+ Post New Thread
Page 2 of 2 FirstFirst 12
Results 16 to 30 of 30
MIS Systems Thread, MIS Due Diligence and Security in Technical; The list of possible features on CloudStore is massive , i guess they have to make it all-inclusive, but an ...
  1. #16

    vikpaw's Avatar
    Join Date
    Sep 2006
    Location
    Saudi Arabia
    Posts
    5,851
    Thank Post
    672
    Thanked 1,383 Times in 1,145 Posts
    Rep Power
    350
    The list of possible features on CloudStore is massive , i guess they have to make it all-inclusive, but an interesting to read, especially that there is a 'FREE' version of Arbor....

  2. #17
    GeekyPete's Avatar
    Join Date
    Mar 2013
    Location
    In a cold dark server room.
    Posts
    339
    Thank Post
    23
    Thanked 78 Times in 59 Posts
    Rep Power
    26

    Question

    Regarding the Government FrameWork for MIS systems, you don't even need to have a product to get your company listed on there. That's more about due dilligence and is by no means a whitelist of suppliers. If you choose to go with someone not on the list you need to be careful. If your school puts all their MIS data in the cloud with no other way to get at the data what happens if there is an E2E situation and the liquidators pull the plug on the server farm to save on the electricity bill? Some of your due dilligence is done by the Governement if you choose from the list, you can state it as something in your favour when the inquiry happens. You MUST have a DR plan in the event of your cloud MIS suppier going belly up.

    With that said I have one school who looks likely to go to Arbour in the next month or two. If no one else can give a first hand account of them, I should be able to soon enough. The SLT are wowed by the UI and the reports. I still need to check if we can export the data in a usable format to hold a copy on site.

    No matter who you choose to go with you have to sit down and have a good think about what will happen if one day your supplier is no longer there. With your own server and SQL instance you always have the data to hand which gives you time to plan.

    Because of the risk to the organisation if the MIS provider fails to deliver for whatever reason I would suggest that Due Diligence is appropriate. It's worth googling Due Dilligence checklist to get an idea of the kind of things you should be looking for.
    Last edited by vikpaw; 24th March 2014 at 11:56 AM.

  3. #18

    Join Date
    Mar 2014
    Location
    United Kingdom
    Posts
    2
    Thank Post
    0
    Thanked 1 Time in 1 Post
    Rep Power
    0
    Hi guys,

    Completely agree about doing your due diligence, as I used to do this for a living. Frameworks can be a good signpost in this regard, but are no substitute. For anyone interested in direct feedback to an Arbor school just get in touch with me and i'll connect you; I'm sure we'll have some schools popping up here soon as well!

  4. #19

    GREED's Avatar
    Join Date
    Mar 2008
    Location
    Portsmouth
    Posts
    3,030
    Thank Post
    374
    Thanked 367 Times in 299 Posts
    Blog Entries
    8
    Rep Power
    176
    While I agree with the points made about DD, the biggest issue I have is the difficulty of finding or accessing such information on suppliers and products (Yes, this is a plug for the MIS Challenge!). I've just been reviewing G-Cloud... my goodness what a messy site, and very unspecific to any sector.

  5. #20

    matt40k's Avatar
    Join Date
    Jun 2008
    Location
    Ipswich
    Posts
    4,406
    Thank Post
    368
    Thanked 639 Times in 521 Posts
    Rep Power
    158
    Quote Originally Posted by GeekyPete View Post
    If you choose to go with someone not on the list you need to be careful. If your school puts all their MIS data in the cloud with no other way to get at the data what happens if there is an E2E situation and the liquidators pull the plug on the server farm to save on the electricity bill? Some of your due dilligence is done by the Governement if you choose from the list, you can state it as something in your favour when the inquiry happens. You MUST have a DR plan in the event of your cloud MIS suppier going belly up.
    You say that, but I know LAs have a DR plan if Capita goes belly up - maybe that's just wishful thinking, but being on the framework or being the biggest doesn't stop you going under!

  6. #21

    vikpaw's Avatar
    Join Date
    Sep 2006
    Location
    Saudi Arabia
    Posts
    5,851
    Thank Post
    672
    Thanked 1,383 Times in 1,145 Posts
    Rep Power
    350
    In terms of DR with Capita the code goes into escrow - but the theory there was you have the product on site with data, you need to find someone to do maintenance. Government would help with that.
    For cloudy solutions i suppose i'd want to have a backup sent to me on a regular basis, and maybe, a copy of the code/software put somewhere insured so you could claim it and use the backup to set up a local install. But this would be worst case setup.

  7. #22

    GREED's Avatar
    Join Date
    Mar 2008
    Location
    Portsmouth
    Posts
    3,030
    Thank Post
    374
    Thanked 367 Times in 299 Posts
    Blog Entries
    8
    Rep Power
    176
    Ignorance here, but is there no legal protection as the owner of the data that if supplier goes under, they cannot just rip out your server without allowing you to get at the data?

    If not, dare I say should there be?

  8. #23

    matt40k's Avatar
    Join Date
    Jun 2008
    Location
    Ipswich
    Posts
    4,406
    Thank Post
    368
    Thanked 639 Times in 521 Posts
    Rep Power
    158
    Depends who owns the servers - when a colocation provider goes under, the owner of the server has to prove they own the server before the data center releases the servers. If they rent, well I'd say you're pretty stuffed. I suspect if we're talking school data they might be bit more friendly about getting the data, but I would at least band together or behind an Academy Trust or LA. I think any good "cloud" provider would sign an agreement that they would at least let you get at the data - and remember to ensure the contract states the MIS provider will require your agreement before swapping providers! It's also worth checking out how many links they have in the chain, I mean if they rent servers off someone, who rents space off a data center - only one has to go belly up for this problem to occur!

    Alternative route is to have a way to backup your data to something like RackSpace Cloud Files which you can control (and is in UK) - ie its your API key. I suspect some cloud MIS providers wouldn't like revealing the database however.

  9. #24
    GeekyPete's Avatar
    Join Date
    Mar 2013
    Location
    In a cold dark server room.
    Posts
    339
    Thank Post
    23
    Thanked 78 Times in 59 Posts
    Rep Power
    26
    Quote Originally Posted by matt40k View Post
    You say that, but I know LAs have a DR plan if Capita goes belly up - maybe that's just wishful thinking, but being on the framework or being the biggest doesn't stop you going under!
    Thank you for agreeing with the point I was making, The framework does SOME of the DD, it's a start no more than that.
    "No matter who you choose to go with you have to sit down and have a good think about what will happen if one day your supplier is no longer there. With your own server and SQL instance you always have the data to hand which gives you time to plan."
    No matter how big they are, locally installed or cloud, You need a plan. The point I was making is that this is the one area where Cloud is more of a risk than local. But local only buys you some time. If capita go under, your SIMS will still work. You may not be able to easily get the right data for the next census but you won't walk into work one day and find the whole lot gone. This isn't automatically the case with cloud either. it's not too much to ask for a schema script and a data backup so you can load your data into SQL. Event if you have to write your own reports you still have the data.

  10. #25
    GeekyPete's Avatar
    Join Date
    Mar 2013
    Location
    In a cold dark server room.
    Posts
    339
    Thank Post
    23
    Thanked 78 Times in 59 Posts
    Rep Power
    26
    Quote Originally Posted by GREED View Post
    Ignorance here, but is there no legal protection as the owner of the data that if supplier goes under, they cannot just rip out your server without allowing you to get at the data?

    If not, dare I say should there be?
    E2E situation if you read nothing else read the Lessons for Customers.

  11. #26

    matt40k's Avatar
    Join Date
    Jun 2008
    Location
    Ipswich
    Posts
    4,406
    Thank Post
    368
    Thanked 639 Times in 521 Posts
    Rep Power
    158
    I think this might be worth splitting out perhaps into a separate thread, I'm very aware the topic is called ARBOR MIS and this certainly isn't limited to just one supplier!! Having said that I'm pretty sure @GREED will do a good job bring it all together in his #MISChallenge. Perhaps we'll raise it again once he's published?


    Far as Arbor goes, they state they have a API which can be used by third parties. @JamesWeatherill has kindly given me access and from what I've seen so far, I'm pretty confident I could extract pretty much anything from them and dump it into a local database. So from the point of due diligence, it's a step in the right direction - it's more of a do we need to export regularly and how frequently, or is the ability enough rather than a tick in the box.

  12. #27

    GREED's Avatar
    Join Date
    Mar 2008
    Location
    Portsmouth
    Posts
    3,030
    Thank Post
    374
    Thanked 367 Times in 299 Posts
    Blog Entries
    8
    Rep Power
    176
    I would agree if a mod could extract the items on data security and due diligence that would make sense.

    It would be good to see how far answers from the #MISChallenge go to answering these questions too...

  13. #28

    matt40k's Avatar
    Join Date
    Jun 2008
    Location
    Ipswich
    Posts
    4,406
    Thank Post
    368
    Thanked 639 Times in 521 Posts
    Rep Power
    158
    Cheers @vikpaw and your Mod #SKILLZ

    I personally don't see the #MISChallenge answering any security or due diligence questions, well unless any of them response particularly poorly!! I see it as a good starting point, a step 0, it's basically the scoping stage. It should give you a good idea who you want to engage with and you'll both a good idea what you're after. IE you're not after their IP, you just want to know where the emergency exits are and you're not being sizest by only asking them
    Last edited by vikpaw; 24th March 2014 at 01:20 PM.

  14. #29

    GREED's Avatar
    Join Date
    Mar 2008
    Location
    Portsmouth
    Posts
    3,030
    Thank Post
    374
    Thanked 367 Times in 299 Posts
    Blog Entries
    8
    Rep Power
    176
    Maybe we can scope that second stage due diligence and offer that to schools as well.

  15. #30

    Join Date
    Jun 2007
    Location
    Wakefield, West Yorkshire
    Posts
    624
    Thank Post
    96
    Thanked 130 Times in 101 Posts
    Rep Power
    67
    Quote Originally Posted by GREED View Post

    Gotta say, I really do think this will be a turn around year for Progresso

    Quote Originally Posted by APC View Post
    I totally agree - things are really looking good now - great demo at Bett this year

    I agree. I've been using Progresso in a school since November and we've had our problems with it, some relating to data transfered, some relating to functionality or bugs, but with every release it's making improvements. It's got a little way to go yet but it's already a rival for it's competitors for many reasons and it won't be long before there's no contest, in my opinion.
    Now I would think that, as I'm due to return to Advanced Learning as Customer Success Manager, which will be quite a broad role, but my point being I'm leaving a well paid, secure job, to go to Advanced... I have every faith in the future of the product, and the other current products. If anything the article that was linked to is out of date (perhaps not in publishing but in content), and in places factually incorrect. Take it with a pinch of salt.

    Mic

  16. Thanks to michael2k6 from:

    GREED (25th March 2014)

SHARE:
+ Post New Thread
Page 2 of 2 FirstFirst 12

Similar Threads

  1. Moodle and Secure LDAP?
    By gshaw in forum Virtual Learning Platforms
    Replies: 1
    Last Post: 12th June 2009, 11:11 PM
  2. VMWare fusion and security concerns..
    By baxter in forum Thin Client and Virtual Machines
    Replies: 9
    Last Post: 28th January 2008, 10:57 AM

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •