+ Post New Thread
Page 1 of 3 123 LastLast
Results 1 to 15 of 33
School ICT Policies Thread, Head of ICT Access Rights in School Administration; Hi All To summarise from the beginning, our new Head feels that NO teaching staff should have access rights to ...
  1. #1

    Join Date
    Nov 2006
    Location
    Derbyshire
    Posts
    101
    Thank Post
    16
    Thanked 5 Times in 4 Posts
    Blog Entries
    1
    Rep Power
    17

    Head of ICT Access Rights

    Hi All
    To summarise from the beginning, our new Head feels that NO teaching staff should have access rights to other staff member user folders. Now thats fine - we've been setting permissions since day 0

    However, as our Head of ICT has domain admin rights this obviously "gets around" the permissions. All with good reason really, as he deals with support issues regularly, both from staff and students

    Its one of those situations where I feel he should have access rights, as otherwise my workload goes through the roof (again), but on the other hand i'm tempted to say, "lets go along with it" and see what uproar it causes

    What do other schools do? Are your Heads of IT / ICT merely "users" or do they have higher privileges?

  2. #2

    Join Date
    Jul 2005
    Location
    Corby
    Posts
    1,056
    Thank Post
    12
    Thanked 20 Times in 18 Posts
    Rep Power
    25

    Re: Head of ICT Access Rights

    Our head of ICT "stole" admin rights really, but rarely uses them. The most he has done (and it could have been bad I suppose) was to re-enable a disabled account (staff account) to get at some work inside the folder. I would prefer to have the Head of ICT as a normal user. Simple. But in schools politics usually reign and in this case I have to go with the flow.

    It depends on your Head of ICT really. How much do they really know about ICT (not Office and VBA, real IT)- and if they can handle the responsibility. Difficult one though.

  3. #3

    mac_shinobi's Avatar
    Join Date
    Aug 2005
    Posts
    10,053
    Thank Post
    3,585
    Thanked 1,123 Times in 1,025 Posts
    Rep Power
    377

    Re: Head of ICT Access Rights

    Quote Originally Posted by cheesypete
    Hi All
    To summarise from the beginning, our new Head feels that NO teaching staff should have access rights to other staff member user folders. Now thats fine - we've been setting permissions since day 0

    However, as our Head of ICT has domain admin rights this obviously "gets around" the permissions. All with good reason really, as he deals with support issues regularly, both from staff and students

    Its one of those situations where I feel he should have access rights, as otherwise my workload goes through the roof (again), but on the other hand i'm tempted to say, "lets go along with it" and see what uproar it causes

    What do other schools do? Are your Heads of IT / ICT merely "users" or do they have higher privileges?
    kingswood ( aka my network manager LOL ) above gave a good reply but just wanted to add a couple of things.

    Quote Originally Posted by cheesypete
    To summarise from the beginning, our new Head feels that NO teaching staff should have access rights to other staff member user folders
    Considering the head of ICT is a member of staff, does that include him / her when they say that and I can understand that as well from a data protection act point of view as well to a certain degree obviously.

    Quote Originally Posted by cheesypete
    All with good reason really, as he deals with support issues regularly, both from staff and students
    What sort of "support issues" are you reffering to here ?

  4. #4
    simongrahamuk's Avatar
    Join Date
    Jun 2006
    Location
    Durham, UK
    Posts
    238
    Thank Post
    41
    Thanked 13 Times in 13 Posts
    Rep Power
    20

    Re: Head of ICT Access Rights

    The Head of ICT is simply another head of department. Purely because they use the IT equipment more than other HoD's does not mean that they should have more access rights than the others.

    Giving someone without the correct knowledge the wrong level of access could bring about disaster as whats to stop them from telling someone else then them someone else, etc.

    At my place there are two people who know the admin password, me and the ICT Tech. I have also placed a sealed document in the schools safe documenting the relevant passwords which it only to be opened by my replacement. This was at the heads request.

  5. #5
    Quackers's Avatar
    Join Date
    Jan 2006
    Posts
    1,450
    Thank Post
    45
    Thanked 160 Times in 135 Posts
    Rep Power
    57

    Re: Head of ICT Access Rights

    I gave our head of IT the same rights as staff, and i would like to take that away from him. He keeps going home and leaving him self logged on all over the place, not even locking the workstation, and kids are in the room.

    Staff can get into kids documents, reset there passwords, add printer credits, turn the walled garden on and off, it scares me how complacent he is over security.

  6. #6

    plexer's Avatar
    Join Date
    Dec 2005
    Location
    Norfolk
    Posts
    13,689
    Thank Post
    756
    Thanked 1,715 Times in 1,526 Posts
    Rep Power
    438

    Re: Head of ICT Access Rights

    The nyou should raise that fact to his line manager as it must surely be a breach of the AUP?

    Our head of ict has the same access rights as any other member of staff and will get domain admin over my cold dead body.

    Ben

  7. #7

    GrumbleDook's Avatar
    Join Date
    Jul 2005
    Location
    Gosport, Hampshire
    Posts
    10,074
    Thank Post
    1,384
    Thanked 1,889 Times in 1,170 Posts
    Blog Entries
    19
    Rep Power
    614

    Re: Head of ICT Access Rights

    Head of ICT has some additional access on the interweb ... but is a staff account for everything else.

    She doesn't want anything more either ... a) she doesn't get paid for it and the union would play merry hell if she was asked to do "support" or "admin" stuff; b) she doesn't know her way around AD and knows she would have to spend a few months trying to get to grios when she doesn't need to; c) all staff have to sign the same AUP as students ... I treat everyone equally ... they are all lower forms of life compared to sysadmins!!!

  8. #8

    Ric_'s Avatar
    Join Date
    Jun 2005
    Location
    Boston, MA
    Posts
    7,601
    Thank Post
    110
    Thanked 771 Times in 599 Posts
    Rep Power
    183

    Re: Head of ICT Access Rights

    I agree, Head of ICT is simply a teacher so why they should they have elevated rights? Just asking for trouble.

    I give staff normal user permissions plus access to read pupils' home folders and change pupils' passwords. They cannot change staff passwords, view staff work, enable disabled accounts or unlock locked-out accounts.

  9. #9
    edie209's Avatar
    Join Date
    Mar 2006
    Location
    Kernow
    Posts
    705
    Thank Post
    42
    Thanked 19 Times in 18 Posts
    Rep Power
    22

    Re: Head of ICT Access Rights

    I agree too, our Head of ICT has only a Staff acount, although she is able to see student home folders and change student passwords

  10. #10
    ajbritton's Avatar
    Join Date
    Jul 2005
    Location
    Wandsworth
    Posts
    1,632
    Thank Post
    23
    Thanked 75 Times in 45 Posts
    Rep Power
    35

    Re: Head of ICT Access Rights

    Surely best security practise would be that NO 'normal' user account should have Admin rights. If a particular member of staff is permitted to perform Admin functions, then they should have an additional user account which has the necessary rights, and they should use that account only when they have to. The Administrator user account should either be disabled, or a very strong password set and stored in a sealed envelope in a secure location (eg school safe).

  11. #11

    john's Avatar
    Join Date
    Sep 2005
    Location
    London
    Posts
    10,447
    Thank Post
    1,537
    Thanked 1,069 Times in 934 Posts
    Rep Power
    305

    Re: Head of ICT Access Rights

    Same with me IT head only has same rights as any member of Staff.

    @Grumbledook, LOL we know we are a much more advanced set of life forms than everyone else but thanks for confirming that again

  12. #12
    mark's Avatar
    Join Date
    Jun 2005
    Posts
    3,987
    Thank Post
    275
    Thanked 52 Times in 46 Posts
    Blog Entries
    2
    Rep Power
    48

    Re: Head of ICT Access Rights

    'Over my dead body' lol - that's how I feel about it as well. Presented on a teachers' forum or discussed with teachers, this is a very thorny topic. As such this conversation has to be viewed from a techs standpoint.

    We're not about enforcing our way on the poor unsuspecting teacher, but as eloquently discussed above, there are serious points as to why this is so.

  13. #13

    Ric_'s Avatar
    Join Date
    Jun 2005
    Location
    Boston, MA
    Posts
    7,601
    Thank Post
    110
    Thanked 771 Times in 599 Posts
    Rep Power
    183

    Re: Head of ICT Access Rights

    @mark: As you say, some teachers feel positively violated when told that they cannot have admin rights. I think that this boils down to the fact that they feel less important if they think they are missing out on something like this.

  14. #14

    webman's Avatar
    Join Date
    Nov 2005
    Location
    North East England
    Posts
    8,422
    Thank Post
    645
    Thanked 967 Times in 667 Posts
    Blog Entries
    2
    Rep Power
    328

    Re: Head of ICT Access Rights

    Lol yeah, this has been covered on the TES forum (where most teachers look down their noses at support staff) and teachers always believe they have a right to admin privileges.

  15. #15

    GrumbleDook's Avatar
    Join Date
    Jul 2005
    Location
    Gosport, Hampshire
    Posts
    10,074
    Thank Post
    1,384
    Thanked 1,889 Times in 1,170 Posts
    Blog Entries
    19
    Rep Power
    614

    Re: Head of ICT Access Rights

    Taking the middle line here ... some schools have had staff having various methods (including admin priveleges) to get to students' work and even to the home areas of other staff (to get resources) because that is how it has always been set up from the old days of peer to peer networking.

    If you take away the admin rights of the teachers you have to a) provide them with an alternative solution that will still allow them to work, b) retrain them in better methods of sharing resources ("hey folks ... I've an idea. How about a shared drive on the network that only staff can see and share resources on!?") c) they are often not aware of the legal background (DPA etc) that we have to strive to and it may actually help them understand if we explain it a little ...

    It is a bit like licensing. I point out to people that as part of my job it is *my* responsibility to ensure licensing is correct in the school. Not the Head, not the Chair of Governors or aanyone else ... me ... and that means that should FAST or particular companies come banging on the door I am the one that has to answer to them ... and I am the one who gets the £30,000 fine!!!! So it is in my interest to make sure it is correct ... and if I find anyone who intentionally deceives me then they are going to get dragged up on a disciplinary and I will be speaking to a lawyer!!!!

    Ok ... the DPA and computer misuse act are usually enough to make them realise we are just following rules and actually trying to protect them from students (or even other staff) saying "But all my work has gone ... someone has it in for me!!!"



SHARE:
+ Post New Thread
Page 1 of 3 123 LastLast

Similar Threads

  1. Head of Assessment
    By SpecialAgent in forum Educational IT Jobs
    Replies: 0
    Last Post: 27th April 2007, 11:52 AM
  2. Well said that head.
    By Dos_Box in forum General Chat
    Replies: 67
    Last Post: 4th April 2007, 09:01 AM
  3. Head on over to surveys
    By Ric_ in forum General EduGeek News/Announcements
    Replies: 4
    Last Post: 20th June 2005, 09:33 AM

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •