+ Post New Thread
Page 1 of 2 12 LastLast
Results 1 to 15 of 18
General Chat Thread, Opinions on this scenario please peeps! in General; Today I learnt that another school (fortunately not mine!) lost a great deal of data due to a member of ...
  1. #1

    Join Date
    Mar 2007
    Location
    Central Scotland
    Posts
    829
    Thank Post
    12
    Thanked 8 Times in 8 Posts
    Rep Power
    18

    Opinions on this scenario please peeps!

    Today I learnt that another school (fortunately not mine!) lost a great deal of data due to a member of staff leaving a pc logged in as them and a pupil using it to delete more or less ALL staff data on the server. To add to this it turns out that the central IT department hadn't been backing up this data and the network manager in the school had no permissions to get onto these servers to set the back up.

    Who's responsible?

    Any laws or guidelines broken?

    Although I sympathise with the network manager I do have to wonder why he hadn't checked it, I check my backup is running every few weeks so surely he should have queried why he had no access to even check this?

    Cardinal sin for IT services who installed and setup the servers not to ensure correct backups were being taken.

    Muppetry by the member of staff who left the pc unattended after logging on, annoyingly this still happens in my school

    Your opinions please! I honestly think I'd have been dragged to the nearest tree and hung if this happened here!

  2. #2

    Geoff's Avatar
    Join Date
    Jun 2005
    Location
    Fylde, Lancs, UK.
    Posts
    11,802
    Thank Post
    110
    Thanked 583 Times in 504 Posts
    Blog Entries
    1
    Rep Power
    224

    Re: Opinions on this scenario please peeps!

    Ok, worst case senario...

    Data Protection Act for the School. The school is liable initially, plus is open to civil suits by parents if they feel their child was disadvantaged in some way because of the data loss. NM will probably get fired. School can do some buck passing if it want and take some legal action against 'Central IT' (kinda hinges on if there's any SLA in place though).

    Computer Misuse Act for the pupil involved. Go directly to Jail, do not pass go, do not collect £200.

  3. #3

    localzuk's Avatar
    Join Date
    Dec 2006
    Location
    Minehead
    Posts
    17,545
    Thank Post
    513
    Thanked 2,412 Times in 1,866 Posts
    Blog Entries
    24
    Rep Power
    823

    Re: Opinions on this scenario please peeps!

    Wow, that is the first sectuple post I've seen.

    It all depends on who is actually responsible for the backups. If the backups were included as part of the NM's job description then he will likely get the axe. If it is Central IT that is suppose to take complete control of them, then the legal blame can partly be passed their.

    On the accessing of the machine part, as Geoff says the kid should be prosecuted and the Staff member who left their machine logged in should at least get disciplined, or made an example of under the DPA.

  4. #4

    Geoff's Avatar
    Join Date
    Jun 2005
    Location
    Fylde, Lancs, UK.
    Posts
    11,802
    Thank Post
    110
    Thanked 583 Times in 504 Posts
    Blog Entries
    1
    Rep Power
    224

    Re: Opinions on this scenario please peeps!

    I think I've fixed my posting madness (seems to be some wierd interaction between Squid-prefetch and this sites general slowness and failures in my LEA's web proxy infrastructure).

    But yeah, a lot of it hinges on what policies are in place at the school and what the agreement between the school and 'central IT' actually says.

  5. #5

    TechMonkey's Avatar
    Join Date
    Dec 2005
    Location
    South East
    Posts
    3,283
    Thank Post
    225
    Thanked 403 Times in 300 Posts
    Rep Power
    161

    Re: Opinions on this scenario please peeps!

    That many worst case scenarios!!! Nasty

  6. #6
    alan-d's Avatar
    Join Date
    Aug 2005
    Location
    Sutton Coldfield
    Posts
    2,414
    Thank Post
    359
    Thanked 256 Times in 187 Posts
    Rep Power
    75

    Re: Opinions on this scenario please peeps!

    Quote Originally Posted by Geoff
    I think I've fixed my posting madness (seems to be some wierd interaction between Squid-prefetch and this sites general slowness and failures in my LEA's web proxy infrastructure).

    But yeah, a lot of it hinges on what policies are in place at the school and what the agreement between the school and 'central IT' actually says.
    Ooohhhh No you didn't

    Let's not forget the HT has some responsibility too

  7. #7

    Join Date
    Mar 2007
    Location
    Central Scotland
    Posts
    829
    Thank Post
    12
    Thanked 8 Times in 8 Posts
    Rep Power
    18

    Re: Opinions on this scenario please peeps!

    Well seeing as the chap has the same job description as myself and I know that backups are in it (as you'd expect) I guess he's facing a hard time. He does however have a document from central IT stating that they will install and setup the backup software to backup all essential data, this hasn't been done so I guess a little blame could be passed.

    Ultimately though I think it's down to the network manager, it's why we're there!

    I've put a warning up on our intranet about this, using it as an example and hopefully making staff aware that THEY could be in trouble for it. That being said I'll still go and tweak my security settings.. just in case

  8. #8

    localzuk's Avatar
    Join Date
    Dec 2006
    Location
    Minehead
    Posts
    17,545
    Thank Post
    513
    Thanked 2,412 Times in 1,866 Posts
    Blog Entries
    24
    Rep Power
    823

    Re: Opinions on this scenario please peeps!

    Having the same job description as yourself doesn't necessarily mean the job entails the same things, as many people on here can probably vouch for.

    Was this in West Lothian then? I think I'll use it too, as a good scare tactic to get people to lock their machines.

  9. #9

    Join Date
    Mar 2007
    Location
    Central Scotland
    Posts
    829
    Thank Post
    12
    Thanked 8 Times in 8 Posts
    Rep Power
    18

    Re: Opinions on this scenario please peeps!

    Edit: I can neither confirm nor deny that it was a local school... It's unusual as people are usually paranoid about backups, I know I am!

  10. #10

    GrumbleDook's Avatar
    Join Date
    Jul 2005
    Location
    Gosport, Hampshire
    Posts
    9,922
    Thank Post
    1,332
    Thanked 1,774 Times in 1,101 Posts
    Blog Entries
    19
    Rep Power
    593

    Re: Opinions on this scenario please peeps!

    Even if I have a piece of paper telling me that the backup stuff is ok I still want documentation that shows me where it all is ... and then test restores are needed to be done on a random basis throughout the year.

    Ultimately the NM is responsible for the data stored on the network. He is the person that should be holding his hands up and then saying 'this is how we fix it for the future' ...

    I will hold my hands up and say 'been there, done that' and had the major shouting at by the Head (last place) ... it is a lesson learnt the hard way. It didn't result in any disciplinary action as it was not just my fault (depending on your school you may have to do blame management) but it did involve me working lots of extra time to help put it right.

  11. #11

    Join Date
    Mar 2007
    Location
    Central Scotland
    Posts
    829
    Thank Post
    12
    Thanked 8 Times in 8 Posts
    Rep Power
    18

    Re: Opinions on this scenario please peeps!

    There lies the problem, this NM really doesn't have a clue what's going on in his school or how anything works, he frankly shouldn't be a NM as he's technically incompetent!

  12. #12
    Friez's Avatar
    Join Date
    Dec 2006
    Posts
    839
    Thank Post
    22
    Thanked 22 Times in 21 Posts
    Rep Power
    23

    Re: Opinions on this scenario please peeps!

    Quote Originally Posted by Geoff
    Computer Misuse Act for the pupil involved. Go directly to Jail, do not pass go, do not collect £200.
    These days all kids carry get out of jail free cards.

  13. #13

    maniac's Avatar
    Join Date
    Feb 2007
    Location
    Kent
    Posts
    3,037
    Thank Post
    209
    Thanked 425 Times in 306 Posts
    Rep Power
    144

    Re: Opinions on this scenario please peeps!

    Blimy!! If this happened in the school I work for, I expect myself and my systems co-ordinator would both get the axe.

    Annoyingly we do get a lot of staff laptops left logged on in this school, and on ocassions staff have even let students use their laptop for work while logged on as themselves! Madness!

    I check my backup on a daily basis, and perform test restores fairly frequently, and also run shadow copying so could swiftly recover from such a disaster.

    The most damage a student could do on my domain, even logged on as a member of staff, would be to delete that member of staffs home area, and the public drive. Can't see how they could delete all staff files unless it was an administrator level account, or the network security was badly done.

    I do feel sorry in part for the people involved, but sometimes it takes an event like this to wake people up. I bet that school won't have any problems spending money on network security in the future!

    Mike.

  14. #14

    Join Date
    Nov 2006
    Posts
    547
    Thank Post
    0
    Thanked 1 Time in 1 Post
    Rep Power
    0

    Re: Opinions on this scenario please peeps!

    I check the backup everyday. dont leave anything to chance

  15. #15

    Join Date
    Mar 2007
    Location
    Central Scotland
    Posts
    829
    Thank Post
    12
    Thanked 8 Times in 8 Posts
    Rep Power
    18

    Re: Opinions on this scenario please peeps!

    Quote Originally Posted by maniac
    Can't see how they could delete all staff files unless it was an administrator level account, or the network security was badly done.
    I get the impression from what I've been told that the security for the departmet folders was very relaxed to say the least, any member of staff could delete anything.

    Badly setup by the central IT department but no network manager in their right mind doesn't double check things like this the instant it's installed!

SHARE:
+ Post New Thread
Page 1 of 2 12 LastLast

Similar Threads

  1. Ideas please peeps!
    By Halfmad in forum Web Development
    Replies: 16
    Last Post: 11th July 2007, 12:04 PM
  2. ePortal VS Fire scenario
    By _Bat_ in forum General Chat
    Replies: 14
    Last Post: 28th June 2007, 07:10 AM
  3. Exchange disaster recovery nightmare scenario
    By ajbritton in forum Windows
    Replies: 2
    Last Post: 16th April 2007, 09:48 AM
  4. Morning peeps , quick intro
    By StevenEdgar in forum General Chat
    Replies: 2
    Last Post: 6th March 2007, 12:08 PM
  5. Nightmare Scenario
    By kingswood in forum Wireless Networks
    Replies: 4
    Last Post: 15th September 2005, 07:27 AM

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •