+ Post New Thread
Page 1 of 2 12 LastLast
Results 1 to 15 of 19
School ICT Policies Thread, network technicians acceptable use policy in School Administration; chilli morning fellows, just wondering if you got a policy in place specifically for network technicians, a sort of AUP ...
  1. #1
    maestromasada's Avatar
    Join Date
    Apr 2009
    Posts
    166
    Thank Post
    93
    Thanked 14 Times in 13 Posts
    Rep Power
    13

    network technicians acceptable use policy

    chilli morning fellows,
    just wondering if you got a policy in place specifically for network technicians, a sort of AUP that they can sign to acknowledge certain rules like for example:
    - installing inappropriate software on the servers will take disciplinary actions.
    -accessing staff e-mails/documents without their permission will take disciplinary actions.
    You probably are wondering now what sort of network environment or working condition we have to wanted to do this AUP, but though I trust the technicians, I can't really be sure what they are doing at my back with the admin accounts, and because they provide support, they legitimate need to get access to certain admins areas and consoles that give them access to lots of confidential data.
    I just wondering if some of you have had a similar concern

  2. #2
    markcuk's Avatar
    Join Date
    Sep 2005
    Posts
    590
    Thank Post
    29
    Thanked 60 Times in 55 Posts
    Rep Power
    38
    that's all very good but what about yourself?

  3. #3
    maestromasada's Avatar
    Join Date
    Apr 2009
    Posts
    166
    Thank Post
    93
    Thanked 14 Times in 13 Posts
    Rep Power
    13
    Thank you for highlight the fact. One of my roles as a network manager is to make people unhappy. After all it is my head on the tray if something goes wrong.

  4. #4

    SimpleSi's Avatar
    Join Date
    Jun 2005
    Location
    Lancashire
    Posts
    5,829
    Thank Post
    1,476
    Thanked 595 Times in 446 Posts
    Rep Power
    170
    You've brought up a very good point.

    I (and probably most primary techs) operate on just a trust basis which would probably make enforcing disiplinary action (if we went off the reservation) quite difficult (I'm thinking access to email accounts and confidential information or perceived IT negligence)

    But then again,my schools usually have policy statements that say that staff are to keep ANY information confidential so that might cover things.

    Interesting

    Si

  5. #5
    alan-d's Avatar
    Join Date
    Aug 2005
    Location
    Sutton Coldfield
    Posts
    2,421
    Thank Post
    360
    Thanked 258 Times in 189 Posts
    Rep Power
    76
    We all sign the same AUP as the Staff. It contains the line
    Any user identified as a security risk may be denied access to the system and be subject to disciplinary action.
    It is part of our job to ensure the security and confidentiallity of the network and data, the problem is not what they see but what they do with the information they come across. The misuse of information then comes into the realms of disciplinary proceedings outside the AUP.

  6. #6

    bossman's Avatar
    Join Date
    Nov 2005
    Location
    England
    Posts
    4,010
    Thank Post
    1,249
    Thanked 1,098 Times in 781 Posts
    Rep Power
    337
    @maestromasada:

    Trust is a 2 way process and to gain trust you have to earn it and a piece of paper with a signature on it doesn't speak to me of trust in any way shape or form.

    As alan-d has put forward all staff sign an AUP but how many of the Teaching staff break that AUP every working day and how are they penalised? (there not) so why would a special AUP for your technicians be any better than a general AUP for all staff.

    Give your guys a break and learn to trust I would trust my technicians with my life.

  7. #7

    Hightower's Avatar
    Join Date
    Jun 2008
    Location
    Cloud 9
    Posts
    4,920
    Thank Post
    494
    Thanked 690 Times in 444 Posts
    Rep Power
    242
    We all sign the same AUP here, but a lot of it also comes down to trust in my opinion. If you can't trust your technicians then should they really be working in a school with confidential data?

    A lot of it is common sense. I would hate people going through my files willy nilly, and expect it not to happen. So what gives me the right to go through other peoples files. If somebody phones up and I need to VNC in to their machine, I always ask if it is okay to remote in as they may have confidential data on the screen. The amount of times I've been emailed a confidential document that someone can't open and needs converting - do they stress that 'its confidential'? Not here, they expect you to do a job, so you do the job, deleting any copies of the email straight after.

    Like I say, have them sign the staff AUP, but trust goes a long long way in a job like ours.

  8. #8
    maestromasada's Avatar
    Join Date
    Apr 2009
    Posts
    166
    Thank Post
    93
    Thanked 14 Times in 13 Posts
    Rep Power
    13
    Thank you for your ideas and comments, I take all of them on board. My experience sadly has showed me that you can't fully trust anybody, specially when the trusted individual is out of the environment when the amount of existing trust has already been generated. For example, I trust my car to drive on the road but I will not trusted to drive over water!

    Have seen some funny things lately (contracts the admin office tells me have been modified, people knowing how much each other is earning, jobs prospects, appraisal results some other people know, and some emails 'not in bold' that I hope are not related...) Investigation reveals that this unusual leak in documents info could have only happens using our existing VPN connection (the files show a modified time well into the night when school is closed). Legitimate users insisting they haven't change their own files, logs can't go any further, what am I to think of?

    Will get them to sign something just to be on the same side and, in a way, to protect them, but God help me be the one who throw the first stone.

  9. #9

    Hightower's Avatar
    Join Date
    Jun 2008
    Location
    Cloud 9
    Posts
    4,920
    Thank Post
    494
    Thanked 690 Times in 444 Posts
    Rep Power
    242
    Quote Originally Posted by maestromasada View Post
    what am I to think of?
    Well you're certainly not to accuse or punish anybody until you know what is going on. Get your logs sorted, and find out before going any further. Restrict access where users aren't 'trained', so if you have a hardware tech, he shouldn't necessarily be logging on to the servers should he?

    Take for instance, this morning I woke up to find water on the floor and a defrosted freezer. I strongly believe that the OH left the freezer open, but I don't KNOW this so I can't do anything about it this time. I can however set up an array of video camera's and pressure pads ready to catch the silly mare the next time she does, then I will be coming down on her like a fridge/freezer full of soggy defrosted food.

  10. #10


    Join Date
    Sep 2008
    Posts
    1,833
    Thank Post
    342
    Thanked 263 Times in 215 Posts
    Rep Power
    121
    You dont need a seperate AUP just put the 2 issues into the all staff AUP so
    - installing inappropriate software on the servers will take disciplinary actions.
    -accessing staff e-mails/documents without their permission will take disciplinary actions.
    then becomes appllicable to all staff regardless of their position. I do feel if you start looking at creating a seperate AUP for tech staff then where do you stop? What about SMT or finance who might leave their machine with confidential information on screen so anyone wondering into their office can see it?

    Just cover all things your concerned about in a ALL STAFF AUP. Their Job Description should provide information as to what they should be doing with their access.

  11. #11

    SimpleSi's Avatar
    Join Date
    Jun 2005
    Location
    Lancashire
    Posts
    5,829
    Thank Post
    1,476
    Thanked 595 Times in 446 Posts
    Rep Power
    170
    I think your well beyond an AUP.

    If someone is doing all this, I don't think a piece of paper is going to slow them down and you don't need their signature on an AUP to dismiss them on a conduct charge.

    regards

    Simon

  12. #12

    JJonas's Avatar
    Join Date
    Jan 2008
    Location
    North Walsham, Norfolk
    Posts
    3,184
    Thank Post
    410
    Thanked 447 Times in 332 Posts
    Rep Power
    388
    If someone is using remote access at night can you not see who is doing that?

  13. #13

    glennda's Avatar
    Join Date
    Jun 2009
    Location
    Sussex
    Posts
    7,821
    Thank Post
    272
    Thanked 1,140 Times in 1,036 Posts
    Rep Power
    351
    Its written into our contract that we will abide by the Acceptable use policy of the school which is available on request the same as with all other members of staff.

    It then saves the piece of paper being lots if for any reason disciplinary is taken it is then kept with HR so they blaim is on them!

  14. #14
    alan-d's Avatar
    Join Date
    Aug 2005
    Location
    Sutton Coldfield
    Posts
    2,421
    Thank Post
    360
    Thanked 258 Times in 189 Posts
    Rep Power
    76
    Quote Originally Posted by maestromasada View Post
    Thank you for your ideas and comments, I take all of them on board. My experience sadly has showed me that you can't fully trust anybody, specially when the trusted individual is out of the environment when the amount of existing trust has already been generated. For example, I trust my car to drive on the road but I will not trusted to drive over water!

    Have seen some funny things lately (contracts the admin office tells me have been modified, people knowing how much each other is earning, jobs prospects, appraisal results some other people know, and some emails 'not in bold' that I hope are not related...) Investigation reveals that this unusual leak in documents info could have only happens using our existing VPN connection (the files show a modified time well into the night when school is closed). Legitimate users insisting they haven't change their own files, logs can't go any further, what am I to think of?

    Will get them to sign something just to be on the same side and, in a way, to protect them, but God help me be the one who throw the first stone.
    From what you say above I think you should look seriously at changing passwords and go over who has access to what and why. It may not be a technician, it could be another member of staff or even an outsider who has somehow got hold of account details that give them access.
    Access via VPN should still be traceable if not by you then by your ISP (I assume it's the LEA).

    I think your first priority is to look at the security of your network before you accuse anyone of anything.

  15. #15

    witch's Avatar
    Join Date
    Nov 2005
    Location
    Dorset
    Posts
    11,335
    Thank Post
    1,487
    Thanked 2,570 Times in 1,786 Posts
    Rep Power
    773
    I sign the same AUP as the staff with a few modifications about accessing people's data when necessary etc.
    Sounds like you have a bit of a bigger problem than that though. I agree that changing the passwords is a good idea as it will stop any outsider (possibly from the past) and may also act as a heads-up to anyone doing something they shouldn't be doing



SHARE:
+ Post New Thread
Page 1 of 2 12 LastLast

Similar Threads

  1. Acceptable use Policy Software
    By AnnDroyd in forum Internet Related/Filtering/Firewall
    Replies: 7
    Last Post: 29th March 2010, 07:25 PM
  2. VNC Policy for technicians
    By mcloum in forum School ICT Policies
    Replies: 31
    Last Post: 2nd December 2009, 04:47 PM
  3. Acceptable Use Policy
    By kingswood in forum How do you do....it?
    Replies: 5
    Last Post: 12th July 2006, 08:26 AM

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •