Slashdot Mirror

← Back to Stories (view on slashdot.org)

Advice for the K12 Tech Guy?

Posted by Cliff on from the a-tech-in-non-tech-friendly-waters dept.

small fish asks: "I am a newly dubbed 'Technology Coordinator' for a K-12 school district. Things here technology-wise are not well. People here are ignorant technology-wise--which is fine, as being tech-savvy is my job. However, they do not seem to trust my judgment on anything except changing printer cartridges. I'm being measured against a former teacher who filled the role for a while and was VERY comfortable with using Microsoft products. Are there any other Slashdot readers out there in similar straits? If so, what advice do you have for me?" "For starters, there is no firewall, all IPs are exposed to the public, they are relying on Windows NT 4 boxes to sustain operations, and they seem to love their Exchange for doing email and address books, although I have only one user who migrates between two different computers. The Exchange server died due to a spam overload and will not restart, so I set up a BSD box for handling mail and DNS. To make things worse, there is no real disaster recovery here and virtually no backup power. As I type my carpets are still wet from last night's rains that poured through the machine room wall - and this happens every time it downpours I'm told.

My coworkers do not want anything to do with Macintosh computers, they have never heard of Firefox, and Unix was a strange foreign word I had to explain to some before I gave up entirely. What tips do you have for surviving (even thriving) in this type of environment?"

2 of 96 comments (clear)

  1. I've been there by Jjeff1 · · Score: 3, Informative

    I work as a consultant for a systems integration firm. We have a large number of customers who are K-12 schools. Many of the technology coordinators were the technology dude from last school year and need a lot of assistance. This might be a bit of rambling, because I don't have time to make it shorter.

    First of all, your budget is going to be limited, while you might be able to get E-rate money to pay for a lot of network gear, and possibly some servers, you can't use erate for staff. You need to standardize so you get work done centrally. This allows you to hire 1 or 2 smart network admins, vs a horde of drones. Hardware, software, processes, etc... all need to be standardized. Get a good handle on what software you own and where it's installed. Put some policies in place to keep teachers from pirating software; which they will do in massive amounts. Make a business case to the administration that you need to have tight control on software and hardware. You can have every l33t tech teacher running around being their own little network admin for their cluster of 30 PCs only for so long, this will fail really, really badly. This isn't just about control, it's about establising a consistent learning environment for students who will switch between classrooms and schools; as well as teachers, some of whom will have little or no technology experience and will be befuddled by 2000 computers that all act a bit different.
    If you don't have a centralized imaging system, get one. Altiris is nice, Ghost is nice. CA makes a very nice (but pricy) product that will do scripted Windows installs as well as packaged or scripted app installs. Their best feature is that it will keep track of all your app installs and where they're supposed to be, reinstalling them automatically when you reimage PCs; basically handling all your license tracking for you.
    Do you have network monitoring for when an errant broom handle takes out the power to a wiring closet? HP Insight manager will monitor your stuff and is reasonably easy to setup (also free). Obviously there are tons of other options, but you'll probably never find the time to devote a week to setting something (anything, anyplace) up.

    Chances are you'll have people from 4 corners writing and being awarded grants that use technology. Get in on the ground floor with these folks, make sure they understand that computers need desks, network ports, AV licensing, etc... Establish an approved hardware list, and make sure people only buy stuff on the list. This reduces the number of types of printer carts you need to stock and PC images to build. Figure out a per PC cost for network support, make sure they build it into their grant.

    Realize that the point of the network is to teach, not to push an idealology. Most business use windows, you'll probably be using it too.

    Again, centralize. Use login scripts, group policies (time to upgrade from NT to 2003), network based apps, etc... If you don't have some remote control software, at least on all the teacher and admin machines, get some - VNC is great.

    Avoid peer-to-peer apps like the plague. One of my customers has a very nice (from a teaching standpoint) app called CCC. From a technology standpoint, it's a total nightmere. It even has a hardcoded backdoor password. To function at all, everyone has to have full control over all the files; guess how often a student nukes the database... Firefox is good, but chances are, you'll run into at least one app that only works in IE. Do you want to support 2 different browsers? A lot of educational software is poorly written. Your users won't be logging in as local admins, which will break a lot of apps. Make sure you test any apps before you buy them. Again, this goes to making the policies, users shouldn't be buying software until you look over it.
    Make sure the department heads are with you and can enforce rules with their staff. You don't want each librarian at each school buying different card catalog software.

    Obviously you h

  2. Repetition, licenses, risks by dreamer-of-rules · · Score: 4, Informative

    My workplace has a dozen people, very little turnover, and *must* use Windows because of a Windows-only primary application. However, security is very important in our industry. I hammered at them for weeks that IE and Outlook were the hackers primary targets, and had countless holes in them. The transition to Firefox went fairly smoothly-- I told them to use it for everything expect business-critical sites that required IE. I set up Adblock on Firefox and weeded out ads from the common sites.

    Every week I send out a list of new security holes, and the impact. If it's an IE 0wn-u bug, I warn them not to open IE until the patch comes out. Every week, even if there are no new bugs, I warn them not to use IE, because there are still unpatched vulnerabilities.

    I point out other businesses in our industry which have made the 5 o'clock news because they were hacked. And remind them not to open attachments or use IE, everytime. Or we could be next.

    After a few months, everybody is using Firefox all the time, and they don't think anything of it. They do not open email attachments, they install patches when I ask them (I check).

    ---
    Go to each computer and clean each one for viruses, spyware, bad cookies. Log the results. Post the results, but don't use names. You are not trying to embarrass anyone, just trying to show them how their systems have been obeying some other masters. Tear down their SEP fields. Discredit the "don't ask, don't tell" security policy. ("If I don't know my system is hacked, then it doesn't affect me.")

    Put in a firewall. Log everything. Open up every legitimate outgoing port, for AIM, Folding@Home, whatever. Show them the attacks.

    Show them logs from trojans phoning home. Chances are nobody is running a legitimate chat server, or is doing ftp or heavy traffic late at night.

    Get them to *pay* for their software. (This may be the hardest.) As long as they are stealing software, Windows is an obvious, though short-sighted win. But when you point out the increase in piracy lawsuits, and get them to use only legal software, $3000 for Exchange (Exchange/CALS/OS) seems pretty pricy.

    Switch out a couple systems (from volunteers) for Macs. They can coexist. I use my Powerbook 50% of the time at work.

    Insist on installing OpenOffice on all systems, but that either MS or OO can be used. Insist that all Microsoft Office software be paid for. Ask them for reports or forms in PDF format, then act astounded that MS Office can't handle such a simple task. Insist that all software be paid for. Include 0wned bugs for Office in your weekly report. Mention at the cooler that the only viruses that exist on the Mac are Microsoft Office viruses. Point out new vulnerabilities found in Office apps, and what they allow into their systems.

    Insist that all software be legit. Not pirated. After all, it's a lawsuit-happy world out there, and Microsoft is getting more willing to go after those pirates.

    Expect the whole process to take a full year.

    * Hammer home the security risks. Don't let them hide behind their lack of knowledge.

    * Firewall-- first thing. Close off everything they don't use. Then tighten the worst holes.

    * Firefox-- second thing. Your spyware scans should back you up. Mandatory install on every system, and lock down the settings in IE (using group policies on xp/2k workstations) every time you touch someone's system.

    * Use the MSBA to scan all the systems weekly. It fairly automatic, but you get to see who's refusing to keep up with patches.

    * Mandatory OpenOffice install, but optional to use. Request PDFs for the school website and forms.

    * Hammer home the piracy idea. Lawsuits. Lawsuits. Lawsuits. Bad publicity. They are sending a message of lawlessness to the students.

    --
    Everyone is entitled to his own opinions, but not his own facts.