Your Weekly Tech Tidbit… Not all problems are solved with technology – some are
I have four quick thoughts for you to ponder
Here are a couple of items that I have been reminded of recently:
Not all problems are solved with technology. Today I had two completely unrelated discussions. One was with a High School Assistant Principal and the second was with a district Tech Director. Morphing the two conversations together I was reminded of the truth in that old adage. We do our best to create ACLs and GPOs and limit rights, etc. But there are times where it really does come down to the classroom teacher and the building administration are an integral part of enforcing the rules of the classroom and the school. Your students have handbooks and AUPs. Your parents signed off on much of that. At some point, if the classroom teacher sees inappropriate behavior, they should deal with it just like they deal with other inappropriate behavior. Yes, we want to know about gaping holes found in the system. Yes, knowing that the Superintendent's confidential share folder is available to the entire High School to read is important (this actually happened twice in two different districts). However, sometimes I can make you so secure that teacher's can't teach. There is a balance in there someplace and sometimes we lose sight of that in our technical zeal to solve every problem with technology.
USB drives are a real threat. They are a threat to allow unknown files into your district. Those files might want to do you harm and try and circumvent many of your layered defenses which are pointing towards the internet. In World War I, Lawrence of Arabia took Aqaba because the Ottoman guns were pointed towards the sea and no one was looking at the desert behind them. Don't be the Ottomans. This lack of planning ended badly for them. It might for you too. Second in the world of "EdLaw 2-d" USB drives provide the opportunity for data leaks to happen with Protected and other Confidential information. Turn USB devices off everywhere and turn them on only for identified, legitimate uses that have been approved by you.
Internet Explorer is dead. Your servers need a working browser installed. Fix it. It is very hard to provide remote support to a device without a working browser. This is especially true with servers in very secure locations. I repeatedly get panicked phone calls from districts with critical systems down and they can't get the vendor on the box - solely for this reason. You should assign this to one of your techs to resolve district wide as soon as possible.
It is useful for us to know what is on your network. Unfortunately my subscription to the "Psychic Friends Network" has lapsed and while I know we are very good at knowing about your networks, we don't know everything. I have received in the last year many of those frantic calls I mentioned in #3 only to find out that we know nothing about the file server in question that is in crisis. We then have to find the device and often find a way onto it. Then we need to battle the browser issue - just to get to a point of getting to a place where someone can fix the actual problem. That sometimes is hours of needless time at arguably a very stressful period of time. If you are a Paladin Sentinel Monitoring, district you can see in the console what we see. Also, it is easy for us to produce a report listing those devices that you can audit and add/drop as you feel necessary. Remember Inventory is part of the NIST standards.
As always we are happy to assist you in any way we can in working through any issues you are having.