Not every post has to be about a deep philosophical technology debate. Let's take a break and look at a simpler topic. Is the setup in this image a good idea?
Obviously, this district got some shelving from a home improvement store and mounted a shelf near the teacher's desk. On that shelf, you see a desktop computer, subwoofer for classroom surround sound, a laser printer and a DVD/VCR combo. One of the primary reasons for their doing this is to avoid the custodial dismantling of classroom technology in the name of floor waxing. If you've spent much time in a school district, you realize that summer vacation means that EVERYTHING gets moved into the hallways so classroom floors can be cleaned and waxed. Some districts have quite a bit of trouble with technology finding its way back to the proper classroom and being reconnected correctly in preparation for the next year. Either the tech staff does the hooking and unhooking (and who has time for that) or, more likely, the custodian unhooks everything and the teacher hooks everything back up. This district is obviously trying to avoid breakage, support calls or other points of frustration by mounting this shelf and leaving virtually everything in place.
Another advantage is that it saves some teacher desk space. One could also argue that it might lead to less dust in the CPU since it's off the floor.
What are the problems? For one, a teacher I talked to said she hit her head "weekly" on this setup. I don't have an OSHA degree and can't speak to the legalities of this, but I suppose one could argue that it isn't safe. Since you need to access the technology, the shelf must be mounted within reach of the teacher and therefore can't be too high. Naturally, the lower shelf height puts your cranium in the crosshairs for disaster if you forget about the shelf.
All of the cables are tied off for cleanliness and efficiency, but I suppose one could also speculate that when the technology fails, equipment would be more difficult to access for repair purposes. This may be a minor thing, but it's worth noting.
I'm sure there are other pros and cons that you can point out. This district thought it was a good idea that will save them time, so I provide it as an example and as 'food for thought'.
Wednesday, May 25, 2011
Wednesday, May 11, 2011
Managing iDevices in the K-12 Enterprise
The iThis or iThat has been a major topic of discussion in several recent individual and group meetings. I completely understand why and this post isn't about debating the pros and cons or the reasons for all of the fuss. I do want to make a quick point and mention a few company names in this post.
First, a general point to be made here: Countless times, I've seen districts try to save money on the front end only to kill themselves in man-hours on the back end when new initiatives and technology are implemented. My opinion is always subject to change, but I see two options for a K-12 CIO facing an implementation of iDevices in their environment:
Option 1 - the 'minimalist' approach - Set the expectation from the beginning that you'll get them on the network and make sure they can access the Internet. Anything else is up to the user. By "anything", I mean anything related to behavior issues, app purchasing and deployment, repair (since they can't be repaired by your staff), etc. I know some reading this will say "there's no way that will work", but I would at least put that option on the table. Face it, others often assume that you CAN manage all of those app and behavior issues at the tech staff level, so let's at least get the thought (or the reality) out there in discussion that your staff not be responsible for these things.
Option 2 - the truly managed approach - I've been to a couple of sessions by Apple staff. They'll admit that, as it pertains to proper enterprise deployment and management, they're learning as well. These devices are being used in ways they didn't originally imagine. I heard several references to wikis and posts made by other administrators and to non-supported software and processes to perform tasks. Putting a large number of these devices into an enterprise is not an easy task. It isn't something that everyone else has figured out. There isn't a 'standard' way of doing it. I would submit that, at least for now, the 'truly managed' approach involves some third-party enterprise software to assist with iOS management.
See my point? Try to either get OUT of the business of managing these devices or fully commit and truly get IN the business and insist on some sort of third-party tool to help you work more effectively and, with any luck, keep your sanity. Here are a few companies mentioned in a session I attended yesterday:
Absolute Manage by Absolute Software - says it will help you "...manage the PC, Mac and iOS devices in your deployment from a single interface.
Casper Suite by JAMF Software - says it integrates with VPP and it's "...the only client management solution developed exclusively for the Apple platform."
AirWatch - Looks to be focused on mobile devices and also mentions the Android OS, Windows Mobile and BlackBerry.
MobileIron - I'm struggling with their web site at the moment but their site mentions a server you would install along with an app for the device. It says you can recommend apps and ensure that users can only run authorized apps.
I'm not saying any of those products are wonderful or terrible, but I am saying that all of the discussion I'm hearing makes me believe that district tech leaders either need to help set a policy that puts them in a "connect it and forget it" mode with these devices or else they should push hard for a software product like one of these mentioned that may be able to help you effectively manage these devices.
[Image - Courtesy: National Science Foundation]
First, a general point to be made here: Countless times, I've seen districts try to save money on the front end only to kill themselves in man-hours on the back end when new initiatives and technology are implemented. My opinion is always subject to change, but I see two options for a K-12 CIO facing an implementation of iDevices in their environment:
Option 1 - the 'minimalist' approach - Set the expectation from the beginning that you'll get them on the network and make sure they can access the Internet. Anything else is up to the user. By "anything", I mean anything related to behavior issues, app purchasing and deployment, repair (since they can't be repaired by your staff), etc. I know some reading this will say "there's no way that will work", but I would at least put that option on the table. Face it, others often assume that you CAN manage all of those app and behavior issues at the tech staff level, so let's at least get the thought (or the reality) out there in discussion that your staff not be responsible for these things.
Option 2 - the truly managed approach - I've been to a couple of sessions by Apple staff. They'll admit that, as it pertains to proper enterprise deployment and management, they're learning as well. These devices are being used in ways they didn't originally imagine. I heard several references to wikis and posts made by other administrators and to non-supported software and processes to perform tasks. Putting a large number of these devices into an enterprise is not an easy task. It isn't something that everyone else has figured out. There isn't a 'standard' way of doing it. I would submit that, at least for now, the 'truly managed' approach involves some third-party enterprise software to assist with iOS management.
See my point? Try to either get OUT of the business of managing these devices or fully commit and truly get IN the business and insist on some sort of third-party tool to help you work more effectively and, with any luck, keep your sanity. Here are a few companies mentioned in a session I attended yesterday:
Absolute Manage by Absolute Software - says it will help you "...manage the PC, Mac and iOS devices in your deployment from a single interface.
Casper Suite by JAMF Software - says it integrates with VPP and it's "...the only client management solution developed exclusively for the Apple platform."
AirWatch - Looks to be focused on mobile devices and also mentions the Android OS, Windows Mobile and BlackBerry.
MobileIron - I'm struggling with their web site at the moment but their site mentions a server you would install along with an app for the device. It says you can recommend apps and ensure that users can only run authorized apps.
I'm not saying any of those products are wonderful or terrible, but I am saying that all of the discussion I'm hearing makes me believe that district tech leaders either need to help set a policy that puts them in a "connect it and forget it" mode with these devices or else they should push hard for a software product like one of these mentioned that may be able to help you effectively manage these devices.
[Image - Courtesy: National Science Foundation]
Tuesday, May 3, 2011
Thoughts on TMG and Internet filtering in general
As many of our school districts are looking at implementing Microsoft's Threat Management Gateway, now is as good a time as any to put a few thoughts together:
With the penetration of 3G handheld devices in hands of many high school students and staff, some districts are rightly questioning the effectiveness of ANY content management solution in an environment where a personal device cannot be monitored. That said, school districts are obligated by CIPA and (in our case) state law to do something in an effort to prevent access to inappropriate material.
At this point, it gets difficult for many districts. Depending on the expectations that have been set over years of content filtering and management, classroom teachers and administrators often expect the technology department to stop any inappropriate access from occurring. Technology leaders know that this is not possible. With time, opportunity and motivation, virtually any filtering solution can be defeated or bypassed. If the expectation has been set from the beginning that these matters are handled in the classroom, then the changing landscape of devices and methods of access may not have a huge impact on the prevention of inappropriate access since it would still be attempted and dealt with at the classroom level.
As our districts are considering Threat Management Gateway, I've noticed a few things that are worthy of note. First, the URL filtering is a subscription-based add-on that is referred to as the "Web Protection Service." This service provides subscriptions not only to URL-based categories but also to malware filtering. Issues with malware have become very important to our technical staff due to time spent cleaning up infected devices.
Note also that SP1 enabled certain features such as URL override and reporting enhancements, including a detailed "user activity report." My first reaction is that these enhancements should have been in the native product rather than a Service Pack, but the fact remains that they are now included and that's a positive development.
In fact, I think that generally sums up my initial thoughts about TMG. If a school district is simply trying to meet the letter of the law and wants a solution that can filter URLs based on categories and can potentially help with malware, TMG might be a fine solution. Some districts have paid for much more expensive and elaborate solutions that allow for robust reporting and real-time monitoring of particular users. I'm not trying to slander the TMG product and imply that it cannot do these things, but there's a reason that these other companies charge a premium and I can only assume that it's due to some advanced features, perhaps ease of use, etc. If you desire some of these advanced features, other products may fit your specific needs.
I'm inclined to compare this market to the old debate of VMWare and Hyper-V in the virtualization market. VMWare was earlier to market and has a strong reputation in this market. Microsoft's Hyper-V offering was later to market and, at least initially, might not have had all of the features that the VMWare suite had. At the time, one could market higher cost for higher quality while the other marketed a lower-cost product that provided all of the features that many customers might want. I think this is how I would currently categorize TMG. It provides many of the features (if not all) that many customers in this market desire.
At any rate, all of this is subject to change but it's what was on my mind at the moment. This and 50 cents would have bought you a soft drink several years ago. :)
With the penetration of 3G handheld devices in hands of many high school students and staff, some districts are rightly questioning the effectiveness of ANY content management solution in an environment where a personal device cannot be monitored. That said, school districts are obligated by CIPA and (in our case) state law to do something in an effort to prevent access to inappropriate material.
At this point, it gets difficult for many districts. Depending on the expectations that have been set over years of content filtering and management, classroom teachers and administrators often expect the technology department to stop any inappropriate access from occurring. Technology leaders know that this is not possible. With time, opportunity and motivation, virtually any filtering solution can be defeated or bypassed. If the expectation has been set from the beginning that these matters are handled in the classroom, then the changing landscape of devices and methods of access may not have a huge impact on the prevention of inappropriate access since it would still be attempted and dealt with at the classroom level.
As our districts are considering Threat Management Gateway, I've noticed a few things that are worthy of note. First, the URL filtering is a subscription-based add-on that is referred to as the "Web Protection Service." This service provides subscriptions not only to URL-based categories but also to malware filtering. Issues with malware have become very important to our technical staff due to time spent cleaning up infected devices.
Note also that SP1 enabled certain features such as URL override and reporting enhancements, including a detailed "user activity report." My first reaction is that these enhancements should have been in the native product rather than a Service Pack, but the fact remains that they are now included and that's a positive development.
In fact, I think that generally sums up my initial thoughts about TMG. If a school district is simply trying to meet the letter of the law and wants a solution that can filter URLs based on categories and can potentially help with malware, TMG might be a fine solution. Some districts have paid for much more expensive and elaborate solutions that allow for robust reporting and real-time monitoring of particular users. I'm not trying to slander the TMG product and imply that it cannot do these things, but there's a reason that these other companies charge a premium and I can only assume that it's due to some advanced features, perhaps ease of use, etc. If you desire some of these advanced features, other products may fit your specific needs.
I'm inclined to compare this market to the old debate of VMWare and Hyper-V in the virtualization market. VMWare was earlier to market and has a strong reputation in this market. Microsoft's Hyper-V offering was later to market and, at least initially, might not have had all of the features that the VMWare suite had. At the time, one could market higher cost for higher quality while the other marketed a lower-cost product that provided all of the features that many customers might want. I think this is how I would currently categorize TMG. It provides many of the features (if not all) that many customers in this market desire.
At any rate, all of this is subject to change but it's what was on my mind at the moment. This and 50 cents would have bought you a soft drink several years ago. :)
Labels:
internet filtering,
k-12,
threat management gateway,
tmg
Subscribe to:
Posts (Atom)