website stats
September, 2008 - Microsoft UK Schools blog - Site Home - MSDN Blogs
The UK Schools Blog
News and views from the Microsoft UK Education Team
Home    index of content      about this blog     rss feed     email us     our website

September, 2008

  • Microsoft UK Schools blog

    Running out of space/power for your servers?


    Just one of the things on head teachers’ minds these days is the budget gap created by rising electricity and gas costs. Some schools talk about 150% increases, and the knock on to other school budgets could be immense. And ICT is surely playing its part in the increase. Since 2002, the number of computers in a typical school has doubled, and with that more power-hungry servers have also arrived (a typical rack-mount server might have a 700 watt power supply).

    So it makes sense to think about your power consumption. I’ve written before about power-saving on your desktop/laptop computers here, but what about servers?

    One of the easy wins is to plan your strategy for virtualisation – reducing/restricting the number of physical servers you need in your server room, and giving you more flexibility in your ICT infrastructure. To be honest, we’re probably in the foothills of the Virtualisation Alps, which is why it’s a good time to build a strategy.

    There are a pair of education case studies worth looking at, to compare others’ strategies:

    Kentucky’s virtualisation strategy

    The Kentucky Department for Education run 900 servers on behalf of their schools – 200 in a data centre, and 700 spread across their school system. They found they were each running at typical 10% of capacity, because they had dedicated servers for each task. By deploying virtualisation (they were lucky to be on our early adopter programme for Windows Server 2008 and Hyper-V) they estimate that they’re going to reduce their physical servers by 60%, reduce data centre space by 50%, and reduce power use by 25%.

    And their goal is to reduce any downtime by building in redundancy – ensuring that there are less interruptions to learning across the schools. And then to enhance their disaster preparedness as a result.

    Warwickshire’s central virtualisation hub

    The education team’s ICT Development Services started virtualising applications to better support their 250 schools. Their model uses a delivery model of applications served from a central hub, to give them network and device neutrality – so that users can connect to applications from anywhere on the Internet, not just within school. Not only does it save cost, and reduce hardware costs, but they have also seen that it can enhance data security rights across the system.

  • Microsoft UK Schools blog

    Making sure you buy the right version of Windows


    With the news this week on Information Security guidelines for schools – and the obvious need for encryption on teachers’ laptops from now on, I think it would be timely to remind you how to ensure that you buy the right licences for Windows Vista – so that you get the licences for BitLocker, which is a government certified encryption system built into Windows.

    BitLocker is automatically included within either Windows Vista Enterprise, or Windows Vista Ultimate editions. If you are buying Windows Vista Business or Home editions, then you need to take some action. Under all circumstances, you first need to buy a computer with Windows on it.

    If you know which scheme you use to buy your Microsoft licences, then this’ll be easier!

    • School Agreement customers
      If you buy your licences under the Microsoft School Agreement (you pay an annual fee for your software, and you simply count how many PCs are in your school) then you need to read no further. You are automatically licensed for either Windows Vista Enterprise or Ultimate upgrades. BitLocker away…
    • Select Licence customers
      You buy a computer with a Windows licence, and then upgrade to Windows Vista Business by buying a Select licence. (Lots of people do this because it is one of the cheapest ways to get Vista Business edition – often cheaper than buying a PC with a Windows Vista Business licence pre-installed).
      You need to take action to ensure that you get BitLocker, by buying the Software Assurance option. This is a 1 or 3 year agreement, a bit like a software maintenance agreement, that gives you a bundle of benefits, including the automatic right to upgrade to Windows Vista Enterprise (and therefore BitLocker).
    • You buy a computer with Windows Vista Business or Vista Home
      You need to contact your Microsoft reseller and buy Software Assurance for Windows Vista. This automatically gives you rights to run the Enterprise edition, and therefore run BitLocker. You only have 90 days to buy this after you’ve bought your computer!

    But what happens if I’ve already bought Windows Vista licences, and haven’t bought “Software Assurance”

    Okay, unless it hits the 90-day rule above for a new PC, then you can’t go back and retrospectively add Software Assurance. If you’re in this situation, then you are going to need to get new licences, and use your old upgrade* licences on computers which don’t need encryption – like ICT suites and student laptops. Most schools are regularly bringing in new computers, so you shouldn’t be up the creek.

    And you may have to bring in new laptops for your teachers anyway, as it is likely that the laptops will need to have additional capabilities to enable encryption (like TPM chips)

    You can read more about Software Assurance here – look at the bottom of the page for “How to get Software Assurance”

     * If you buy your Windows Vista Business licence as an upgrade on our academic licensing schemes (Select/School Agreement/Campus Agreement) then you can transfer your upgrade licences between computers. If you buy a licence with your computer (normally known as an OEM licence) then it's fixed to the specific computer. Moral of the story: Not only is it normally cheaper to buy a Volume Licence version of a Windows Upgrade, it is also more flexible.

  • Microsoft UK Schools blog

    Information Security – all the guidelines are out


    And, boy, do they take some reading. We’re rocketed from ‘worry, but I can’t tell you why’ to ‘this is what you should really worry about’, in a mere 125 pages. How does that make you feel?

    For the minute, if you want all of the specifics on the Becta Data Handling guidance, you’re going to have to take a look at all of the documents on the Becta website, and work your way through them as though your job depended upon it. That’s exactly what I plan to do with a small group of others from the business, starting later this week!

    But, in the meantime, here’s my take on the big headlines:

    Impact Levels

    Appendix A, in the “Information Handling – Impact Levels” document is one of the first to deserve a look. It lists the different examples of data types, and the required authentication according to the Government requirements, and what kind of external access is allowed. If you look at Impact Level 3 data, you’ll see that it mandates two-factor authentication for teacher remote access to a learning platform or MIS system. As far as I know, there aren’t any Learning Platforms in the Becta approved list that meet that criteria, so I guess we’ve got a big shake-up coming on that front.

    Now, if we can provide that easily on SharePoint/Learning Gateway systems, then that’s a quick win for you – because you can enable it for your Learning Platform, and MIS, and other systems all in one go. I know that SharePoint isn’t being used by everybody, but it’s probably now a majority of schools and local authorities



    The good practice guide for “Data Encryption” (54 pages of good practice – definitely no skimping on detail or Mb here!) has some specific pointers. You will need to read (and re-read!) the guide to work out what it means in your situation, but there’s some direct instructions, eg:

    Page 3: “Users may not remove or copy sensitive or personal data from the school or authorised premises unless the media is encrypted and is transported securely for storage in a secure location”.

    Helpfully, it goes on to warn It should also be noted that the use of encryption – installing and configuring additional software on every teacher’s laptop as well as new Authentication Tokens, SSL and perhaps SSL accelerators and logging technology – is not only time consuming but also requires a change of culture for all users. Awareness of the sensitivity of data – whether electronic or on paper – must be part of every school's duty of care to staff and pupils. At least it’s clear that these rules apply to paper and electronic data.

    And, just in case you were thinking that you had time to get your ducks in a row, on page 4, in section 2.1 it says:

    Note that if your school does not have encryption now, you should stop all copying, removing or accessing protected data until you have software to encrypt files and protect the communication links accessing this data.”

    In Summary?

    For those of your responsible for the ICT systems in your school, here’s my simple four point summary of what this all means. (You’ll have to read the 125 page detail for more!)

    • Students need username, password and SSL for remote access to the Learning Platform (SSL=the Internet “padlock”)
    • Staff will need username, password, SSL and a second factor (like a smartcard) for access to school systems remotely.
    • MIS data can’t be allowed on teachers/managers laptops.
    • Computers that may contain sensitive data should be encrypted, whether or not they leave the school.

    Oh, and my simple diagram (below) in my “Information Security – it’s not black and white” post was a pretty good forecast!

    And finally (ITN style!) the Data Encryption guide has 54 pages, because it contains a 29 page guide to installing TrueCrypt, an Open-Source encryption tool. “29 pages?” I hear you ask. Well, yes. Because it starts with this dire warning:

    “TrueCrypt is a free open-source encryption software package for Windows Vista/XP, Mac OS X, and Linux platforms. Issues have been raised with the high level of complexity of the user interface and configuration processes for typical users.
    There is a significant probability that inexperienced users will cause irrecoverable damage to their machines/data during the installation process.”

    I’m guessing that things like Jerry Fishenden’s guide to using Bitlocker to secure USB memory sticks, suddenly look simple!

  • Microsoft UK Schools blog

    Information Security – it’s not black and white


    I’m continuing to read the new Becta guidance documents on Information Security, and think about the consequences. After a few discussions with people, and comments from others here and elsewhere, I thought I’d try a to create a visual way of understanding where we are. This is by no means definitive, and it might be wrong. But it’s an attempt to simplify all of the guidance down to a simple picture of what is and isn’t allowed with the current guidance, and to highlight some of the things in the grey areas. Hopefully the further guidance we’re expecting to come will narrow down some of the grey areas.

    Updated 19th September, with input from John from Bolton (see comments). The “reds” are growing!


    My picture has three areas - “green” for good things; “red” for definitely bad things; and “grey” for those areas where it just isn’t yet clear. (Some of which are bound to turn “red”!)

    Let’s make this a community thing – what else do you think is missing? What do you think is in the wrong place (according to your reading of the guidelines)?

    Read my previous post “Information Security – more, but not yet enough, advice from Becta

    For more about Information Security, take a look at all the related earlier articles

  • Microsoft UK Schools blog

    At last, a blog for teachers


    When I sit down and write for this blog, I’m aware that I’m really writing for people who are “in the know” in some way or another. As a reader, you probably are enthusiastic about ICT, and it’s probably in your job description somewhere (or everywhere?). And so I can make certain assumptions about what I write.

    For a long time, I’ve been aware that on this blog I’m not really able to also write for teachers who aren’t ICT enthusiasts. If I tried to mix the content, I just don’t think it would work for anybody.


    And so I was really happy when my colleagues Kristen Weatherby and Stuart Ball wanted to get started on a Teachers blog for teachers in England, Wales and Scotland. I’ve been working with them to get it started and it’s now up and running. You’ll find that it has got lots of useful info that you can share with your teaching colleagues (or use yourself if you’re a teacher).

    The posts that are up so far are introductions to Kristen and Stuart, and then to the Innovative Teachers Network, where we are building a community of like-minded teachers, keen to learn from and share with others. Here are Kristen & Stuart’s first posts:

    • Teaching around the world...and right here at home
    • From Classroom to Microsoft
    • It’s the Innovative Teachers Network, but not as we know it!
    • A cure for the lesson-planning blues
    • Communities, the Heart and Soul of ITN
    • Celebrating Innovative Teachers
    • Travel the World and meet interesting people … Innovative Teachers
    • The Virtual Classroom Tour – What on earth is it?

    Take a look for yourself

  • Microsoft UK Schools blog

    Becta – pouring oil on troubled water


    It’s been nice to see some thawing in the relationship between Becta and Microsoft. To be honest, this has taken too long, because Becta’s snappy catchline “Leading Next Generation Learning” is what we’re all about too.

    Yesterday they published their press releaseBecta welcomes substantial progress in discussions with Microsoft”, which has sparked off a series of articles, like Merlin John's "Peace at last? Becta and Microsoft edge closer", The Journal's "Becta Gains Ground in Interoperability for Education" and ZD Net's "Microsoft licensing switch pleases Becta"

    The press release also previews a pilot of a new licensing scheme that will be available next year, to supplement the existing Schools Agreement option. Although the detail isn’t yet available, some of the changes are highlighted in the Becta release:

    “The UK will pilot a new Microsoft licensing scheme that removes the requirement for schools using subscription agreements to pay Microsoft to licence systems that are using their competitors' technologies. So for the first time schools using Microsoft's subscription licensing agreements can decide for themselves how much of their ICT estate to licence.

    Schools opting to use the pilot licensing programme can choose to stop paying Microsoft licence fees for Apple Mac or Linux computers which are not actually running any Microsoft software. Computers running open source products such as would also no longer attract Microsoft licensing fees. Importantly such schools will also be able to decline to licence products such as Vista on systems that are technically incapable of running it. There are also now options for schools to license based on the number of users, rather than the number of PCs, or a combination of the two.”

    The Becta release is very specifically comparing the new scheme to Schools Agreement, even though the majority of schools don’t use it. So don’t panic – after reading their news release, you might think you’re being forced to license computers you don’t run our software on! You’re not. With Select licences, you license as many or as few as you want, for a perpetual licence. Schools Agreements are mainly used by schools who want to simply count all of their computers, and license them all for a standard set of software. Not only does it save hassle, but the initial cost is lower.

    When the details start to emerge on the pilot scheme, I’ll definitely cover them here.

    Licensing is complex* – if you want an easy to understand story, then take a look at this blog post (it’s one of the most popular on the blog!)

    How to get the best deal on Microsoft software in education

    * Yes, licensing is complex. Even the spelling is complex. In the US, they just say “license”. Whereas we say “licence” for the noun, and “license” for the verb. So I’m constantly confused over sentences like “To license 10 PCs I need 10 licences

  • Microsoft UK Schools blog

    Ed The Fed says "Stay safe out there"


    EdTheFedThumbI have a colleague, Ed, who’s a legend around here. He’s the Microsoft UK Chief Security Advisor. Obviously that’s a bit of a mouthful, which is why we call him “Ed the Fed”, because of his career history – which obviously makes him an ideal person to ask about Information Security. (I was going to share a picture of the real Ed, but I thought that you’d prefer the cardboard cutout of Ed from our atrium!)

    So I wandered along to Ed’s desk, told him about the dilemmas schools are facing with Information Security, and the new Becta guidelines, and he jumped into action.

    “Ray”, he said, “you need to remember that this isn’t just about what you do with your IT systems – it’s also about what people do”…and that led to a long, long conversation.

    Good to his word, Ed wrote a great article for me – something that you can share with colleagues, friends and family – designed to ensure that anybody using a PC – whether it’s their home machine or their school laptop – can be more secure.

    The premise is that you need everybody in your organisation adopting safer practices, at home and in school. And raising their awareness and giving them a self-interest (eg making sure that they are safer on their home PCs) will help you improve information security.

    Anyway, over to Ed:



    Chief Security Advisor, Microsoft Ltd UK

    The “Pareto Principle” - or, sometimes “Just Enough is Good Enough”

    I was asked by my friend, Ray Fleming, to list a few things you can do NOW to help ensure a safer online experience. He looked at the title to this article, and then me, and said he already didn’t want to read any further. “It’s supposed to be an article giving our readers a ‘Top 10’ list of things to do NOW, Gibson! Not a place to be talking about the Peter Principle”.

    But let’s not be too hasty, Mr Fleming. The PARETO principle is simply the formal name to what we all know to be the “80/20 Rule”, or, 80% of the effects come from 20% of the causes. And that’s the point of this article - of the scores of things you can do to be safer online, there are a few you can take right NOW that will take you more than 80% of the way to online safety. Follow my Ten Steps to Online Safety in 30 Minutes and sleep more soundly tonight.

    1) Do not start surfing the web or getting busy online until you have completed steps 2-6.

    2) ANTI-MALWARE: If you have not already done so, install Anti-Virus, Anti-Spam, and Anti-Phishing software. If you are using Windows XP with auto updates turned on, or Windows Vista, you already have Windows Defender, free. But you still need Anti-Virus software. Go to, click on ‘Security Downloads’ at the top of the screen, and look for an Anti-Virus product. Get something you trust.

    3) Turn on your Internet (ie, go online).


    a) Run Windows Update to ensure you have the most current security updates.

    b) Run the Secunia Online Software Inspector to make sure even your non-Microsoft software is up to date. This will also alert you if your firewall is not turned on

    5) Run Windows Malicious Software Removal Tool (MSRT) now. This will get rid of the vast majority of malicious software and other unwanted software on your computer.

    6) Go to - the UK Government campaign for online safety. If you have wireless Internet read the section on wireless security. Make sure yours is configured properly - read the instructions for your wireless modem - if all of this sounds unfamiliar to you, send me an email for help.

    SEE, you feel much better already, right. Why? Because you just spent 30 minutes to make sure you are at least 80% of the way to being safer online.

    If you have 15 more minutes, read on.

    7) SOCIAL NETWORKING: If you have little people at home or university, they are likely to be using a social network site such as MySpace, BeBo, FaceBook, etc. Make sure you and your little people spend 10 minutes reviewing - though focused on BeBo, its advice applies to all sites.

    8) PASSWORDS: Let’s face it, if you are like me chances are you can’t remember a lot of passwords. Don’t go overboard. If you can’t remember your passwords, you’ll end up writing them down - which defeats the purpose for having them to begin with. Try remembering patterns on the keyboard instead.

    9) DO NOT click on any links in an e-mail from someone you do not know.

    10) PHISHING FILTER: Internet Explorer 7 has a built in phishing filter. If you see a red bar at the top of your webpage, it means you are going to a known site that has malicious software. DO not go there!

    Send me an E-Mail to if you have questions or concerns. I reply to all emails (presuming you ask a question rather than suggest a new place for me to live).


  • Microsoft UK Schools blog

    Information Security – more, but not yet enough, advice from Becta


     The Becta Information Security advice page for schools has been updated, and they provide a more detailed document (Keeping data safe, secure and legal) which goes further than their previous advice, but not yet far enough. In fact, if you take the report at face value, you’re going to lock up your registers, and wait for the next set of reports!

    First, the good news

    This latest update is a step towards clarity – helping us all by being clear about what precautions are needed to ensure that data is kept safe (and that this advice applies to data in whatever format – whether it’s on a computer, or written on a piece of paper).  This guidance will get to the top of your senior leadership priority list pretty quickly. The Becta document talks of the various management roles responsible for information security, and then goes on to say…

    FirstquotesAlthough these roles have been explicitly identified, the handling of protected school data is everyone’s responsibility – whether you are an employee, consultant, software provider or managed service provider. Failing to apply appropriate controls to protect this data could amount to gross misconduct or even (lead to) legal action.Endquotes

    And now, the bad news

    Implementing these Becta Information Security guidelines is going to take a while, and a level of technical understanding of what must be done. In fact, given the statement on page 7 “All education ICT systems must be classified for the highest level data processed by the system and automatically labelled at the corresponding level”, it means that you’ve got to assume that almost all of your systems, and all of your staff, are handling highly secure data (in Government-speak “IL3-Restricted”). And that this therefore involves lots of changes to the way you handle, transport and allow access to your school’s pupil data. In stark terms, it says on page 5:

    FirstquotesUntil new technology or enhancements to your existing ICT infrastructure can be put in place, you are likely to need to make operational changes. These may mean that certain types of sensitive data may no longer be accessible away from the school in the short term.Endquotes

    The next set of Becta guides, not yet published, will hopefully spell out what classifications of data need to be protected by which mechanisms - see below. The current advice is almost ‘lock everything down folks’, and that’s not sustainable in the long term. But certainly, if you have a member of staff taking sensitive data home on their laptop – like special needs records, or other sensitive information on a pupil – then you need to take immediate action to safely remove the data from their laptop, or fully encrypt that data and/or their laptop. And if you have remote web access to your MIS and Learning Platform, and it’s not protected by the little SSL padlock in Internet Explorer image, then you’ll need to urgently review/change your systems.

    The guidance covers keeping data secure whilst in school, and on your ICT systems, and also how you must ensure that the data are appropriately labelled encrypted, stored and disposed of. (Eg all documents and screens displaying protected data need to have labels showing that the data is protected, and must be securely destroyed after use). The 6 key bullet points from page 7 of the Becta document are below:


    And finally, more good news

    The Appendix A of the Becta Information Security report is called “Quick wins for data handling compliance”, and I’d recommend taking a look at that (and passing it on up the chain!).

    And there are more documents coming, which will contain really specific, practical advice. According to the current document:

    FirstquotesThere are four accompanying good practice guides:

    • Impact levels and labelling
    • Data encryption
    • Audit logging and incident handling
    • Secure remote access. Endquotes

    Although they are not yet published by Becta, there’s more to come soon – and hopefully these guides will be the ones that spell out specifically what information falls into the different categories, and how it needs to be protected. For example, is a class list something that should be protected by IL-2 or IL-3 mechanisms? And what are the defining bits of data that moves it up from IL-2 to IL-3. For example, is a Special Needs statement automatically IL-3, or IL-2 until it has medical info attached?

    What do you need from us?

    There’s some obvious advice we’ll issue, as soon as the four further guides are published – eg encryption and remote access. But what other advice do you need from us, to help you respond to these guidelines? And at what technical level? Comment now, as what you say now will set the direction of the conversations I’m having with our Government security guys…

  • Microsoft UK Schools blog

    Jersey e-Learning Day


    Yesterday I went to (not so) sunny Jersey, where the roads are narrower than my rural broadband pipe! Although I was only there for 24 hours, I got to see the whole island – mainly as a result of the air display, which forced me to return to the airport via the “long” route.

    It was a great day, with lots of good presenters and presentations, and I really enjoyed listening to all of the speakers.

    My humble contributions are below.

    For the first time in months, I used the Shift Happens presentation, because most of the audience hadn’t already seen it. It was a relief that nobody else used it before me – the last couple of conferences I went to started with the conference chair saying “I don’t know where this came from, but I wanted to share this video I saw at another conference” – and then I sit through my own presentation; and also have to go off and change my presentation, because I obviously can’t use it twice!

    The presentation that I gave, themed around “The New World of Learning”, is below – of course, it’s not the same without the story that goes with it, but yet again I forgot to take my Zoom H2 recorder to make the soundtrack. Next time!

    imageimage The conference was hosted at Grainville School in St Helier, which has a fantastic recent entrance and set of ICT suites. Unlike all new school buildings in England, it doesn’t have an atrium (go Jersey, show your independence from the current atrium-fetish on the mainland!)

    What it did have was a fantastic art installation in the foyer from one of the students. I couldn’t resist create a Photosynth of it, because it was truly astonishing – a massive white cross, adorned with barbed wire, and surrounded by a sea of ‘blood’ – created by Demi-Lee Thompson

    Sadly, for the minute nobody in the school in Jersey will be able to see it – the Jersey broadband service has filtered Photosynth out! Hopefully somebody there will be able to add it to the safe sites list.

    I’ve also heard that other education broadband providers have filtered out Photosynth – which seems really bizarre, when you consider the content. If you’re Internet connection has it filtered, add a comment to this post, saying which provider you have, and we can all see if there’s a common thread!

  • Microsoft UK Schools blog

    Shift Happens UK download


    It's been quite a while since I posted up the UK Shift Happens presentation,and UK Shift Happens download. For some reason, whilst checking the pages this evening, the server seems to be having a problem with the page. So, to ensure that everybody can still get it, here it is all over again:

    Shift Happens is a brilliant PowerPoint presentation, which has a strong message for educational audiences. It works as an opener for conferences or events where the future of education and learning is under discussion, or where you want to provoke a discussion about learning.

    This version is the UK version of Shift Happens, modified from Karl Fisch's American original to reflect both a UK context, and designed specifically for an audience of people involved in the UK education system.

    • Karl Fisch, of Arapahoe High School in the US, conceived and created the first version of this presentation for a staff development day. And published it on the web via his website. He released it and gave permission for others to modify it under a Creative Commons licence.
    • Scott McLeod modified it, to make it more relevant to an audience in a wider context. And published it on the web with a Creative Commons licence
    • After conversations with Karl & Scott, I modified Scott's version to include UK-relevant content (it was quite US-centric)
    • And then Jeff Brenman, of Apollo Ideas, applied the creative design to Scott's version. And published it on the web via SlideShare where, incidentally, it won the competition for the "World's Best Slideshow"
    • And finally, with Jeff's permission, I modified his with the UK context. And published it on the web 
      This Shift Happens download has become one of the most popular resources for people searching for the Shift Happens presentation, and especiall the Shift Happens UK Version

    There are two versions available here:

    • For an easy to use version, then download the movie which includes the soundtrack - then you can embed it into your PowerPoint presentations or play it directly in Windows Media Player etc
    • Alternatively, you can download the PowerPoint presentation, which can be modified as you wish.

    Right Click and "Save Target As..." to download either file

    If you modify this version, and following the norm of the Creative Commons Licence, we’d all ask that you share it on the web too, so that others can benefit.

    Update: Since the original version created by Karl Fisch, over 4,000,000 people have seen his presentation on YouTube alone! Karl has posted a very detailed reflection on the content on his blog, which analyses the sources and his original intentions for publishing. Some of the sections/slides he refers to aren't in this UK version, but there is very interesting comment from him worth reading if you are interested in looking into the presentation more deeply.

Page 1 of 2 (14 items) 12