John Condon (under 'Electronic Registration' thread) says:
I thought the above is worth a new thread.This is an excerpt from a circular distributed from BECTA on the 18th, from Dr Stephen Lucey, Becta Executive Director, Strategic Technologies.
"Recent high-level security breaches concerning loss of personal and sensitive information have highlighted the need to update information security guidance.
Suppliers – particularly management information systems, technical support, connectivity and learning platform providers – have an important role to play in helping schools to meet their responsibilities for data security. This may be simply to reassure school leaders that appropriate security mechanisms are already in place and make sure that they know how to use them to greatest effect. They may also ask you to review their security mechanisms and policies, and recommend or implement any necessary improvements. "
So it looks like the debate on adapting 'flat networks',Admin-curriculum seperation, opening servers SQL port or 'port 80' to curriculum network etc. and the risks (or lack thereof) has definitely spilled beyond Edugeek
(As if anyone had any doubts that it hadn't )
Many get hang up on 'flat networks' vs 'two network' argument and we overlook the real issue - which is "Opening Admin servers SQL port or 'port 80' to curriculum network".
It will be interesting to see if Becta will come out and put guidance on this core issue which is in the centre of data security risks in schools with flat networks.
By definition curriculum network in schools is 'untrusted' / 'insecure' network hence opening SQL ports or port-80 on admin servers to curriculum network is like opening it to Internet. Yes?
Not quite. It depends what security you have in place on that network. For example, if you have network access control, a locked down client build for pupils, appropriate security permissions, web filtering etc... If you have all of these then it is like opening a port to a secure network - the only insecure part is the users themselves, and if you have things locked down suitably, this shouldn't be a problem.Originally Posted by Tiger
I love this "we must have 2 networks" mentality. It's no better than "obscurity" rather than "security" in my eyes - pathetic.
It's just such a pity that anything BECTA do or recomend is completely useless. No ideas, guidelines or suggestions of how to actually pay for or do anything ever actually escape from the ivory towers of becta.
All I ever find out is from hearsay and other indirect sources. Becta is like one giant IT meeting by managers, but none of us are ever invited or get minutes.
Last edited by DMcCoy; 19th February 2008 at 11:16 PM.
There are currently 1 users browsing this thread. (0 members and 1 guests)
Posting Permissions
LinkBack URL
About LinkBacks
Reply With Quote