Scan Your School for Unsecured Public Documents

Screen Shot 2019-08-08 at 1.10.41 PM

By: Tony DePrato | Follow me on LinkedIn

How many documents do you have open to the public? When was the last time you checked to see what anyone with internet access could download from your school website, your PowerSchool or SIS public folder, or even your various cloud services?

Before you think I am wasting your time, here is a quick glimpse of a simple public search for budgets people have not secured:

Budget_Search

 

If the above animation is not clear, don’t worry. I will show you how to do it.

INURL and FileType

Google has some cool advanced search features. To scan your public files, the two I recommend are “inurl:” and “filetype:” .

For example when copying and pasting the following string into Google, inurl:saschina.org filetype:pdf , the results are all public PDF files that exist with any url that contains saschina.org.

Screen Shot 2019-08-08 at 1.20.38 PM

Keeping the url simple often yields more results. For example, using saschina would look at other domains. If you add the .org, then the search will be limited to the .org domain only.

When to Worry about Public Documents

First off, many documents are supposed to be public. Seeing documents in this type of search is normal and excepted. What is not usually expected are documents that contain:

  • Name associated with contact information
  • Medical information
  • Names of parents, donors, etc.
  • Special codes use to tell vendors/suppliers who has organizational authority to place orders
  • Bank information
  • Payment information
  • Usernames and Passwords
  • Etc

Documents with information similar to the above should be secured, unless required to be public for legal reasons.

I would suggest having document ID numbers in the footer that indicated a document should be public. This simple practice would allow everyone in the organization to report documents that should not be public.

The link below will take you to a page that will help you begin checking your online resources.

Want to Jump In and Start Scanning? Get Started Here

If you want more information on data security, privacy, and data auditing for your school, please contact me using the form below.

 

Live In the Now with OneDrive for Business

onedrive-apple

By Tony DePrato | Follow me on Twitter @tdeprato

A year ago, many people using Office 365 for Education were really angry at OneDrive for Business. When Microsoft made the official switch from the public OneDrive to the Business Version, things were not good.

People forget the development most products follow. They forget the limits of the original Google Apps for Education. They forget the features that Facebook 1.0 did not have. Because people easily forgot, they are prone to become neophobes. Neophobia is the extreme or irrational fear or dislike of anything new or unfamiliar. Irrational being the keyword.

New technology is rarely given a fair chance. This is why many products stay in beta or in small user circles for years. OneDrive for Business did have a rough start, but even in the early stages it was a decent cloud storage client. In Asia, one of the main issues was speed. This has been remedied.

I felt compelled to write this post, because I feel like I have a track record for doing unbiased comparisons on cloud services. Office 365 is gaining ground in some very big areas. The video below, very unprofessional and horribly narrated, clearly illustrates the speed of OneDrive for Business. Please note, I have been using Groups in Office 365 as a video sharing platform, and they are working great. The use OneDrive storage as well. The speed for adding video is excellent, and the MP4s seem to playback quickly in Chrome and IE 11.

Technology changes. Basing decisions off of a single bad experience more than 180 days in the past is a mistake. If something looks promising, keep it on your radar.

 

live-in-the-now-analysis-services

Understanding The Cloud

cloud (1)

 

By Tony DePrato | Follow me on Twitter @tdeprato

Cloud computing is one of the most difficult concepts to explain to people who spend most of their time working with children, running a school, and monitoring educational processes. Cloud computing is difficult to explain because it is imbued with industry jargon and misleading sales language, and when most people think about it, the concept is odd. After all, if cloud computing is fairly new, and the Internet is not new, then what were people doing before? How were they working? Why did anyone need, or want, to switch from one way of working to another?

Read More Here @ The International Educator.

Awesome Office 365 Signatures with HTML

sigsample
By:
Tony DePrato | Follow me on Twitter @tdeprato

The process of implementing branded email signatures has changed in the last few years. Most companies have definitely moved on to simple clean designs. The days of the big banners are thankfully gone, the few remaining hold outs are probably filtered by spam. Thank you for that smart inbox filters.

Many companies probably are not even aware that when they build signatures the old way, that those signatures are not actually working outside of the organization’s email system. If you have not tested this, please do. Check an email that has been sent to another system, and look at in on a mobile device. If it is not showing on mobile platforms, then setting the signature is a waste of time.

Although schools are not companies, most do have branding regulations, and if a school has switched from the traditional Outlook/Exchange environment to the cloud, they probably have struggled maintaining consistent branding.

Cloud based branding options are limited unless a third party solution is involved. These solutions can be expensive, and really, the email signature does very little for the school. Very few people and organizations connected to a school even notice email branding, and/or are influenced by email branding. Email branding is good and should be consistent, but it is not worth more than a few minutes of time per employee.

I am going to explain how to do email branding properly in Office 365 using a simple and free technique. Some HTML skills are required, but the implementation is very simple. This process will probably work in Google Apps, but testing is pending.

Requirements

  1. A server or computer that can host an HTML file for your school. This can be done on the local network.
  2. Someone who has basic to intermediate HTML skills. This would be a great project for some middle school students.
  3. Outlook 2016 for those not using Office 365 WebMail.
  4. The design and standards. This needs to include font names etc.

The Code

There are many ways to do this. I am using tables because the Office 365 WebMail and Outlook 2016 support tables in the tool bar.




<table width="550px" cellspacing="0px"</pre>
<pre>style="font-size:13px;font-weight:bold;font-family:'</pre>
<pre>Trebuchet MS','黑体','SimHei';">



<tr>



<td>Anthony DePrato</td>




<td></td>



</tr>





<tr width="50px">





<td>学习技术主任 <font color="#4d9e4a">|</font></pre>
<pre>Director of Technology</td>





<td></td>



</tr>





<tr>



<td>电话 Telephone: (86) 21 000000 - 6311</pre>
<pre><font color="#4d9e4a">|</font> 手机 Mobile: (86)0000-060-8007</td>





<td></td>



</tr>





<tr>




<td><a href="http://YOURSERVER"</pre>
<pre>style="color:#F0A300;font-weight:bold;">http://YOURSERVER</a></td>





<td></td>


</tr>


</table>





<table>


<tr>



<td><a href="http://YOURSERVER"><img</pre>
<pre>src="http://YOURSERVER/ebanner.png"></a></td>




<td></td>


</tr>




<tr>


<td><img src="http://YOURSERVER/ykpsqr.jpg"</pre>
<pre>width=120px height=120px></td>




<td></td>


</tr>


</table>



The code is very simple, but if you are using Chinese Characters, then there are other methods you need to follow. This may also be the case with Arabic, Japanese, and Korean. However, the localization process is not that hard, and you do not need to make everything into graphics. I am happy to explain how to localize for any language. All anyone needs to localize the email signature are HTML skills. Contact me via email if you need help with localization in any part of Office 365.

The Implementation

Here are the steps with a video to reinforce the process:

  1. Go to the URL of the HTML page holding the signature
  2. Select All and Copy
  3. Open the Signature Setup on Outlook WebMail
  4. Delete any current signature(s)
  5. Paste the new signature
  6. Change the information to match your details. You can type right over the content.
  7. Open Outlook 2016
  8. Go to the Signature Setup
  9. Repeat steps 4-6

Microsoft says that Outlook 2016 will inherit settings, but my setup does not seem to do this consistently. The majority of our users are only on WebMail, so the Outlook 2016 process is only for about 20% of the staff.  If it were 50% or higher, I would definitely focus on the auto-sync features.

You Have an Awesome QR Code, Do I Want That?

I think many people read emails with their phones next to them. I like the QR Code because it draws the reader to the bottom of the signature, hopefully reading the signature.

Readers can then use their phones to go to the QR link, which probably creates a chain reaction of sharing and linking on social media.

Setting-up the QR Code with colors and logo is not that difficult. I will do a full tutorial on that process in the future, but here are some resources to get you going:

In Summation

If you are doing email branding, and you want to have the average person be able to apply it consistently, use HTML. The whole process can be easily managed, and future updates are trivial.

If your organization really believes email branding drives parents to the school or donors to your institutional development, then ask for data on this before spending the time and money on a platform for centrally managing email branding in the cloud. Marketing is important, and so is brand identity, but I do not believe email branding in schools achieves any significant ROI.

Schools are not exactly the same as corporations, even if they are for-profit schools. A school can justify to parents and stakeholders that simple marketing initiatives are implemented to allow more investment into learning. And you know what? People respect that more than a flashy logo or banner in an email.

Tony DePrato

www.tonydeprato.com

www.pblstem.com

Need a reminder of what people use to do with banners? 

Ghetto Banner Ads

Aren’t you glad those days are over?

Google Apps vs Office 365 : The Simplest Answer You Will Eventually Read

decide

I have traveled to many places on the planet Earth. I have been in deserts, jungles, various oceans, in the frigid cold of Eastern Europe, and the unbearable summers of the Arabian Gulf.

I have found that sometimes I encounter a new place that seems like a place I would want to live. Something about it truly stands-out. I am not one to move on quickly. I tend to linger and explore. I want to find the underlying reason for the charm. I want to be as objective as possible. After all, I have learned that if I decide to move and live somewhere, I can move and live anywhere.

Visits always end, and returning back to home is inevitable. It is only after a person returns home, and they are completely unable to ‘be’ where they were, that they understand what not being there means.

This inability to connect truly helps shape the final and most objective opinion we can form, always a little bias, but honest about the reality of where we are and where we could go.

Only in this state of objective absenteeism can a person say, “Yes. I do want to change and do something different in a different place.”  Or, “No. I think what I have is all I need, and change would be less gain and more loss in the long run.”

I am telling you, without any hesitation, that being disconnect and unable to fluidly use Google Apps, the Google Api, and the millions of websites that are Google powered has limited my ability to reach students, families, and staff. It has forced me to create small pieces of infrastructure, at significant cost, just to get beyond word processing and email.

I am in a place where it is impossible to guarantee universal access to anything powered or owned by Google solutions. Most people are not aware that over a million websites use the Google Api, store their videos on Youtube, or use Jquery hosted by Google. Most of the free sites used by people sporting Web 2.0 interfaces for schools use these services.

Google Apps is not about mail and making documents, it is about being part of a massive ecosystem. If all you do is bicker and worry over the best way to make a presentation or send an email, then as a technology leader you are doing a disservice to your community.

Everyday I manage and implement features for my campuses with Office 365 and Sharepoint. My team and have just been recognised by Microsoft as leaders in our region for our implementation. I use everything they have. I design solutions in Sharepoint, move people into OneDrive for Business against their will, and create training materials full of hints and tricks like a boss.

Doubt not! I am an Office 365 ninja.

But if I had a choice, I would simply use Office 365 for office staff only. Anything and anyone connected to teaching and learning would be on Google Apps.  I would run multiple email domains, which I do anyway, and share data via the Active Directory.

I have seen a few very good international schools recently tell all staff, and new hires, “If you want Office make sure you buy your own copy.” I think this is smart, and cost effective. I also think everyone who needs Office can afford the educational price once every five years. I, in fact, have done this in the past. The world did not end. Some people were angry. But when I rolled out four new software packages for math and science with the savings from the Office license, tempers faded.

The simple answer to the debate, Google Apps or Office 365 is:

Teaching and Learning = Google Apps

Office Staff = Office 365

Everyone = Can use solutions developed in both environments.

Until you have known both, and then can only have one, you may not understand.

Tony DePrato

http://www.tonydeprato.com

 

Office 365 for Education, What You Need to Know and Don’t Want to Hear

sharepoint-developer-houston

I have been using various versions of Microsoft education solutions since 2007. I am also quiet adept at developing online Sharepoint solutions for business processes, writing custom scripts to make accessing Microsoft resources easier, and by-passing much of the fake resources and security Microsoft has to offer. In addition, I have been using Google Apps since they were first introduced, mostly because I needed to work and the Microsoft made it difficult to do anything aside from typing a memo 1990’s style. My Google experience extends to setting-up Google Apps for education on three occasions, writing custom app functions, working with multiple domain configurations, and even developing a bulk upload/download process to Google Drive.

I am working in China now, and the school does not have a campus wide VPN. Therefore our only affordable cloud solution is Office 365. Our current implementation has gained praise from the corporate giant itself, and soon I can share an article by Microsoft about what we have been doing and how we have been doing it.

However, the fact is Office 365 still has a very long way to go. If I had the option, I would still choose Google, and I would push hard for Chrome books for the younger students. Microsoft still is lacking in developing mature products that are truly online. They have new licensing, which is a huge step forward, but they are limiting the options to certain regions. This can be seen in the USA where students can easily get desktop software for free, but in China we have to make special arrangements to get these same features.

For those schools or districts who feel that you have some magic plan with Microsoft, believe me you do not. Anyone can access deals with enough users, and desktop software in 2015 should not be a motivating force for increasing student resources.

OneDrive for Business is better than it was last year, but still years behind Google Drive. It is very fast, and my tests have shown it to be faster than Dropbox or Google Drive. However, the desktop clients which are needed to do bulk work are rough around the edges. They do work, and on Mac OS X now as well, but if you are a Google Drive user you always feel like you are in someone’s beta test instead of a finished product.

The mobile Office 365 clients are pretty good. One shining example is OneNote. I really like OneNote, and I am starting to prefer it to Evernote. This is going to be a new key application we use with students in the next semester. It works great, and on iPad has some nice features for handwriting. What is funny is that OneNote is more flexible than Word and has features you would expect in a truly collaborative environment, yet, many decision makers are obsessed with giving everyone Word. I guess they love the useful WordArt and ClipArt.

The most powerful product in Office 365 for Education is Sharepoint. I find most schools barely or rarely use it. The fact is that it is more powerful than any Google Apps for Education resource. I would wager that you would need to buy many additional Google Apps features to match even 50% of the Sharepoint features. Unfortunately, non-developers and those who see the bare-bones implementation of Sharepoint, hate it.

People hate Sharepoint for a variety of reasons. Here are a few I often here:

  1. It looks bad and has an old design.
  2. The mobile compatibility is bad.
  3. The logic for linking things around is weird and does not seem to work well.
  4. The menus don’t make sense.
  5. The terminology of what a “thing” is does not make sense.
  6. It only works well in Windows.
  7. There seem to be features I cannot access.
  8. There is no public page for people who are not part of the organisation.
  9. Speed.
  10. It is seems like a pure business product.

Out of the box, all of these things are true, yet, they are also not true. Sharepoint is designed to be developed, not started and driven around like a golf cart. It is a set of tools that require a development environment and an implementation plan. Sharepoint is not something you use by random clicking, which is how many people seem to do things. It requires intent and purpose to be useful. From it’s core it is based-on your organisational needs, and not the needs of the outside world. The apps you can add to Sharepoint are not for entertainment. They are for getting work done and creating levels of accountability.

I have a love hate relationship with Sharepoint. When I finally deploy something, I find it works well and requires very little maintenance. While creating solutions in Sharepoint Developer, I find myself constantly frustrated at some of the features that a normal development kit would have sorted out properly.

People who end-up being Sharepoint power-users tend to like it. They learn to access and use data in different ways, and automate processes that are quiet difficult to manage on paper or even with sophisticated online forms.

If integrated properly into a normal content management system (Drupal, WordPress, etc.), Sharepoint solutions work well for normal end-users, and the security is handled without any additional work. But, it needs to be integrated, you do not want the average person to ever navigate Sharepoint.

Sharepoint has an up-sell for storage space which is annoying. OneDrive has a terabyte of space per user, but it is missing many features (unless you can find the secret menus). If Sharepoint had 100GB of space allotted per organisational user license, then it would actually be a better solution than OneDrive for most people, especially if the storage was flexible and assignable.

If you are using Office 365 for Education, and you are not using Sharepoint at all, then you are missing out on many powerful tools. To get started you need to setup a development environment and then do a few courses. Here are my recommendations for the development environment and what courses should be the initial focus:

Development Environment

  • iMac or large screen Apple Laptop with Virtualbox/VMware Fusion and a licensed 64 Bit version of Windows 7. A minimum 8 GB of RAM with 4 GB assigned to the virtual machine.
  • Office installed from the Office 365 online store. This allows all users to install Office on 5 devices.
  • IE 11 or higher in the Windows 7 Environment.
  • Notepad ++ for the Windows 7 Environment.
  • Turn off all Windows security, and firewalls.
  • Install Sharepoint Designer from the Office 365 online store.
  • Update Windows 7.
  • Backup the virtual machine to a secure area on the Mac or on an external drive. If Windows gets infected or too slow, trash the virtual machine and use the copy you have made.
  • MAMP for OS X to work on things like HTML,CSS, and Javascript. It is easier to experiment this way, before working in Sharepoint Designer or the online Sharepoint design interfaces.

Training Modules and Courses

  • Introduction to Sharepoint
  • Editing Pages
  • Sharepoint Lists and Columns
  • Web-parts and App-parts.
  • Security and Permissions with Groups
  • Introduction to Sharepoint Designer
  • Introduction to Infopath
  • Making Item Workflows in Sharepoint Designer
  • Importing data into Sharepoint
  • Using Excel spreadsheets in Sharepoint Lists
  • Understanding Calculated Columns

Tony DePrato

www.tonydeprato.com

Folders, Files, Sharing, Storing and the Myth of Speed

Blackblaze Research

Warning: This is about Educational Technology, Teachers, and Students. This is not a cloud for business article, although some points are valid for all groups of cloud users.

Let us get this out of the way: Harddrives go bad, and they fail more often that anyone wants to admit. That means data loss, often total data loss.

The graph to the left was created by Backblaze. The amount of and variety of drives they tested was impressive. Their research was discussed on Lifehacker and other sites like PC Magazine.

If you are lucky to recover any of the data from a failed drive, it will mostly likely look like the second picture to the left.

Have fun trying to open and name all Screen Shot 2014-09-04 at 8.36.06 AMthose files.

I have moved large groups of people before from local network shares to cloud services. However, every time I undertake this, I receive the same complaints. I normally get pretty annoyed, because it does not occur to people that I personally have nothing to gain by helping them move from a failure-prone system with possibly one real layer of redundancy, to a system that has multiple layers of redundancy and a team of professionals keeping it operating well for world-wide business operations.

Reasons People Get Angry When Moving Files to the Cloud

Many people have the ability to use tools to SYNC files to their cloud account. However, some people are on old or incompatible operating systems that cannot support such functions with a given cloud service.

In addition, many users are not aware that the current interface design for cloud storage supports, and encourages, drag-and-drop. Users tend to believe they have to upload only one file at a time. This angers them. Knowing the shear number of files they need will take them 100s of upload button clicks.

The truth is they can drag-and-drop 50-100 files at once. A simple process, that needs to be reiterated to everyone, and often. Drag-and-drop helps take the anger from an 11 to a 7. You don’t want to see users go to 11.

The other aspect of moving to the cloud that angers the user base is the inability of some services to create layers and layers of folders.

How long does it take to make 100 folders?

About 45-60 minutes.

I did a sample of 20 folders and made the estimate. It is work. However, it is easy. Department shares in the cloud are even easier, because folders can be made by everyone in the department at the same time. Simply divide and conquer.

The department working together is a great process in itself. It hopefully will occur to them that they do not need those lesson plans from 2009. If the school needs them, the school can and should archive them. Moving to cloud should equal cleaning the data house.

Folders and Speed

Most people on network shares believe they have some speed advantage over the cloud. This is true if you are streaming video, or working with large amounts of data. Based-on network bandwidth studies, I personal exceed the daily bandwidth average by about 2 GB. That means that most teachers on-campus are using at least 2GB less than me, and I am 90% cloud-based. I work with video nearly everyday. I work with large data sets everyday. I am doing more. Creating more. Sharing more. I have not used a network share for anything except storing large video files, in the last 5 years. If people tell me “check on the shared drive”, I find the item in question and put it in the cloud.

Network shares, especially the ones that auto-mount, add overhead to the computer. A better way to say that is, they slow down the computer. So maybe that Word doc opens .4 seconds faster, but the computer stops and spins for 3 minutes 10 times a day in the middle of working.

Folders, especially nested folders, are not fast of efficient ways to store data. For example:

English –> Year 5 –>Homework –> Shakespeare — Unit 1 — doc1.docx

Doing network audits can be interesting. Not only will you find complex nesting, but you will find 20 files named “doc1.docx”.  Guess what that means? Network searching will fail. Results will be slow, and there will be numerous false positives.

In the cloud, this whole nested concept can simply fade away. The cloud storage structure is simple and easy, and it allows smart and organizes search. For example:

English –> Y5-Shakespeare-unit1 [TAG Homework]

In the cloud model, I would use one folder for the subject, and simply name the file(s), what the file(s) is about. Now, search will work. In fact, search will work and group things by “Y5”, “Shakespeare”, “Unit1”, and “Homework”.

Not to mention there is no browsing. No staring at size 10-12 font scanning 100s of files and hoping you remember the folder names, 3-4 layers down.

Files and Versioning

All cloud services I am familiar with support version control. This means you can keep one file, using the same name, but the most recent version, or the system will simply add a number, 1,2,3, etc., to the file name. This makes it clear which version you are working on.

The file view in cloud services is usually customisable. This means the ability to see files in the way you need to read them. Maybe by date modified, date created, or size. Everyone has different needs.

Operating systems support this, and I use these filters all the time. However, in 10 years of training teachers and school administrators, I have rarely gotten them to remember to switch to a detailed file view. Most people surf thumbnails like Ponce de León looking for the fountain of youth. 

As a cloud service admin, I default the departmental shares to organize the file view so it shows the most recent files and the most recent versions. I also default it to show who created the file and the last person who modified it. This is quietly saving people time.

Sharing not Emailing

Cloud services encourage users to share. Sharing can be a bit of a mental tornado. Teaching people permission levels, and how to share with students versus colleagues is also challenging.

I suppose that in some cases, emailing an attachment is innately safer and easier. Unfortunately the practice of attaching is unintentionally excluding people. Mobile device users, iPad users, and anyone not on a traditional computing platform will struggle with email based attachments.

The world is changing. From Andorid to Windows 8, things do not work as they use to work.  Mobile devices and new operating system designs rely on the cloud for storage, updates, and authentication. They are designed for sharing, and not attaching.

Teachers existing on network shares cannot share and truly connect with students, if those students are not on the same platform and network that the teachers are on. This usually means no access from home, no ability to collaborate with iPads or other devices, and no asynchronous communications.

Cloud based documents allow for asynchronous(async) feedback and corrections. The async method allows teachers to assign work in smaller more focused modules, with the goal of expanding on the problems that occur as the assignment develops. Very few people have time for real-time feedback and correction. Cloud based services natively fuel collaboration between teachers and students without asking for more face-to-face time.

What if there is no Internet?

I have worked in two places where the internet was very suspect. It would be up and down very regularly. Every time the internet would fail, I never noticed that people said, “Hey I can still get all my work done. I have the network shares.”  Just the opposite. My office was filled with people telling me how it was impossible for them to do their work.

One can guess at why. Maybe it was because the contents of many of those network documents are taken from online. It could be entire departments rely on websites for their curriculum activities. Also, it is possible, that they students were getting all their assignments from work that was moved from the local network, to an online learning environment.

The fact is, if the internet goes down, the “plan-b” is never to have a party on the network shares. The “plan-b” should be to work and learn without technology. Making a good backup plan for no internet days is another topic for discussion, but I would never include any technology in a backup plan that is to be used in the event of a major network failure.

Someone asked me once at a conference, “So what if Google goes down. Or Microsoft goes down? What then?”

I responded, “I would rather be the person standing with the millions of people working-on and demanding a solution than the one IT professional trying to recover data from a single server room failure.” Who wants to be that guy?

Ca·thar·sis

The easiest thing for an IT department to do is give user a big bin to throw their stuff into. Unmanaged. Not optimised for speed. Little to no redundancy. Set it and forget it.

This is not good practice. To manage local shares correctly, someone needs to dedicate time and money to the process. Most companies overtask their IT people when it comes to infrastructure, so the lack of concern for someone else’s data is low.

The hardest thing for an IT department to do, is create something that is customisable at the school, departmental, and personal levels. To, in fact, differentiate the technology for needs, when those needs arise. Moving to the cloud is not easy, or a free pass for the technology team, it is just the best way for most organisations to create new opportunities.

Cloud services have so many benefits to education, that writing about them would require a book, or a few 100 posts. That writing is being done daily all over the internet, and all over the world. My message to teachers, students, and anyone is this : Before being critical of change, take time to look around. Take time to look it up. Take time to see the changes happening NOW.

If it were really slower, worse, and a waste of time why would so many educational organisations all over the world be in the cloud or switching to the cloud?

Do the research. Release the anger on proving this post wrong. In the end, just get on with it. Make a few folders. Move the files. Start collaborating. Use that iPad for something other than games and reading novels.

Tony DePrato

www.tonydeprato.com

 

Flame Virus,Cyber Weapons and the Cloud

The Problem

Recently there has been press on a new Cyber-Weapon called FLAME. Now many of you might be wondering why I called it a Cyber-Weapon. Well here are a list of things it can do: 

  1. Record audio from your computer’s microphone.
  2. Take screenshots of your screen.
  3. Record keyboard activity, and log your passwords.
  4. Monitor networktraffic and know what websites you use.
  5. Record Skype conversations. 
  6. Turn infected computers into Bluetooth beacons which attempt to download contact information from nearby Bluetooth-enabled devices.
  7. Self-destruct when it is aware that someone has began monitoring it’s source code.
  8. Transmit all the data quietly and slowly to servers around the globe.

This is not a simple virus, it is a weapon. I do not want to say it is SMART, but being able to destroy yourself and erase your forensic finger print is pretty “clever”.

Flame is going to be one of many new cyber weapons. How they begin to affect educational technology is uncertain. My worst fear is that schools will believe that over investing in localized network security will help. It will not. It will slow down the network, it will make everyone wish they were off-campus so they could get their work done, and it will develop a false sense of security. How do I know? Because this is what happens now.

I have had to only deal with 3 major network attacks in my life, so I am not an expert. However, I do take a very aggressive approach once I am aware of an attack. The first thing I do is DISCONNECT. I literally disconnect network nodes until the issue is isolated. I do not waste time trying to CLEAN one system, while others are being infected. I physically quarantine the problem, and if that means NO POWER, it means NO POWER. 

The reason being that if an attack starts, the anti-virus(AV) and security have already failed. If a new attack is clever,then existing tools based-on pattern recognition cannot recognize it. Simple logic. The tools most schools invest it are not SMART enough to deal with a sophisticated threat. The best attacks are the ones that spend time disabling all the security before they spread. 

We are now faced with cyber weapons that can use multiple communications protocols to spread. They can read and interpret everything we do, lay quietly in the architecture, and transmit data and personal information slowly so as not to be noticed.

Are we doomed? No. We just need to add a bit of Humanity and logic to the problem, and start teaming-up.

The Solution

I was just at a cloud computing conference in Malaysia, and I was on a panel discussion. They asked everyone about security. The question was, “if you are hosting everything with a massive service like Amazon, and they get hacked, then isn’t the damage and final resolution going to be worse than if you were managing things privately (and of course paying more money)?” I said, “I would rather be hacked with 2000 people working-on the same problem, than be hacked alone.”  People laughed, but I did get a few glances from audience members that saw my point and agreed with me. 

The simple fact is this – SCHOOL NETWORK ADMINISTRATOR YOU CANNOT BEAT FLAME OR ANY OTHER CYBER WEAPON LIKE IT ON YOUR OWN.  

This is why our first responsible step as educational technology leaders is to start consolidating resources with cloud-based services that offer military grade protection. A few would be Amazon, Microsoft, Google, Rackspace, etc.  These companies are connected to the resources they need to rapidly identify, study, and solve serious security threats. They are clustered around the world in such a way that not all of their data centers get hit at the same time. This allows them to suffer a few blows, but then counter-punch. 

Dealing with serous threats requires an understudying of cryptography as well as computer systems. Is your network administrator good at crypto-analysis? Telling your AV software to update, is not going to help when the threat is smarter than any software the AV company makes. 

The next phase of the solution is implementing policies that push people to work in and from the cloud, and ban them from bringing USB devices of any kind. USB devices are tough to regulate, especially with Windows. As far as I am aware, most people do not have the software in place to limit USB executables, but still allow the rest of the USB to work. This is how USB devices do damage, they give the initial threat an environment to start-up and spread. 

If people are working in and from the cloud this will not happen as often, and it could be strictly implemented and/or banned completely. 

In schools the big issue is media. All I can say is that it is getting better out there. If you have the bandwidth you can do big media work using cloud-based services. If you have poor bandwidth then the need for USB-based transport becomes inevitable. What can I say, stop buying AV licensing and pay for more bandwidth. 🙂 

The Conclusion

Without a doubt we need local network security and policies, however if the majority of what we need and what we do is happening in the cloud then ….How much local protection do we really need? 

A solid network configuration and well designed network layout can do more than most software can because it deals with issues at the port level and can work to cut off access to individual devices which are a threat.  Network monitoring software can also give a single administrator an overview of the health of the network, and a visual representation of anomalies. 

Humanizing a process provides a randomness that offsets the power of any cyber weapon. We are unpredictable and follow different paths to reach the same goals. We cannot be easily downloaded and observed, like security software, and we can choose to do something that software usually cannot…We can choose to not react.

We can turn off the power. Unplug the gear. Cut off the data collection. And leave a threat sitting dead on a drive while we think about the next move.

Tony DePrato

http://www.tonydeprato.com 

Podcast Episode 34 – May 17, 2012

On location again. This time at the Grand Excelsior in Dubai. This episode we have Brandon Girard joining us again and Tony. It’s another fantastic episode. If you like what you hear please subscribe to use on iTunes and leave a comment below. Here is what is on tap for this week’s episode of IT Babble.

1) Tony’s Post – “Transition to the Cloud: Avoiding Mistakes and Leading the Change

2) Patrick’s kidblog.org series- student guide, teacher guide, overview

3) Getting rid of textbooks? An article by Shelly Blake-Plock “Increase Student Engagement by Getting Rid of Textbooks

4) iPhone app of the week – DIY nano

5) www.cueprompter.com

You can listen to it below.

Download it HERE!