Friday, May 6, 2005

Important Tangents - I

Along the lines of the topic of a previous post, Are We Empowering or Just Enabling?, there are a number of issues that will affect the success of a Tablet PC program that are not technical in nature and require education of our students and faculty to properly address. That article addressed the need for students to learn to deal with the ready distraction the Tablet provides them. Learning how, and at least as important, when to tune out or turn off the distractions is a key skill that all members of an always on, always connected society will need. But there are many other skills, several of which seem to me to get short shrift (if they are addressed at all) these days. I believe that these skills, properly addressed, will do much to support a successful program. Left unaddressed, they might well serve to undermine it.

First, I'd like to address some issues that do get discussed, but that become even more important in an environment of always (or usually) available networked computing where much of what happens does so away from any watchful eyes. In the same way that we don't let our children drive alone until they at least seem to have mastered the requisite skills, we ought to ground them in these skills for their own safety before we send them out to solo with the computer.

One of the most important of these is personal safety. We all know that the Internet is a dangerous place and one never really knows who is out there, just as the famous old cartoon says. It's not humorous, though, when the person on the other end of a connection is a pedophile or other person with criminal intent. We can have all the technical safeguards in the world in place--web filters, internet access logging, forced logoff times, whatever--but every single one of these measures is flawed and easy to circumvent. We need to consider that no matter how good a job we do with the technology, sooner or later our students will end up somewhere where they are likely to put themselves at risk. We need to prepare our students to face these risks wisely and to learn ways to minimize them. This kind of instruction, repeated often and in a variety of ways, needs to be an integral part of the Tablet PC curriculum. By the way, given the creativity of some of the phishers and other con artists out there, faculty need this training, too.

An issue that we techies are likely to have given more thought to is the safety of the computer itself--anti-virus, anti-spam, and anti-hacker measures. Even so, we need to think this through very clearly and look at all the variables. I thought we had a good handle on at least one aspect of this, applying security updates automatically, until I was working with a faculty member's Tablet last week. It was five months out of date with patches. All unapplied patches are supposed to be applied every week without fail so this machine had had over twenty chances to get some of these updates, but none of them had been installed. Since this faculty member lives off campus and he is always gone at the scheduled update time, his machine never got the message. Our model for this process was based on hardwired systems and failed when wireless, ultra-portable systems joined the mix. It was a mistake to assume that what worked in the past would continue to work with this new paradigm.

In the same way, we (okay, I) need to get over the rather smug feeling of security we have owing to our history of success in preventing and fighting viruses. We more or less have been able to quarantine our computers in the past. They were only on our network, we controlled the anti-virus software and what got installed. We supplied and controlled the Internet connection. These days, we refer to the Tablets as promiscuous computers because we never know where they've been connected. Once the students have full admin privileges, assuming they do, it will be even worse as we won't know what has been installed with high-level security privileges. I shudder to think how many students will take to doing everything as the administrator because certain games work only under that account. (Microsoft still has a lot of work to do getting vendors to ensure that their applications don't require administrator privileges.) Again, I expect that regular, consistent education will be the best thing we can do and it needs to be part of the Tablet program. In addition, we'll need to look much more seriously at various network monitoring systems, intrusion detection systems, etc.

Of course we will continue to work with centrally managed anti-virus, anti-spam, and machine firewall software, though we are still waiting for usable enterprise class systems to be ready--and economical. Currently, we use an antivirus system whose central management system we don't like, so each machine is manually configured. We don't really have a way of knowing when one is misconfigured or when the AV stops working. I know of only one enterprise class AS solution, and we will be evaluating it in a few weeks when a new beta version is ready. Windows firewall isn't a complete solution but the price is right and we can manage it from our Active Directory.

Another area we still need to address is general computer care. We have some students who have had their Tablets since the start of school and have never had a single problem. We have had others who have constant battles with scratched screens, breaking keyboard clips, and other minor annoyances that generally are caused by carelessness. Tablets are designed to be carried around and, of course, that is what the students do--often without any kind of protection at all. We can do some things, such as sourcing and offering more protective cases for the systems, but short of issuing ruggedized systems, we can only do so much. Ultimately, the care and feeding of the computer is up to the owner. Again, education will be key. That and the accidental damage policy we encourage everyone to buy.

All of these issues need to be addressed as part of our program. Failure to do so probably wouldn't doom the program, but in each case the nature of the program exacerbates an existing problem, so it is expedient to make the solution a part of the program, too. I'll continue this theme next time by looking at similar topics which are of a more academic orientation. I hope that, as we discover good ways of handling these issues, to share our experiences and solutions, too.

9 comments:

  1. Absolutely: the best security device is the human. We must teach them to be safe. The only way to do that that I can think of is to give them safe places to fail - places where we can help them pick up the pieces and where we can keep them from serious harm. We must also remember that although really bad things can happen “out there” in the big www, we can’t protect them forever.

    It would be great if we (schools) could set up a program for learning computer safety/skills like a driving school (better than driver’s ed. - I’m thinking along the lines of “Skip Barber”)

    . . . Perhaps in Vermont when the moose aren’t out on the road <g> . . .

    Actually, this might be a great program to try and design. Hmmmm. . . .

    ReplyDelete
  2. I do think it would be a good program to design, Scott. Why don't you come to edAccess and we can talk... <grin>

    ReplyDelete
  3. Ooooo...tempting...especially session #3! Unfortunately, I'm teaching our science teachers that week (DANG!)

    Will there be some streaming video perhaps? I'll settle for transcripts... heck, I'll even submit questions in advance if you like

    BUT, I'm already trying to talk the wife into a family trip to MA/VT next summer...I love the drive up to Burlington from Logan Airport (and I have to show the wife the huge liquor store in NH!)

    ReplyDelete
  4. This blog is awesome! If you get a chance you may want to visit this computer software download site, it's pretty awesome too!

    ReplyDelete
  5. Hey, you have a great blog here! I'm definitely going to bookmark you!
    I have a boost traffic site/blog. It pretty much covers ##KEYWORD## related stuff.

    Come and check it out if you get time :-)

    ReplyDelete
  6. Hey I was just blog surfing amd I found your blog! Looks Great!

    I also have a plane ticket to jamaica
    It deals mostly with plane ticket to jamaica plus other stuff,
    You can save up to 50% your next flight!

    You should check it out if you get a chance!!

    ReplyDelete
  7. One good resource for computer software and many more free software alternatives is Software4YourSuccess.com
    Yes it is my site and I would love for you to drop by for a second. From there you will have free access to several of my products such as The Marketing Toolbar (which is goldmine of information on how to do things quickly and on the cheap, thus saving you time and money).
    Also for webmasters I have created Webmaster Wizards, which will help you with almost every aspect of putting code on your site from things such as legal and privacy disclaimers to popunders. I have so much content and free software there I could fill up this whole blog, so check it out Thanks, Sincerely Rob Rudd

    ReplyDelete
  8. Mark,

    You mentioned in a previous entry that the machines are preconfigured but that you allow the students to add more RAM. In this post you mention the 'recommended' accidental damage warranty. How do you/they handle that purchase? Directly through HP, or some reseller?

    ReplyDelete
  9. Chris,

    Actually, the AD policy is no longer optional. It is purchased from HP as part of the package the students have purchased.

    We are planning to move away from this model next year, however. I'll give more detail shortly, but in a nutshell, we are going to be leasing the machines, but the AD policy will still be part of the plan going forward. It has been a life-saver many, many times.

    ReplyDelete