+ Post New Thread
Page 1 of 2 12 LastLast
Results 1 to 15 of 18
School ICT Policies Thread, Persuade SMT, Govenors to build a server room in School Administration; Hi there, Currently I am at a school where access to the servers is just a case of walking into ...
  1. #1
    HMCTech's Avatar
    Join Date
    Apr 2008
    Posts
    618
    Thank Post
    37
    Thanked 46 Times in 35 Posts
    Rep Power
    22

    Persuade SMT, Govenors to build a server room

    Hi there,

    Currently I am at a school where access to the servers is just a case of walking into a room. They are so insecure they often have their power leads pulled out, or their mice nicked. This is the case for all the servers, including the Sims.net one with all the information that Sims holds.

    I am trying in vain to persuade everyone that the servers and backups need to be put into a secure location. However with the school layout it would mean kicking someone else out of somewhere.

    Does anyone have an written official documentation links that I could read and show those higher up the chain that would persuade them that this needs to be done.

    Thank you

  2. #2
    Shane's Avatar
    Join Date
    Apr 2007
    Location
    Kernow
    Posts
    166
    Thank Post
    23
    Thanked 14 Times in 12 Posts
    Rep Power
    21
    Surely something in the data protection act must have something protecting something like a SIMs server?
    Have a read though it and wave it under SMT noses (at least this clears you if anything should happen as you did warn people)

  3. #3

    GrumbleDook's Avatar
    Join Date
    Jul 2005
    Location
    Gosport, Hampshire
    Posts
    9,881
    Thank Post
    1,316
    Thanked 1,738 Times in 1,087 Posts
    Blog Entries
    19
    Rep Power
    563
    Invite me down for a day ... I will demonstrate how much information I can grab from physical access to your servers.

    And this is before I disrupt a whole day of lessons by plugging a timer switch in where you mains lead is so it drops power to the server every hour.

    And then I will nick the hard drives so it won't even boot up.

    Hmm ...

  4. #4
    HMCTech's Avatar
    Join Date
    Apr 2008
    Posts
    618
    Thank Post
    37
    Thanked 46 Times in 35 Posts
    Rep Power
    22
    Quote Originally Posted by GrumbleDook View Post
    Invite me down for a day ... I will demonstrate how much information I can grab from physical access to your servers.

    And this is before I disrupt a whole day of lessons by plugging a timer switch in where you mains lead is so it drops power to the server every hour.

    And then I will nick the hard drives so it won't even boot up.

    Hmm ...
    Yes I have tried to explain how easy it would be for me to just lift the whole thing up and walk out of school with it. The most success is telling the Teachers about how much information on them would be available if say the server was stolen.

  5. #5

    Edu-IT's Avatar
    Join Date
    Nov 2007
    Posts
    6,875
    Thank Post
    393
    Thanked 581 Times in 532 Posts
    Rep Power
    173
    The DPA will almost certainly contain something which states that personal information must be kept securely.

    http://www.ico.gov.uk/upload/documen...l_guidance.pdf

    I have had a quick read through and I think the part you want to look at starts at about page 40 (3.7).

    I would assume that each school has a data controller? Or is that not the case?

  6. #6
    box_l's Avatar
    Join Date
    May 2007
    Location
    Herefordshire
    Posts
    403
    Thank Post
    63
    Thanked 84 Times in 69 Posts
    Rep Power
    60
    I always find that the best way is explain how many more 1000s of hours they would have to work to replace the lost data.


    no summer holidays for them! just re-writing lesson plans reports etc.

    BoX

  7. #7


    Join Date
    Oct 2006
    Posts
    3,387
    Thank Post
    183
    Thanked 350 Times in 279 Posts
    Rep Power
    147
    Inform them nicely about the DPA, how they are already breaking laws and how they would be liable if the data were to go missing. If they still dont do anything put it all in writting and get it recorded so that if anything did happen it would be their responsibility. Hopefully the thought of being liable will change their minds, but you could always make the servers disapear

    If your lea/RBC IT dept are anything like ours a quick call to them should see someone coming down for words with the HT
    Last edited by j17sparky; 15th May 2008 at 11:21 PM.

  8. #8


    Join Date
    Dec 2005
    Location
    In the server room, with the lead pipe.
    Posts
    4,534
    Thank Post
    271
    Thanked 752 Times in 590 Posts
    Rep Power
    218
    If finding space is an issue, there are alternatives: Acoustic Server Cabinets | Portable Server Environments | Air-cooled acoustic server rack enclosures | from Kell Systems

    As others have said, point out the security / stability / uptime / ease of cooling benefits. You need to make a business case for it - "if we have a server room, the benefits will be $bar, measurable by $foo".

    The other (slightly more nuclear option) is to discover whether governers are aware what responsibility they're taking on in not securing the systems: i.e Jail time.

    If they still refuse, ask the governers to sign a document stating:

    1) that they are aware of the implications of not securing them
    2) that they have decided not to secure them
    3) that you have explained all of this to them clearly in a manner they can understand

    Place the document in a safe place, and tidy up your cv.

  9. #9
    coquet636
    Guest
    Quote Originally Posted by AlexPilot View Post
    Hi there,

    Currently I am at a school where access to the servers is just a case of walking into a room. They are so insecure they often have their power leads pulled out, or their mice nicked. This is the case for all the servers, including the Sims.net one with all the information that Sims holds.

    I am trying in vain to persuade everyone that the servers and backups need to be put into a secure location. However with the school layout it would mean kicking someone else out of somewhere.

    Does anyone have an written official documentation links that I could read and show those higher up the chain that would persuade them that this needs to be done.

    Thank you
    Wait till about 5 minutes after last school bell. Go and unplug it and put it in your car. Then get them to try and find if they can work out where its gone.

    Then they will realise its pretty crucial to lock it away...... especially if you can avoid cctv cameras.....

  10. #10

    sparkeh's Avatar
    Join Date
    May 2007
    Posts
    6,259
    Thank Post
    1,138
    Thanked 1,463 Times in 980 Posts
    Blog Entries
    22
    Rep Power
    457
    Again DPA. Perhaps inform them that the nominated person in change of data protection (usually the head) is liable to prosecution if someone waltzes away with the names and address of pupils at your school.

  11. #11
    mossj's Avatar
    Join Date
    Dec 2008
    Location
    Leicester
    Posts
    1,466
    Thank Post
    157
    Thanked 189 Times in 174 Posts
    Rep Power
    51

    Cool

    Quote Originally Posted by AlexPilot View Post
    Hi there,

    Currently I am at a school where access to the servers is just a case of walking into a room. They are so insecure ..... SOMETEXT.....

    Thank you
    Erm buy a door and then invest in a lock or two?

    P.S i've considered this room might be used for something else but op doesn't say this....

  12. #12

    Edu-IT's Avatar
    Join Date
    Nov 2007
    Posts
    6,875
    Thank Post
    393
    Thanked 581 Times in 532 Posts
    Rep Power
    173
    Quote Originally Posted by mossj View Post
    Erm buy a door and then invest in a lock or two?

    P.S i've considered this room might be used for something else but op doesn't say this....
    Usually requires permission though from the person responsible for managing the building.

  13. #13

    Dos_Box's Avatar
    Join Date
    Jun 2005
    Location
    Preston, Lancashire
    Posts
    9,470
    Thank Post
    525
    Thanked 1,993 Times in 932 Posts
    Blog Entries
    23
    Rep Power
    575
    I would simply bandy about terms such as 'data protection act', 'duty of care' and 'court apperences'.

  14. #14

    dhicks's Avatar
    Join Date
    Aug 2005
    Location
    Knightsbridge
    Posts
    5,498
    Thank Post
    1,185
    Thanked 745 Times in 647 Posts
    Rep Power
    228
    Quote Originally Posted by AlexPilot View Post
    I am trying in vain to persuade everyone that the servers and backups need to be put into a secure location.
    Passing through the head's office with sever with a smoking power supply, muttering "on fire, on fire, on fire..." generally works. Heck, it worked for my A-level physics project...

    --
    David Hicks

  15. #15
    alan-d's Avatar
    Join Date
    Aug 2005
    Location
    Sutton Coldfield
    Posts
    2,400
    Thank Post
    353
    Thanked 254 Times in 185 Posts
    Rep Power
    74
    Have a look at this

    http://www.bcrc-uk.org/filelib/physi...equiptment.pdf

    Get Safe Online :: Strengthen physical security

    http://schools.becta.org.uk/upload-d...on_d_final.pdf Chapter 3.2 is what you are after

    Also the LEA should be able to offer advice too.

SHARE:
+ Post New Thread
Page 1 of 2 12 LastLast

Similar Threads

  1. Replace server disks or buy/build NAS?
    By broc in forum Hardware
    Replies: 14
    Last Post: 21st March 2008, 06:22 PM
  2. Internet conenction on new server 2003 build...
    By acrobson in forum Wireless Networks
    Replies: 2
    Last Post: 25th December 2007, 10:45 PM
  3. Replies: 30
    Last Post: 6th December 2007, 11:10 AM
  4. working in the server room
    By Uraken in forum General Chat
    Replies: 27
    Last Post: 21st November 2007, 09:39 AM
  5. Server room temperature
    By netadmin in forum General Chat
    Replies: 30
    Last Post: 11th June 2007, 07:35 AM

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •