MIS Systems Thread, ePortal - external access data protection issues in Technical; Now that external access in technically possible for us with ePortal, we're thinking on the data protection side of things. ...
31st March 2009, 10:28 AM #1
ePortal - external access data protection issues
Now that external access in technically possible for us with ePortal, we're thinking on the data protection side of things. For those who've use ePortal externally at their school (though i'd imagine the issues are the same for all MIS'), how have you dealt with the data protection issues? Have you a policy or best practice document you could share, or maybe just some advice on the issues?
I did find a handy looking page on the Becta website here that i've yet to go through in detail - i'm interested in the real world experiences of how this actually works, though.
IDG Tech News
31st March 2009, 12:45 PM #2
I'd be interested in this too - also any technical advice on the best way to do it - as we will be seeking to do this in the medium term.
1st May 2009, 01:16 PM #3
: Bump :
I've been asked to publish CMIS E-Portal too. I've got it working on a 443 SSL connection, going through an ISA 2006 server, but the management here simply want the CMIS login page shown directly to the whole world, with no other authentication required.
Does anyone know (maybe from reading the latest Becta remote access guidelines - http://schools.becta.org.uk/upload-d...#_Toc226885596) if this is even the recommended route?
A big concern is that it maybe fine for parents / carers to login directly, no need for two factor etc., but what is to stop any members of staff using this same direct login page? This, I am sure, is against the guidelines. So, I've a problem. Does anyone know if E-Portal can be configured to only allow certain logins via certain routes? I doubt this is possible, so does this mean we should be using some extra security? Even if you could depend on the staff to use a more secure, two factor authenticated route, would there be anything stopping anyone else simply trying to guess the staff logins via the parental front end???
Sorry about the rambling questions, but I'd like to figure out the best way to implement this correctly, rather than have to change things later when we discover that it has not been done properly.
1st May 2009, 09:44 PM #4
I would recommend setting up one route in and using that for all incoming queries. Setup the highest level of authentication you require and use that.
There are other possible ways - If you had more than one installation of ePortal, you could set one up with the teacher accounts and one with the parent / carer accounts.
You could do this using multiple servers, or you could have multiple dataservers installed on one machine.
There is a very specific way to set this up, don't try it without speaking to us first. It involved multiple more services and batch script to do things for you. You'd also have multiple sets of XML file,s images, etcetc.
If you did do this however, you could have a website in IIS running for each dataserver and apply different authentication to each site.
This method is only really recommended for LEA's hosting multiple schools on ridiculous servers, it's a lot of management for a school to handle, and greater overheads on the server(s).
The other way to do this would be to have the entire eportal install on multiple servers.
This would mean the utilisation of another server but it would be much easier to manage.
It would also give you a failover eportal for the internal connection should anything on one server go pear shaped.
That's pretty much the only way you're going to get 2 different sets of authentication.
But if you can apply one set of higher level to everyone, i would. Don't let the SMT bully you into reducing it, you can always point them at things such as BECTA and explain that they are in part if not wholy responsible for the security of the data.
If you want any more specific advise, ask away or PM me.
Michael @ Serco
Thanks to michael2k6 from:
By cheredenine in forum MIS Systems
Last Post: 6th October 2012, 04:42 PM
By BatchFile in forum Windows Vista
Last Post: 13th November 2008, 12:00 PM
By Paid_Peanuts in forum How do you do....it?
Last Post: 29th August 2007, 12:39 PM
By mark in forum School ICT Policies
Last Post: 26th September 2005, 08:19 PM
Users Browsing this Thread
There are currently 1 users browsing this thread. (0 members and 1 guests)