+ Post New Thread
Results 1 to 15 of 15
General Chat Thread, Need Some Advice Please .What Would You Do If You Were Me.!. in General; Hello . I need some advice please on this subject (put yourself in my shoes ) what would you do ...
  1. #1
    tickmike's Avatar
    Join Date
    Jul 2006
    Location
    South Derbyshire. U.K.
    Posts
    367
    Thank Post
    5
    Thanked 3 Times in 3 Posts
    Rep Power
    16

    Need Some Advice Please .What Would You Do If You Were Me.!.

    Hello . I need some advice please on this subject (put yourself in my shoes ) what would you do ?.

    Talking to the head of the school I help for free and I'm not connected now in any way, there was a question that came up "can I see any of the data on the network" ( I think she was talking about the pupils folders/files and the staff and admin files).

    Reading between the lines I think she needed an answer for parents or offstead if she was asked.

    I put her mind at rest by saying that unless she give me all the passwords I could not see all the data. (oop's). ops:
    I also said (which is true) that I'm not interested in what is in any bodies folders or files only interested in the working of the network and the usefulness for the pupils education.

    So I been thinking about folder / file Encryption.

    1.. Do you use it .

    2.. Is there problems with its use.

    3.. Is it worth me telling the head about it.

    4.. If we used it on the admin / staff folders would you also suggest it used on the pupils folders as well if she that concerned..

    Any comments on this subject will be appreciated.

    From Michael.

  2. #2
    ajbritton's Avatar
    Join Date
    Jul 2005
    Location
    Wandsworth
    Posts
    1,632
    Thank Post
    23
    Thanked 75 Times in 45 Posts
    Rep Power
    33

    Re: NEED SOME ADVICE PLEASE .WHAT WOULD YOU DO IF YOU WERE ME.!.

    If we're talking about EFS, then there's one big issue in the following scenario

    1 - User encrypts their home folder (or even just a few files)
    2 - User forgets password P
    4 - You change the users password
    5 - Encrypted files cannot now be accessed unless user remembers original password.

    I believe it is possible to get around this by setting up a recovery policy (never done this though), which would enable you to recover the data. Either way then you'll be able to get at the data.

  3. #3


    Join Date
    Dec 2005
    Location
    In the server room, with the lead pipe.
    Posts
    4,538
    Thank Post
    271
    Thanked 752 Times in 590 Posts
    Rep Power
    218

    Re: NEED SOME ADVICE PLEASE .WHAT WOULD YOU DO IF YOU WERE M

    You can set an overriding efs key so the domain admin can unencrypt stuff if users forget passwords. Haven't done it but cursory reading makes it appear easy enough.

    Regarding being root: you may want to consider an non-disclosure agreement or similar agreement so that the school (and you) are covered for Ofsted / Data Protection.

    It's better to tell the head the truth (she'll work it out if you ever have to change her password - "if he can change my password, he can log in as me = access what I can access") and state why they need to entrust someone with that ability.

  4. #4
    tickmike's Avatar
    Join Date
    Jul 2006
    Location
    South Derbyshire. U.K.
    Posts
    367
    Thank Post
    5
    Thanked 3 Times in 3 Posts
    Rep Power
    16

    Re: NEED SOME ADVICE PLEASE .WHAT WOULD YOU DO IF YOU WERE M

    This sound interesting would she draft something out or is there a standard form ?
    Re... egarding being root: you may want to consider an non-disclosure agreement or similar agreement so that the school (and you) are covered for Ofsted / Data Protection.
    Michael.

  5. #5


    Join Date
    Dec 2005
    Location
    In the server room, with the lead pipe.
    Posts
    4,538
    Thank Post
    271
    Thanked 752 Times in 590 Posts
    Rep Power
    218

    Re: NEED SOME ADVICE PLEASE .WHAT WOULD YOU DO IF YOU WERE M

    IANAL but I have signed NDAs before.

    They are legal documents that are signed by you, the other party + witnesses. NDAs are negotiable by both parties and are usually used to protect intellectual property: one or both parties agree to not reveal privileged information gained by doing $job to outside parties both during and after working for a company. NDAs can be perpetual (never reveal) or time-limited.

    That way there's a legally-binding undertaking on your part to not reveal any info you learn and an explicit acknowledgement by the school that they are aware you will learn such info and they are OK with this. It covers their arse and yours.

    I strongly suggest you consult your solicitor and ask them to draw one up.

  6. #6

    Join Date
    Jul 2005
    Location
    Worthing, West Sussex
    Posts
    831
    Thank Post
    16
    Thanked 66 Times in 61 Posts
    Rep Power
    32

    Re: NEED SOME ADVICE PLEASE .WHAT WOULD YOU DO IF YOU WERE M

    The NDA is not a bad idea.

    The problem is arising because you are not employed by the school or the Local Authority, and as such, are outside of their control.

    I have just got the contracts through from the LEA for my new jobs and they include a clause very similar to an NDA covering all issues of confidentiality, Data Protection and data access.

    This is a very serious issue in this modern world and you would both (ie. yourself and the school) do well to ensure that all relevant 'backside covering' has been done.

    It is probably worth getting the head to take advice from the LEA about what's needed in the first instance, certainly before incurring legal costs from engaging a solicitor

  7. #7

    plexer's Avatar
    Join Date
    Dec 2005
    Location
    Norfolk
    Posts
    12,995
    Thank Post
    590
    Thanked 1,499 Times in 1,345 Posts
    Rep Power
    398

    Re: NEED SOME ADVICE PLEASE .WHAT WOULD YOU DO IF YOU WERE ME.!.

    I think you should come up with something like a NDA just so you and the school are both satisfied if it ever comes up having a document/policy to show you have allready explored this issue should be enough to satisfy anyone.

    At the end of the day administering a network gives you the ability to look at just about anything should you so wish however going down this route may lead others to not being in a job for long.

    Regarding encryption I thought that the enterprise admin can always decrypt windows stuff. If you changed domain names or something and had encrypted files then you would be stuffed.

    Ben

  8. #8
    tickmike's Avatar
    Join Date
    Jul 2006
    Location
    South Derbyshire. U.K.
    Posts
    367
    Thank Post
    5
    Thanked 3 Times in 3 Posts
    Rep Power
    16

    Re: NEED SOME ADVICE PLEASE .WHAT WOULD YOU DO IF YOU WERE M

    Thanks .

    Its A Private Parent Run School, No Lea . Ofsted Yes.

    The Parents make all rules via. a management group.

    One Head/Teacher and Two Other Teachers.

    Parents for admin,cleaning, odd jobs, Gardening, helping in class, etc. etc.

    Parents also raise all the money to run the school.

    Michael.

  9. #9

    Join Date
    Jun 2005
    Location
    Herefordshire
    Posts
    18
    Thank Post
    0
    Thanked 0 Times in 0 Posts
    Rep Power
    0

    Re: NEED SOME ADVICE PLEASE .WHAT WOULD YOU DO IF YOU WERE M

    Always a sticky one.

    As previously stated, you are always going to have access to sensitive stuff, its the nature of the job, especially on small networks when there may only be one admin. As far as you are concerned its all just data. It should be up to staff to qualify what is sensitive and who should have access to it.

    For peace of mind for the school do the NDA thing but also get yourself on the Criminal Records Bureau (CRB Checked) if you havent already got one. I consider this an absolute must for handling Pupil related information of any sensitivity. It also shows that you have been open and proactive as an employee and are sensitive to the nature of confidential data.

    Aidan

  10. #10
    tickmike's Avatar
    Join Date
    Jul 2006
    Location
    South Derbyshire. U.K.
    Posts
    367
    Thank Post
    5
    Thanked 3 Times in 3 Posts
    Rep Power
    16

    Re: NEED SOME ADVICE PLEASE .WHAT WOULD YOU DO IF YOU WERE M

    Being this is a charity I would not want them to have any costs ( and there no way I will pay for it being I'm already giving them lots of my own time for free).

    So if the head / school management wrote up some document and I agreed with it and signed it would that be ok do you think.

    About CRB, I have been checked out when I was a helping parent at the school but I believe it must have run out because my daughter has left that school two years ago, I will get them to renew it.

    Can anyone give me some idea what the document would be like (not word for word but general outline please).

    Michael.

  11. #11
    Norphy's Avatar
    Join Date
    Jan 2006
    Location
    Harpenden
    Posts
    1,990
    Thank Post
    45
    Thanked 219 Times in 166 Posts
    Blog Entries
    6
    Rep Power
    94

    Re: NEED SOME ADVICE PLEASE .WHAT WOULD YOU DO IF YOU WERE ME.!.

    It would probably be along the lines of

    "I understand that I have access to potentially sensitive material. I will not access anything confidential unless it is necessary to do so. If the need does arise to do so, I will not disclose the information to anyone outside of the organisation"

    I'm not a lawyer but I think that probably covers it quite well.

    Oh and lay off the caps lock, we can all hear you you know :P

  12. #12
    tickmike's Avatar
    Join Date
    Jul 2006
    Location
    South Derbyshire. U.K.
    Posts
    367
    Thank Post
    5
    Thanked 3 Times in 3 Posts
    Rep Power
    16

    Re: NEED SOME ADVICE PLEASE .WHAT WOULD YOU DO IF YOU WERE M

    Thank for that Norphy

    The use of bold I have been finding the some members have mist important points eg. I use sever 2000 .
    also I do not know how this 'quote' button works at the top of the post . :?

    Michael

  13. #13

    russdev's Avatar
    Join Date
    Jun 2005
    Location
    Leicestershire
    Posts
    6,873
    Thank Post
    650
    Thanked 534 Times in 353 Posts
    Blog Entries
    3
    Rep Power
    200

    Re: NEED SOME ADVICE PLEASE .WHAT WOULD YOU DO IF YOU WERE M

    Quote Originally Posted by tickmike
    Thank for that Norphy

    The use of bold I have been finding the some members have mist important points eg. I use sever 2000 .
    also I do not know how this 'quote' button works at the top of the post . :?

    Michael
    the quote button click on it and opens ups a reply with contents quoted in it.

    Russ

  14. #14
    Norphy's Avatar
    Join Date
    Jan 2006
    Location
    Harpenden
    Posts
    1,990
    Thank Post
    45
    Thanked 219 Times in 166 Posts
    Blog Entries
    6
    Rep Power
    94

    Re: NEED SOME ADVICE PLEASE .WHAT WOULD YOU DO IF YOU WERE M

    Quote Originally Posted by tickmike
    Thank for that Norphy

    The use of bold I have been finding the some members have mist important points eg. I use sever 2000 .
    also I do not know how this 'quote' button works at the top of the post . :?

    Michael
    I have no problem with the liberal use of bold, helps emphasise the point if necessary. I was talking about the all caps thread title. It is generally considered poor netiquette to use nothing but caps in a thread or thread title, it's the online equivalent of shouting

  15. #15
    tickmike's Avatar
    Join Date
    Jul 2006
    Location
    South Derbyshire. U.K.
    Posts
    367
    Thank Post
    5
    Thanked 3 Times in 3 Posts
    Rep Power
    16

    Re: NEED SOME ADVICE PLEASE .WHAT WOULD YOU DO IF YOU WERE M

    Quote Originally Posted by Norphy
    Quote Originally Posted by tickmike
    Thank for that Norphy

    The use of bold I have been finding the some members have mist important points eg. I use sever 2000 .
    also I do not know how this 'quote' button works at the top of the post . :?

    Michael
    I have no problem with the liberal use of bold, helps emphasise the point if necessary. I was talking about the all caps thread title. It is generally considered poor netiquette to use nothing but caps in a thread or thread title, it's the online equivalent of shouting
    oop's Cap lock must have been on ops:

SHARE:
+ Post New Thread

Similar Threads

  1. Leaving Advice
    By sqdge in forum General Chat
    Replies: 38
    Last Post: 10th September 2007, 08:43 AM
  2. Advice on which PC is best to keep.
    By Kyle in forum Hardware
    Replies: 12
    Last Post: 1st February 2007, 04:14 PM
  3. Advice please.
    By MartinC in forum General Chat
    Replies: 12
    Last Post: 27th September 2006, 12:03 AM
  4. Advice needed
    By richard in forum General Chat
    Replies: 23
    Last Post: 31st May 2006, 05:10 PM

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •