Microsoft Teams Better Meeting Management with Attendee Mode # #microsoftteams #o365 #onlinelearning
This video explains how to set up your Apple hardware to stream audio from Youtube and other sources to your Teams Meeting.
Get Soundflower: https://github.com/mattingalls/Soundflower/releases/tag/2.0b2
The scope of all the following arguments is for equipment owned by the school, or equipment approved to use at school. This post is not promoting policies for personal devices used solely at home, nor is this post addressing devices that may be used for entertainment or non-academic purposes.
Ransomware, in its most basic form, is self-explanatory. Data is captured, encrypted, and held for ransom until a fee is paid. The two most common forms of ransomware delivery are through email and websites.~ https://insights.sei.cmu.edu/sei_blog/2017/05/ransomware-best-practices-for-prevention-and-response.html
Ransomware is scary. Ransomware, once it begins to propagate, becomes more about survival and mitigation and less about prevention.
I have thought about how to advise K12 schools around the world how to prepare for ransomware. I have concluded that there are only two approaches everyone can follow: Reduce or Completely Remove Windows and Create Very Inconvenient Backups of Data.
Reduce or Completely Remove Windows
I decided to compile known types of ransomware. I stopped at 106 identified types. Here is a graph, and link to the sources, that demonstrate what operating systems are vulnerable:
If you want to do the math:
- 106 Ransomware programs
- 100 Target Windows Operating Systems
- 93%-94% of Targets are Windows Operating Systems
- Using Windows is Riskier than Using other Systems
“Riskier” is a little weak in this case. It is very likely that Windows users will be a target, it is very unlikely that Apple and Chromebook users will be a target.
If the goal is to live in a relatively peaceful ransomware free environment, then the majority of end-users need to be using Apple or Chrome-based devices (Linux varieties are also an option for a subset of users).
There are tools for Windows that help defend and protect against ransomware. However, nothing is better than not being attacked at all.
Create Very Inconvenient Backups of Data
Every time I ask an IT director or IT manager about backups, they claim they are 100% compliant and 100% able to deal with any problems. I have never believed my planning was close to 100%, nor have I ever believed I could restore 100% of all data. I would say, at my best, I am 60%-70% certain that I can restore 80%-90% of data.
Data. Not operating systems and settings. Data. Not the software that was installed. Just all the data consisting of but not limited to documents, databases, movies, music, pictures, special configuration files, scripts and code, and the inclusive content of all websites.
There is only one question a person needs to ask to confirm if backups are safe from ransomware: “Can the backup be accessed right now if we need it?”.
If the answer is ‘Yes’, then backups are going to be vulnerable.
There should be at least two layers of backups. Layer one can be data that is backed-up and accessible on the network, in the cloud, and/or from normal workstations. Meaning, someone can sit down and create or restore a laptop, database, etc by following a workflow at their desk.
Layer two backups are inconvenient. These backups are stored outside of the normal network. These backups are scheduled and not even accessible by network administrators without taking extra steps. These backups require some level of multifactor authentication or even a physical lock and key.
Layer two backups also need to be tested at least monthly (this is only recommended for K12 schools most businesses need to test more frequently; school districts would need to test very often and on a predetermined schedule).
Tests need to include:
- Data restoration
- Data access and use
- A scan for malware, ransomware, etc
- An iterative process to consistently reduce the size of backups
- An archival process to store data that will most likely never be needed, but is legally required to store
- Imagination. Because you never know where you will be and what the situation will be when you need to access these backups
A very low tech approach to a layer two back-up could include someone taking an external drive to the data source, moving the data manually, and then locking the drive in a safe. Do not overthink this, just start doing it and keep improving the process. If you can access these backups from your workstation, then those backups are vulnerable by definition.
If ransomware happens, and the data cannot be decrypted, this layer two data would be safe as it would be offline. Layer one backups may stay secure, but layer two backups will be secure unless you are victim of very bad timing.
The cybersecurity industry is rapidly developing better protocols for handling ransomware. Staying educated and studying cases is not only essential, but it should also be scheduled into the cycle of work at least once every 6-8 weeks.
The data above could change. An uptick in ransomware for Chrome or Apple of even 1% is enough to review internal processes and procedures. Until then though, get the number of Windows OS users down and make better backups.
Start Your Research Here
Ransomware: Best Practices for Prevention and Response
I was recently in a conversation with a large group of people who provide IT Support. Many do not work in education, which is why I like the group. One of the members was recently asked in an interview to rank the following support requests in terms of importance.
1) A teacher has standardized testing starting in 30 minutes however she is unable to access the testing site.
2) The principal (aka your immediate supervisor) can’t open a spreadsheet that she needs to have ready for a presentation later that same day.
3) A teacher is unable to start a lecture because her PowerPoint won’t open. Students are waiting in the classroom.
This scenario truly exemplifies the difference between EdTech and CorpTech. In EdTech the order of importance should be, 1-3-2. In CorpTech it could easily be 1-2-3, or, even 2-1-3. Anyone who has worked with a demanding boss in a Hire-At-Will employment environment would understand why.
In a school, unless the school is on the bad side of accreditation standards, the answer would be 3-2-1.
Here is why.
Teaching and Learning
Most people look at the options and see time and urgency. And although the right answer can be derived from time and urgency, that metric will not always apply. A universal metric is to always focus on Teaching and Learning (TL).
This means that all processes at the school, IT included, need to be on mission and that mission is to support Teaching and Learning. In order to do that, students and teachers come first, and everything else later.
The business of the school is education, education happens within the TL dynamic.
Most school administrators will not even interrupt classes unless there is a real emergency. School administrators will inconvenience themselves to reduce the impact on teachers and students.
In organizations with a head of school or superintendent, those offices may have their own separate support for the technology to further reduce any impact to TL.
The Eisenhower Matrix
I am a big fan of using time management and decision management frameworks. My favorite is The Eisenhower Matrix. I have written about it here if for those who are not familiar with it.
I use the layout above for decision making and project planning. I also use Agile and Scrum when executing the actual pieces of projects. I need these tools to prevent reacting emotionally to problems.
In the scenario above this is how I would categorize each of the three support problems.
DO, Do it Now: 1) A teacher has standardized testing starting in 30 minutes however she is unable to access the testing site.
The reasoning here is that standardized tests have controls that the school must follow. This is a tricky scenario because unless you have implemented IT procedures for standardized testing you would not realize that the pre-testing is completed well in advance. That means the school has already scheduled and guaranteed a test window. The test either has to occur or be canceled and rescheduled. I would write a guide on test implementation, and they vary greatly. For older children, there is a high risk if these test fail.
DECIDE: 3) A teacher is unable to start a lecture because her PowerPoint won’t open. Students are waiting in the classroom.
As a school administrator, I would, of course, ask IT to go help the teacher immediately. In this case, you really need to know the schedule before deciding when to go. If classes are 70-80 minutes every other day, you would want someone in there immediately. If classes are 35-40 minutes daily, you would want to send someone at the end of the class.
The technology has made achieving the lesson goals impossible if the lesson is short. However, the lesson occurs so often that the impact on TL is low. In fact, taking more time in the end when the students are transitioning will allow someone to look at prevention instead of just adding a quick solution that only deals with the symptom.
Most schools have requirements that teachers should be able to run their lessons in the event of an IT failure. This should not happen every day, but it can happen, and teachers are required to work through the issue. If a teacher follows protocol going into the class 5-10 minutes after class has begun, could interrupt their backup plan.
This is why it is a DECIDE. It varies based-on campus and culture.
Delegate: 2) The principal (aka your immediate supervisor) can’t open a spreadsheet that she needs to have ready for a presentation later that same day.
Anyone can do this job as soon as the others are in progress. If there is one IT support person, they will do this last. It is not time-sensitive. Most principals would angry if a teacher or class of students were put in lower priority.
If there is a team, the leader could assign someone to this with a reasonable timeframe.
If you are in EdTech IT Support, make sure you are connected to the culture of your school. Understanding the policies and procedures outside of IT is key to understanding how to support Teaching and Learning.
I have been working with robotics since 2005. I have worked with students from US Grade 4 to students competing in university competitions.
As of late, I have been shocked by this trend: remote control.
Remote control is not the future. The future is autonomous and AI-driven. So why are schools teaching robotics via remote control at all levels with very little autonomous programming?
The software that was once easy to access, often free, and allowed for fairly deep programming has reverted to big graphical blocks.
This is why I am very excited about Cubit Robotics/Electronics for STEM.
I asked Cubit for a sample kit, and they sent it along. My robot frame and build were simple because I wanted to focus on programming.
The Cubit was loaded with sensor options, and the programming interface was Bluetooth.
For the record, I was using a Macbook, and I was very happy to get back into a programming environment that empowered real coding on an Apple. As of late, most of the robotics packages I have used on an Apple have removed the text-based coding options.
The flexibility was nice, and the educational scaffolding was clear.
You can start with the colorful blocks, and easily get things working.
Then, you can get into the code, and make things work the way you want.
Cubit uses Lua language. I found it to be an excellent primer for going in a variety of programming directions. I have always found that using robotics and electronics as a prerequisite for IB or AP computer science is a better primer than simply having an introductory course based solely in a language. Let’s be honest, robots are fun, and they can really help build the programming competency base.
If you are new to robotics and have no idea where to get started, Cubit is an excellent solution. Cubit provides a built-in curriculum with projects ranging from elementary to high school. The programming environment guides users through the initial steps.
Robotic’s education needs to move away from the obsession with remote control. I believe this obsession emerged from the ubiquity of mobile devices, and the realization that automation is usually a low scoring and frustrating endeavor. When students can use a remote control, they can get more points and do more in less time.
The process, stress, and failure should be the goal when using robotics for K-12 education. If a student can understand the complexities of automation before they leave high school, then they are better prepared for the AI-driven future and their place within it.
It is small, affordable, and easy to build, but Cubit is a step towards authentic learning and forward-thinking.