Secure access to your school ICT systems using VPN by nfy87895

VIEWS: 11 PAGES: 3

									Friday, 12 March 2010




Dear Colleague

Secure access to your school ICT systems using VPN (Virtual Private Network) technology

Now that all of our Hertfordshire schools are connected with broadband and many staff and
students have similar good connections at home there are increasing demands for more
accessibility between home and school. We are addressing this generally through the
development of the Hertfordshire Learning Platform. This letter refers to just one special type of
home-school access which is intended only for those of your staff who manage ICT systems
within your school network and who therefore require a relatively unrestricted access. Typically
these will be any staff with responsibility for managing your network or your SIMS (or other MIS)
systems.

We can offer secondary schools up to 10 of these systems administrator home-school accounts
for named members of staff and up to 5 for primary schools. (It is possible to increase these
numbers where necessary to meet very particular needs.)

If you wish your school to have access to this service please complete the attached reply form
and return it to me.

There are several issues to take into account when considering whether this is a service that
could be of benefit to your school:

1. Security
This is the most important issue. The service provided by NTL will be completely secure in that
only the staff designated by you will have access to it but, as always, the weakest link in any
system of security lies with the people who actually use it. This means that any staff with the
necessary passwords and other information in order to access your ICT systems remotely must
take proper precautions to ensure that this information is not compromised. If they ever believe
that this information may have fallen into the wrong hands then they must inform the NTL
helpdesk immediately on telephone number: 0800 0521 386

2. Formal written agreements
You might like to consider having a formal written agreement about security with any staff who are
given VPN accounts. This could include a statement about the acceptable uses for the service.

3. School owned laptops
By far the best way to deploy this service is on school owned laptops (or other machines) which
are used by the staff concerned. This allows for much tighter management of this home-school
access and of course the equipment can be simply recovered if the member of staff should leave
the school.

4. Personally owned computers
The service will work from computers owned personally by your staff and used from their homes
but it is still the school that will have to support the setup of those machines. You should consider
the implications of any problems that might arise on those privately owned computers as a result
of their configuration for use with this service. Just as importantly remember that depending on
how you implement the service you could have a situation where personal data from your school
systems is also present on the privately owned equipment of your staff. In this situation the
school remains responsible for the protection of that data. Clearly the implementation of this
service on school owned equipment is by far the preferred solution.




                                                1
Friday, 12 March 2010




5. Costs
The service will be supplied to schools by NTL at no direct cost. NTL will create and maintain
your accounts and provide all required information to your named contact. A small program
(Cisco VPN client) will have to be installed on any machine from which the service will be used.
NTL will make the program available for download by your nominated contact but it will be the
school’s responsibility to distribute and install it.

6. Setup within school
Depending on how you will use this service it may be necessary to make some small changes to
your school systems. This might include the installation of some remote management software
such as NetOp. It will be the school’s responsibility to undertake this work.

7. Is it for you?
Clearly this is a service only for those schools with technical staff who understand the issues and
technologies associated with remote management. If you do not have this skill and experience
within your staff then this service is probably not for you.


Please do contact me if you wish to discuss these matters further


Yours sincerely


Chris Seviour – Technical Adviser – Hertfordshire
Email: chris.seviour@hertscc.gov.uk




                                               2
Friday, 12 March 2010




Application for VPN access to school-based systems for
designated staff

School Name: .....................................................................................................................


School Number: ............

I have read and understood the security and data protection issues associated with this service,
which were outlined in the letter that accompanied this reply form. I would like to make use of the
VPN service for some of my staff and for this to be managed on my behalf by the nominated staff
contact shown below.


Signed:                .....................................................................................................................


Role:                  ......... Headteacher                 Deputy Headteacher                   (Please delete as appropriate)


Date:                  ..............


The nominated contact for this school is:


Name:                  ......... ...........................................................................................................


Role:                  ......... ...........................................................................................................


Telephone:              ......... ...........................................................................................................
                       (Please give mobile number or extension where possible.)


Email:                  ......... ...........................................................................................................
                       (Please note that for reasons of security NTL will only communicate with official
                       school email accounts. If the nominated contact is supplied with only a private
                       email address all communications on this service will be sent to the Headteacher.)


After making a copy for your own records please send the completed form to:

Chris Seviour
ICT Technical Adviser
CSF: Standards and School Effectiveness
The Development Centre
Butterfield Road
Wheathampstead
Hertfordshire AL4 8PY

Or FAX to:
01582 830 222




                                                                       3

								
To top