+ Post New Thread
Page 7 of 7 FirstFirst ... 34567
Results 91 to 95 of 95
General Chat Thread, Article: Is DropBox ok to use? in General; Originally Posted by GrumbleDook Sorry, but that is wrong. What you are doing is sharing the responsibility and giving yourself ...
  1. #91


    Join Date
    Jan 2006
    Posts
    8,202
    Thank Post
    442
    Thanked 1,032 Times in 812 Posts
    Rep Power
    339
    Quote Originally Posted by GrumbleDook View Post
    Sorry, but that is wrong. What you are doing is sharing the responsibility and giving yourself the option of taking someone else to court *after* you have been hung, drawn and quartered first (though the knives will probably be well and truly blunt before they get to a school after having gone through the hosting provider but the risk is still there). You cannot completely devolve legal responsibilities on data protection and safeguarding, and it is the school's legal responsibility to appropriately choose the right partners to work with. This is one of several reasons why the large scale frameworks sorted out by LAs, RBCs and central Govt go through so many legal hoops ... to save schools having to the same amount of investigation because it has already been done and deemed as appropriate as possible.

    That is correct from a certain point of view. Moving data to Google wasn't my decision, but we went through the correct processes and senior staff/governors accepted the risk. parents are informed via ICO. I have day-to-day responsibility for server and infrastructure maintenance - I am NOT in charge of data protection. It might be a problem for the school if someone hacked their data, but it if they even attempted to pin it on me they'd be in court for an unfair dismissal with victimisation charge quicker than I could say live@edu . If I opened our firewalls for everyone I'd be the one in deep trouble.

  2. #92

    GrumbleDook's Avatar
    Join Date
    Jul 2005
    Location
    Gosport, Hampshire
    Posts
    9,950
    Thank Post
    1,345
    Thanked 1,799 Times in 1,117 Posts
    Blog Entries
    19
    Rep Power
    597
    Quote Originally Posted by CyberNerd View Post
    That is correct from a certain point of view. Moving data to Google wasn't my decision, but we went through the correct processes and senior staff/governors accepted the risk. parents are informed via ICO. I have day-to-day responsibility for server and infrastructure maintenance - I am NOT in charge of data protection. It might be a problem for the school if someone hacked their data, but it if they even attempted to pin it on me they'd be in court for an unfair dismissal with victimisation charge quicker than I could say live@edu . If I opened our firewalls for everyone I'd be the one in deep trouble.
    Very true ... and I tend to say 'you' and 'yourself' as meaning the school, your employer and the people you are trying to do a good job for ... my apologies that I didn't make that part clear.

    So ... the school still has legal responsibilities and will delegate actions to individuals, which should be part of established processes which are agreed by the SIRO / DPO and are part of job descriptions which, should you opt to follow these processes mean that you are complicit in them unless you can show you made serious attempts to refuse to do certain actions (ad nauseum to the point of dismissal / constructive dismissal, etc).

    There are some members who have been in this position already and have had to leave jobs because they were being left in it by those further up who believed that you cannot completely delegate responsibility and take shortcuts. That is the main point I was trying to make.

  3. #93


    Join Date
    Jan 2006
    Posts
    8,202
    Thank Post
    442
    Thanked 1,032 Times in 812 Posts
    Rep Power
    339
    Quote Originally Posted by GrumbleDook View Post
    So ... the school still has legal responsibilities and will delegate actions to individuals, which should be part of established processes which are agreed by the SIRO / DPO and are part of job descriptions which, should you opt to follow these processes mean that you are complicit in them unless you can show you made serious attempts to refuse to do certain actions (ad nauseum to the point of dismissal / constructive dismissal, etc).
    Trust me. I have ample evidence of supplying information to those delegated with responsibility for data protection. I also have a complete lack of evidence of me getting any relevant training in securing on-site systems, despite requests. Sure I am complicit in introducing cloud systems to our school, if I wasn't I wouldn't have a job. I am after all a minor part-time cog in the machine that is our school, if the teachers and senior team see a really good way to save money with marked improvements to pedagogy then I'm rather obliged to follow their lead.

  4. #94

    GrumbleDook's Avatar
    Join Date
    Jul 2005
    Location
    Gosport, Hampshire
    Posts
    9,950
    Thank Post
    1,345
    Thanked 1,799 Times in 1,117 Posts
    Blog Entries
    19
    Rep Power
    597
    Quote Originally Posted by CyberNerd View Post
    Trust me. I have ample evidence of supplying information to those delegated with responsibility for data protection. I also have a complete lack of evidence of me getting any relevant training in securing on-site systems, despite requests. Sure I am complicit in introducing cloud systems to our school, if I wasn't I wouldn't have a job. I am after all a minor part-time cog in the machine that is our school, if the teachers and senior team see a really good way to save money with marked improvements to pedagogy then I'm rather obliged to follow their lead.
    Yep ... and if any members have it suggested to them that they become SIRO then unless you have to (because you are at a very senior level / sit on SLT / etc) then politely show the person the door ... and to think I even volunteered! I was mad, I tell you ... mad!!!

  5. #95
    alexyarm's Avatar
    Join Date
    Jun 2012
    Posts
    22
    Thank Post
    2
    Thanked 1 Time in 1 Post
    Rep Power
    0
    Quote Originally Posted by Geoff View Post
    On a personal note (I know this isn't scalable at an organisational level) I use truecrypt and encrypt my data before it hits dropbox. Its an extra step, but I know my data is safe and secure that way.
    Nice idea, we're sharing folders with Linux, Windows and Mac users... encryption is a pain in the nuts

SHARE:
+ Post New Thread
Page 7 of 7 FirstFirst ... 34567

Similar Threads

  1. Primary: Is Eprofile 3.2 latest version to use?
    By SimpleSi in forum Educational Software
    Replies: 0
    Last Post: 9th September 2011, 08:49 AM
  2. Is Microsoft beginning to 'lose it'.
    By Dos_Box in forum General Chat
    Replies: 17
    Last Post: 5th February 2008, 10:31 AM
  3. Which Backup Hardware to use
    By Brad in forum Hardware
    Replies: 19
    Last Post: 28th March 2006, 10:16 PM
  4. Five reasons NOT to use Linux. :)
    By Geoff in forum *nix
    Replies: 2
    Last Post: 31st August 2005, 07:38 AM
  5. Parental Consent to use the internet at school
    By mark in forum School ICT Policies
    Replies: 20
    Last Post: 24th June 2005, 11:18 AM

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •