … but the accessibility improvements have also seen me amazed that Apple appear to have really understood a need on the iPad. Enabling a parent / carer / teacher to only allow one app on a device as well as restricting touch input on particular parts of the screen seem to be encouraging using iOS devices with children. Engaging them whilst not overloading them.

An area of concern is the increasing integration with Facebook … as much as I generally trust Apple we are now in the situation where the ever changing preferences on Facebook will also have to deal with how that is applied with iOS too.

There is a lot to take on board with it all and I would recommend people watch Tim Cook take the keynote, if nothing else to see the difference between him and Steve Jobs, as well as a lengthier demonstration of all of the above.

As for what it all means for schools and education …

Hardware – Apple personal computers (desktop / laptop) are expensive. They can work out good value if you buy the one which is right for your requirements and you know how to get the most out of them, but in the present times of austerity this is more and more difficult. It seems to be that more schools are going down the mobile device (iOS or Android … and eventually Windows 8 !) and this is understandable. The lack of a decent server in the Apple hardware range does show that management of any Apple Device is not taken that seriously (IMHO) by the folk at Cupertino. A disappointing comment to make, but one many experienced Mac Sysadmins would agree with.

Mountain Lion – Again, the lack of mention of how the Server tools will work means that it will be interesting to see how the devices fit into a school environment. The increased emphasis on a personalised device, with settings and information following you around via Apple’s iCloud, means that there could be clashes in an education environment. The major bonuses for me come in the way of Airplay as a means of ditching the Interactive Whiteboard (until you are ready to make the most of them) and tools such as Dictation.

iOS – Again, the emphasis on a personalised device does work well with BYOD, but the increasing number of schools I speak with who only see the shiny nature of it or the cost cutting side … iOS6 will do little to improve or support the use of BYOD over iOS5. Until we look at the management tools and what settings can be applied to encourage best use of the devices … then we should still plan on making the most of iOS5. Siri is a major improvement, but like all information services (google search, wikipedia) information on its own does not give you understanding and knowledge … so we have to understand the most appropriate use (teachers before technology folks). Accessibility will be an interesting area to work on and develop, and how we make the most of personal devices as a tool and not as a cheap (or expensive) gimmick to generate engagement for the sake of it.

I am trailing Mountain Lion on my work MacBookPro (starting to get on a bit but should be serviceable) and will put my thoughts on this blog as I discover things I like or loathe, or if I spot things that could be fun in the classroom, or things which could help a teacher or SLT change / improve their working life.

I will also be testing iOS6 on an iPad2 (my own one) to see what apps do and don’t work, to try to see if we can lock it down and tweak settings, and to see if there are restrictions on some functionality … hopefully helping people work out whether they need to go for the new iPad or if they can get away with a cheaper iPad 2.

If you have any particular areas you want me to test or try out then let me know. You lot are going to be more inventive than I am for a lot of this because you are pushing the limits in class already.

Apple Leadership Summit – The Workshops pt 3

We have now covered the most simplistic methods which many schools are using to manage iOS devices, and frequently these are shared devices we are talking about, not individual devices owned by the user. The issues that this can bring is that as you grow with the number of devices you have or reduce the amount of time you have available to cover support of the devices you have to look at more efficient and practicable solutions.

The next area covered in the workshop was the concept of profiles. Those who have looked into Group Policy Objects (GPOs) in the world of Windows or the use of WorkGroup Manager (WGM) on Mac OS X can see easy parallels and might look to apply the exact same concepts used to lock down machines. Apple were keen to stress that it is not about locking down but more a case of ensuring that certain settings were enabled and that you knew where the responsibility lay for control / changes of the settings.

In a similar way to the nuts and bolts of GPOs just being a method of forcing changes to the registry on a  Windows client, and WGM forcing changes of .plist files on a Mac OS X Client, the iPhone Configuration Utility (IPCU) creates a text file which, when loaded onto an iOS device, changes settings.

It covers a number of areas including security, Wi-Fi, VPN, email, calendar, address book and some application restrictions. We covered some of these setting in the previous post when we looked at on-device settings, but a profile can also be used to set up part of the information required and allowing the user to complete the rest. An example would be to put in all the details for the Exchange Server but leaving some fields blank so the user enters the information relevant to themselves. A more details guide on this can be found on the help section of the Apple website

Another important security area is around passcodes where you can set the complexity including whether you allow simple passcodes (ie repeating / ascending / descending sequences), whether you require alphanumeric values (must contain at least one letter), minimum length, age, auto-lock time period, history and, possibly the most important if considering the device would be used by a member of staff, how many failed attempts before the device is wiped (I’ll talk a bit more at a later date about encryption on iOS devices).

We also have to consider whether the profile can be removed by the user. The options include Always, With Authorization and Never … remembering that if you wipe the device (there are a variety of methods) it will take it back to requiring activation and you start again anyway with a clean slate. Also remember that, in the most basic setup, the profile is something a user (or the person setting it up) has to accept to install. When we look at Profile Manager later on we can consider some of the ethos behind putting particular settings into the profile so that the user has to agree to various settings as a method of gaining access to certain areas (eg email) and a common method of control for this is the granting of access to the secure, wireless network.

Profiles can be loaded via USB, can be emailed out to users to install, can be pulled down from websites or pushed out wirelessly via MDM solutions. One important thing to remember when exporting profiles from IPCU is security. These are text files and if you do a simple export can be read and changed via a plain text editor. You can sign the profile so any changes will noticed by the device if you try to install it but this basically changes it to read only mode. What should be considered as the only option is sign and encrypt the file. Just think … this profile could have all the settings needed by a user to join your hidden wireless network, usernames and passwords for mail servers (if using a profile per person or allocating a specific email account per device) and so on … do you really want that in plain text?

It is simple to sort though by just ensuring you export it signed and encrypted.

The next post will look at some of the uses of the new tool on the block, Apple Configurator, and what we were shown about what looks to be the first stage of a good methodology for managing and deploying devices in bulk.

Apple Leadership Summit – The Workshops pt 2

The workshop spent some time looking at the range of tools to support and manage iOS devices and so I’ll run through some of the areas which it covered. I’ll also try to highlight where most of us are when it comes to many schools trying to do ad-hoc management of devices. For the sake of short-hand I will use iPad to describe an iOS device … but I could easily say iPhone or iPod Touch.

The first things we are generally all used to using is iTunes. Those of us with personal devices or those who are using BYOD / student leased devices are likely to not see a lot of use of iTunes as it is done by the user instead. Some schools with only a handful of devices might be using iTunes managed from one machine to look after devices .

All devices, whichever method you use, needs to go through 4 phases and iTunes can manage all those.

  1. Activate
  2. Update
  3. Configure
  4. Sync

When you get an iPad out the box or when you do a remote wipe it needs to be activated. It can be done over the air (with the advent of iOS5) or it is commonly done using iTunes for many users. This allows you to set up basic things like language, country, enable / disable location services, connect to a network and restoring from a saved backup (an important idea to come back to later).  It is also possible to put iTunes in Activation-only mode so that the update / config / sync can be done by other users and other tools.

The iPad will then check to ensure that it has the latest version of iOS (remembering that it cannot restore a backup from a newer iOS version). You then configure the iPad as to how it will backup, whether it can sync over Wi-Fi, what it will sync (going into detail in the tabs for Apps, Tones, Music, Movies, TV Shows, etc), type of video quality (i.e. between HD and SD) and so on. In the general summary tab I personally think that people should have a good look at the ‘Configure Universal Access’ button as the use of voiceover and zoom can be quite handy for many learners.

Once you have the device the way you want it with the relevant Apps and media then it will sync, taking us through to the final action of setting up an iPad in the simplest manner, via iTunes. Of course, trying to do this for a raft of devices is neither practical nor efficient. The simplest method of doing this on bulk is to take one iPad, build it the way you like it and then restore the backup onto each new iPad as you activate it, which will go some way to automating the configuration and sync sections.

And this is where a lot of school stay … an ad-hoc arrangement where a HLTA or IT Technician has to build a new ‘image’ (well … backup an exemplar iPad) and load it onto the other devices. There is little ‘locking down’ of the machine and whilst it is a bit of a mess to cope with it can be a lot cheaper than spending a lot of time and money on the other tools.

There are some quick wins though. iTunes on its own will allow you to configure certain things but to really perfect a device you need delve into the on-device configuration. Setting up for home sharing can make it easy for learners to access resources shared via iTunes (always use a second AppleID for this in my experience) but the real benefits come when you look into Settings > General > Restrictions. Here you can turn off access to iTunes, installing or deleting apps, YouTube and even Safari … though Ned and co did warn us to be careful about this as some Apps make use of Safari to work. You can set the ratings for content, allow or block In-App purchases, and more. Well worth having a look at the Online Manual of iOS 5 for more information about what setting you can control.

And this deals with basic setup of the iPad. Fine for a handful of devices and there are some tools to make bulk restore / sync a possibility when also tied in with storage / security trolleys.

In the next blog post we look at iPhone Configuration Utility and who this will build a profile of setting for you similar to the manual job of using iTunes / on-device settings.

Apple Leadership Summit – The Workshops

There were 3 streams at the event and, although I really wanted to buck the stereotype and get more involved in the content creation stream, I really had to go to the infrastructure stream as there are so many questions and queries about Mobile Device Management (MDM) that needed looking into.

I blog fairly extensively about the last Leadership Summit here and here so I already had a good idea what we were in store for, and I have also done a fair bit of investigations already. The introduction of Lion Server changed a number of things, and newer tools which have been added on since are also changing ideas about how to plan and manage devices.

I’ve got to say a big thanks to Ned and the rest of the Apple team in the workshop. We all know that companies will toe a certain party line, and these folk are no different, but the allowances for healthy interjection from delegates, questions ranging from the slightly enquiring to the in-depth technical and still managing to keep the workshop pretty much on track meant that they had to field some difficult questions and gave some pretty good answers, and tried not to disappoint when they could offer no more than some basic “sorry, but there is no VPP yet” responses.

I’ve also got to say that there are some legal and regional things about MDM which were covered. The Apple folk did remind us that *we* have to make sure that *we* are happy that *we* are following the T&Cs, laws of the land, etc. The session was a technical one, not a legal and contracts one. There are differences about how we might opt to manage things in UK compared to US because of a number of facts, but the main one is that the Volume Purchase Program (VPP) does not operate in the UK so solutions which talk about bulk purchase and pushing out apps are technically possible in the UK, but not following the rules at this time! We did look at options about how to ensure you are fully licenced and that is another key fact to remember.

So, caveats done and we can continue.

The session started with each delegate introducing themselves and explaining what they were looking for from the session. It was good to see a range of primary, secondary and special schools, people employed by schools and 3rd party support firms, as well as representatives from RM and Jigsaw24. In general most are looking for ideas about how to deploy and manage devices, and about app deployment and the legalities behind it.

Presently we tend to think of traditional IT deployments of suites in classrooms, or we have started to move away from them to mobile classrooms. We then also have those who have gone (or are starting to go) down the one to one route to give an easy way of all being able to access devices (a common theme from the day, to be honest). iOS devices are slightly different and we have a number of options. How you plan your infrastructure is dependant on how you want to plan to use the devices.

We can split it into 3 areas. Device Sharing (closest to present day), One to One (mix of institutional and personal data) and User Responsible (highly personalised and almost anything goes). Once you have thought about which option you want then you can start to plan how to get there. Personally I think it is likely that once you start planning then you might find barriers to going down certain routes and you might have to make compromises … sometimes down to money, sometime down to the need to change the curriculum … it doesn’t mean you shouldn’t try but there might be times you have to be a little pragmatic.

Looking at the methods of managing devices we can see 6 areas.

iTunes – which we are pretty used to with them being consumer devices, but with a large manual requirement

On-device configuration – where we use the settings on the device or on particular apps, again a familiar task with a large manual requirement

iCloud – again something we might be used to

iPhones Configuration Utility (IPCU) – a way of generating profiles which can be applied to one or more devices. Those of us used to GPOs within Windows AD or WorkGroup Manager with macs will find this fairly familiar and the idea that a GPO is just a series of registry changes, or in WGM generates changes to .plist files … profiles are pretty similar.

Apple Configurator – the new kid on the block which is likely to be key for many of us. It allows for prep for mass deployment, supervising devices and assigning devices to individuals within the organisation.

And finally … Mobile Device Management (MDM) – the full blown tool which makes use of a framework provided by Apple to do all of the above. Within Apple’s toolset we have Profile Manager on Lion Server (used in conjunction with some of the above where needed) and you have an MDM lite solution …

There are a number of good 3rd party MDM solutions out there and to some extent it is a bit like making the decision about whether to use middleware on your network to manage Windows, whether it be RM’s CC3 or CC4 or one of the other products out there (Viglin’s Classlink, CSE, etc). It also depends on the mindset of the school. If it the attitude is “lock it all down” then you might want one route, and if you prefer a more ‘enabling’ and user reliant option then you go down another path.

So … there we have the first post … with the above tools you can go from delivering a shared device in a library which can be set up quickly for each user as it is booked out to them, a device which has all the settings for email etc and just requires the user to finish it off by putting in their username and password, you can stop the buying, deleting or even access to various apps, or you can bulk prep personal devices but to get access to your wifi settings they have to ‘log on’ to a certain managed profile. Over the next week I will try to cover each tool in a separate post.

The final thing I will say is that, whilst not explicitly mentioned, it is important to have a decent infrastructure for the devices to run over, and a presumption that most of the management / config will be done on a Mac (some tools don’t require a Mac but the significant ones will do).