Yes, I'd have quite liked some kind of apology for being tarred with the same brush as your troll (you're not that distinguishable BTW).have I missed something?
Last edited by Nuttyprof; 29th September 2010 at 09:22 AM.
The only argument I'm hearing people saying on here is VPN is insecure\not an ideal solution and the whole Capita holding data.
VPN being insecure is silly
VPN is an existing method (used for SLG) - cost savings, why reinvent the wheel
And Capita holding data is no different to your ISP holding copies of your emails etc - there still subject to the data protection etc
At least if you going to claim capita to be the spawn of Satan make a good argument, like the re-licensing of academies, or the high cost of the "extras", or the fact they've just stuck to two fingers up at companies like schoolscomms. I hate it when people moan without good reason, it's like me saying your network rubbish because of your server, then not explaining it's because your server has a rubbish raid controller. Especially when that server is your career\business.
Bah, brick wall.
::sigh:: I'm not going to spell it out, but there is a clear difference between these two: a) "the troll", b) "your troll"if you're referring to me as a TROLL, then perhaps you owe one to me also!
This is very frustrating and this is the most diplomatic way I can say it: You're not unique by any means, but you sound out of your depth.VPN being insecure is silly.
Some VPNs have been inherently insecure e.g. PPTP back when I was energetic enough to actually start XORing ciphertext excrypted with reused keystreams etc. AFAIK there are no such concerns with OpenVPN, but that is perfectly capable of being worthless unless it is configured appropriately. If you want an analogy Windows passwords can be OK, if you turn off LANMAN hashes and if they are are reasonably "complex" (I prefer to talk about entropy because a good password doesn't have to follow the MS rules).
To put my reasonable questions in simple terms: What has been configured to stop someone hostile sitting on a beach on the other side of the world from getting into a system via that VPN? What stops some theoretical bad apple at Capita getting into more than your SIMS?
It's really interesting that you feel some kind of contractual blame-shifting i.e. anything bad happens to part of a school network then it's OK because Capita get the blame, is the end of the story. Perhaps I'm weird, but I would feel 100% responsible if anything bad happened to my network that could have been avoided had I pulled my finger out and asked a few questions. The answers to the questions may well be perfectly good, reassuring ones, but lacking any I automatically assume the worst - I've seen more than enough reasons not to fold because [Insert Big-Company-Name or Security-Celebrity Here] says "hey, it's secure, don't worry!".
Last edited by PiqueABoo; 29th September 2010 at 03:59 PM.
box_l (3rd October 2010)
If you want to have an indepth discussion about details of the VPN link, phone them up. They're not going to publically post detail as that would be a security hole. They may give more details out on SupportNet then a public form having said that.
PS: Yes, I know it'll be a pain to get hold of someone who actually knows the system inside out
(To avoid doubt, I am a Capita employee, posting a personal view)
A colleague and I presented at the EduGeek conference earlier this year on the subject of centralisation and virtualisation of the general IT estate in the public and private sectors and I picked up on your comment;
"Mr Neal seems to think it will all end up in shipping containers sooner or later. Personally I think there still a few cost of bandwidth vs. increasing data bloat issues to contend with. Plus with a lot of business critical eggs in a basket the very first outage longer than say 36 hours i.e. hitting Day 2, will put a lot of folk into reverse. "
and would like to explore this a little.
Its my opinion, as expressed at the conference, that industrialisation of the data centre will drive very large cost savings for end users. Technologically the missing link has been stable and ubiquitous internet connectivity, but there seems to be a general acceptance that internet connectivity is no longer luxurious but essential to businesses in the UK. Google, Amazon and more recently Microsoft I believe have shown the way industrial levels of computing power can be placed at the disposal of end-users at a predictible and relatively low cost.
I made the point at the conference that owning a server within a school (or any other SME) might seem idiosyncratic within a medium term timescale, as performance, security, uptime and scalability could be more cheaply and more dependably provided by a industrial computing "power company" off-site. There may be special circumstances where this formula did not work - for instance in defence, healthcare and other critical national functions. Even then, distributed computing might not provide a better service than a centralised node (the RNLI currently host their SAR IT on Microsoft Azure).
Having made a case for centralisation, I am interested in the opinions of within the forum to understand the opposite point of view.
Since the internet is a routed protocol, and was designed partially to give a high availability in spite of network degredation, what would be the major concerns of a school or educator in off-siting (note: not neccessarily outsouring to my Company - such an arrangement might be provided within the Public Sector) their school MIS ?
I realise there are a number of schools where physical internet infrastructure provision is not yet capable of providing a good service - and assume for the purpose of future-gazing that the "provision will follow the demand" and these blackspots will be filled in much like they were in cellular phone coverage a couple of decades ago. Other than this hurdle, what would an educators general concerns be about off-siting ?
Thanks in advance.
PiqueABoo (29th September 2010)
Just my 2penneth.
We signed up for SchoolPost this summer. it doesn't bolt onto Sims like others but rather is a online version where you securely upload the contact info to their website.
little rough around the edged but I am very impressed with it so far.
It's better nowadays, but I haven't noticed the Internet actually being all that good at "routing around trouble" and as you get out towards the Internet users there are often no alternative routes to take.Since the internet is a routed protocol, and was designed partially to give a high availability in spite of network degredation,
But it's the application layer that concerns me most. Imagine some web-fronted service in the cloud & this is what you might depend on right now: target DNS server, local DNS server, RBC DNS server, proxy/filter, RBC proxy/filter, RBC firewall, target firewalls, load balancing gizmos, complex multi-tier service (with truckloads of disks at the bottom). YMMV but one or more of the first few have had sustained outages around here in recent years.
If you envisage (it's not clear) most everything in in school being some fancy 21st century terminal you still have most of those, but it's not obvious to me that anyone could put together a service that meets all the current requirements in a school, just some of them. Perhaps those apparent requirements can be massaged into a more achievable set, I don't know.
The many BSF debates seem relevant - compare and contrast a) local resources with people who can (admittedly not always) go do something about an issue, with b) the very well-established fun and games you have trying to battle your way through support desks and actually get something done this week if you're lucky. Add enough extra money and the latter can get quicker but then we're chipping away at those very large cost savings.
I'm a life-trained cynic - and costs that initially look smaller have a nasty habit of turning much bigger. What might look reasonable from a stratospheric viewpoint, can turn out to be rather complicated and much more expensive than expected when you do start drilling down into that devilish detail.
Last edited by PiqueABoo; 30th September 2010 at 12:10 AM. Reason: inevitable typos!
Some interesting comments here, I particularly interested in the potential conflict of interest between Schoolcomms and Capita. Now working on the periphery of SIMS and school, I had a very good working relationship with both last year, and interested to now how this development of inTouch has come about.
It isn't just about schoolcomms! this decision to enter the comms spaces should sound warning bells to EVERY CAPITA PARTNER!
Other Capita partners in this space alone are Truancy Call, ParentMail, Keepkidssafe, Teachers2parents, Groupcall and so on. All of these companies are paying Capita for the right to be 'partners', and they have all been stitched up.
This isn't a one off either as Capita have a track record of doing this. (look at parentpay and pass - both of them had the same treatment when SIMS introduced lesson monitor and the dinner money module)!
Why - take a guess ... Money, profit and most importantly .... To control the market. Capita don't want any companies getting too big a foothold in the education space so as soon as a company starts to do well and get a good number of schools using their product/s .... You've guessed it .... In come Capita with a 'built into SIMS' option thats easier and cheaper!
I had the MD of ParentMail at my school recently, and he told me that he has personally contacted the CEO of Capita (Paul Pindar) to try to persuade Capita to consider producing a 'partner charter' which would grant partners a guaranteed amount of notice if they intend to enter a partners space. Guess what ... He didn't even get a reply! He also told me that he was given only one terms notice that Capita were planning on entering the comms market!
To my mind this type of behaviour by Capita is despicable and I've said before schools should act with their feet and refuse to use InTouch.
Last edited by marshharrier; 3rd October 2010 at 11:24 AM.
Anyone interested in InTouch\SLG, Capita will charge for re-installation (VPN etc). Just something worth thinking about when your getting a new server\InTouch.
no one seems to have mentioned groupcall, we're already using that integrated with sims. dunno how much it's costing tho.
There are currently 1 users browsing this thread. (0 members and 1 guests)