WEBVTT 00:00:00.000 --> 00:00:02.980 Welcome to the Deep Dive. We take complex topics 00:00:02.980 --> 00:00:05.299 and really try to break them down for you. Today, 00:00:05.360 --> 00:00:07.480 we're diving into something that's, well, often 00:00:07.480 --> 00:00:09.939 invisible, but totally critical, how technology 00:00:09.939 --> 00:00:12.039 infrastructure actually gets managed in schools. 00:00:12.199 --> 00:00:14.179 It's like the hidden wiring keeping everything 00:00:14.179 --> 00:00:16.300 running. And for this Deep Dive, we're working 00:00:16.300 --> 00:00:19.100 from an article by Gary Ackerman, hashtag edtech 00:00:19.100 --> 00:00:22.280 for hashtag edleaders, managing users, resources, 00:00:22.460 --> 00:00:25.109 and data. Our goal here is to really unpack the 00:00:25.109 --> 00:00:27.250 strategies, maybe some surprising ones, that 00:00:27.250 --> 00:00:30.530 keep those school networks secure, working reliably 00:00:30.530 --> 00:00:33.310 so learning can actually happen smoothly. Okay, 00:00:33.310 --> 00:00:36.210 let's get into it. So you picture the big install 00:00:36.210 --> 00:00:38.789 day, right? All the shiny new tech arriving. 00:00:38.909 --> 00:00:40.689 But the article makes a strong point. It's not 00:00:40.689 --> 00:00:42.549 just plug and play after that. The real work, 00:00:42.609 --> 00:00:44.750 the intense effort, seems to start after everything's 00:00:44.750 --> 00:00:47.729 plugged in. IT folks then have to meticulously 00:00:47.729 --> 00:00:50.350 tweak device configurations. It's all about making 00:00:50.350 --> 00:00:53.490 the network secure, yes, but also robust and, 00:00:53.850 --> 00:00:57.090 um... dependable day -to -day. Right. And what's 00:00:57.090 --> 00:00:59.229 fascinating here is just how much detail goes 00:00:59.229 --> 00:01:01.229 into that. It's not trivial stuff. They're setting 00:01:01.229 --> 00:01:03.429 up who can log in. That's user authentication. 00:01:03.689 --> 00:01:06.530 They're granting access to servers, printers, 00:01:06.670 --> 00:01:08.950 other devices. Plus, they have to manage network 00:01:08.950 --> 00:01:12.290 addressing, IP addresses, and such, and tweak 00:01:12.290 --> 00:01:15.290 security constantly as devices come and go. And 00:01:15.290 --> 00:01:17.969 here's the thing. A lot of this, the really core 00:01:17.969 --> 00:01:20.450 stuff, is planned before a single cable is run. 00:01:20.689 --> 00:01:23.189 We're talking hours and hours of meetings, school 00:01:23.189 --> 00:01:25.549 IT people. and network engineers all hashing 00:01:25.549 --> 00:01:27.730 out the whole setup. It really is like designing 00:01:27.730 --> 00:01:29.829 the plumbing and electrical before you lay the 00:01:29.829 --> 00:01:32.230 foundation of a house. That makes sense. So once 00:01:32.230 --> 00:01:34.890 you have this complex network up and running, 00:01:35.329 --> 00:01:37.689 the next big question is who gets the keys? Which 00:01:37.689 --> 00:01:40.150 brings us to user accounts. The article points 00:01:40.150 --> 00:01:42.730 out permissions are based on your role. You know, 00:01:42.989 --> 00:01:45.310 administrators, teachers, students. Seems logical. 00:01:45.569 --> 00:01:47.530 And they even break down students into smaller 00:01:47.530 --> 00:01:49.950 groups. Organizational units or OUs like high 00:01:49.950 --> 00:01:52.629 school versus middle school. Why that extra layer? 00:01:53.000 --> 00:01:56.859 Oh, those OUs are really central to managing 00:01:56.859 --> 00:01:58.739 things efficiently. It's quite clever, actually. 00:01:59.019 --> 00:02:01.859 And it connects to another key practice. The 00:02:01.859 --> 00:02:03.799 network folks themselves usually have two accounts, 00:02:04.140 --> 00:02:08.259 a standard one for email, daily stuff, and a 00:02:08.259 --> 00:02:10.560 separate administrator account just for making 00:02:10.560 --> 00:02:13.169 network changes. It's about security. separating 00:02:13.169 --> 00:02:16.270 those powers. And those OUs, they let admins 00:02:16.270 --> 00:02:19.069 push out changes to whole groups at once. Instead 00:02:19.069 --> 00:02:22.009 of touching, say, 500 student accounts individually, 00:02:22.509 --> 00:02:25.189 you apply it to the middle school students, OU. 00:02:25.250 --> 00:02:27.490 Boom. Done. Right. That's a huge time saver. 00:02:28.050 --> 00:02:29.629 OK, but this part in the article really jumped 00:02:29.629 --> 00:02:32.569 out at me, the idea of not recording user passwords. 00:02:33.150 --> 00:02:35.219 I mean, isn't that risky? Seems counterintuitive. 00:02:35.379 --> 00:02:37.560 It does sound odd at first, yeah. But there's 00:02:37.560 --> 00:02:40.280 a really solid reason, and it comes down to accountability, 00:02:40.620 --> 00:02:44.099 digital accountability. So picture this. An admin 00:02:44.099 --> 00:02:46.719 needs to log in as a user, maybe to fix something 00:02:46.719 --> 00:02:49.159 weird, or maybe they need to lock the user out. 00:02:49.180 --> 00:02:50.979 For some reason, they can change the user's password 00:02:50.979 --> 00:02:54.039 temporarily. Then the user gets a one -time password 00:02:54.039 --> 00:02:56.500 from the admin to get back in, and they have 00:02:56.500 --> 00:02:59.620 to set a new private password immediately. The 00:02:59.620 --> 00:03:03.030 critical part, the why, is about privacy and 00:03:03.030 --> 00:03:05.909 responsibility. If the admin changed the password, 00:03:06.389 --> 00:03:08.889 the user was locked out. They physically couldn't 00:03:08.889 --> 00:03:11.330 have done anything during that time, so they 00:03:11.330 --> 00:03:13.449 can't be blamed for actions taken under their 00:03:13.449 --> 00:03:16.229 account when they didn't have control. Once they 00:03:16.229 --> 00:03:18.250 reset it, they're back in control and responsible 00:03:18.250 --> 00:03:20.849 again. It builds trust, actually, and provides 00:03:20.849 --> 00:03:23.590 a clear audit trail. That's actually pretty smart. 00:03:23.889 --> 00:03:25.930 So it's not just about who logs in, but also 00:03:25.930 --> 00:03:27.909 controlling the actual computers and devices. 00:03:28.409 --> 00:03:31.340 IT admins can tweak those from... like a central 00:03:31.340 --> 00:03:33.800 command post. Sounds very efficient. Oh, absolutely. 00:03:33.900 --> 00:03:36.680 It's standard practice. Think about sending out 00:03:36.680 --> 00:03:38.939 operating system updates to hundreds of machines 00:03:38.939 --> 00:03:41.639 or installing new software, updating apps, setting 00:03:41.639 --> 00:03:44.419 up printers, all pushed out from a central server. 00:03:44.599 --> 00:03:47.120 Wow. And just like users, computers can also 00:03:47.120 --> 00:03:50.099 be put into OUs. So need to update all the machines 00:03:50.099 --> 00:03:52.599 in the library's computer lab, apply the change 00:03:52.599 --> 00:03:55.699 to the library computer's OU much easier. And 00:03:55.699 --> 00:03:57.500 that remote access capability you mentioned, 00:03:57.919 --> 00:04:00.620 controlling devices from far away. Yeah. That 00:04:00.620 --> 00:04:03.159 must be incredibly valuable. It's a total game 00:04:03.159 --> 00:04:05.580 changer, especially, you know, for districts 00:04:05.580 --> 00:04:08.300 covering a large area. If it's set up right, 00:04:08.460 --> 00:04:11.000 someone with the device's IP address or name 00:04:11.000 --> 00:04:14.379 can log in remotely using special software. So 00:04:14.379 --> 00:04:17.060 a tech in the central office could troubleshoot 00:04:17.060 --> 00:04:19.800 a teacher's computer in a school miles away. 00:04:19.949 --> 00:04:23.509 I actually remember a situation, this is rural 00:04:23.509 --> 00:04:25.930 school, way out there. They called, convinced 00:04:25.930 --> 00:04:28.670 the network was totally down. I used remote access, 00:04:29.189 --> 00:04:31.389 jumped into their main server, and well, it turned 00:04:31.389 --> 00:04:33.810 out someone had just unplugged the main router 00:04:33.810 --> 00:04:36.850 to charge their phone. Oh, seriously? Yep. Saved 00:04:36.850 --> 00:04:39.370 me what would have been like a three hour drive, 00:04:39.389 --> 00:04:42.250 got them back online in minutes. It lets IT staff 00:04:42.250 --> 00:04:44.810 be almost in two places at once. Huge efficiency 00:04:44.810 --> 00:04:46.889 gain, cuts down travel, especially for those 00:04:46.889 --> 00:04:49.290 spread out districts. It's fundamental tech now. 00:04:49.449 --> 00:04:52.029 So the network's built, users are managed, devices 00:04:52.029 --> 00:04:55.329 controlled, smooth sailing from there. Probably 00:04:55.329 --> 00:04:57.889 not, right? The article emphasizes this constant 00:04:57.889 --> 00:05:00.709 battle against network degradation. Even good 00:05:00.709 --> 00:05:02.870 systems wear down. That's just the nature of 00:05:02.870 --> 00:05:06.250 complex systems. Yeah. So maintenance is ongoing. 00:05:06.829 --> 00:05:10.889 A big part is keeping software updated. The OS, 00:05:11.449 --> 00:05:13.649 applications, drivers, those little bits of code 00:05:13.649 --> 00:05:16.850 that let things talk to each other. But updates 00:05:16.850 --> 00:05:19.449 aren't always perfect. Sometimes they cause new 00:05:19.449 --> 00:05:21.550 problems, conflicts you have to hunt down and 00:05:21.550 --> 00:05:24.810 fix. And while hardware failures, like a server 00:05:24.810 --> 00:05:27.490 suddenly dying, do happen, it's often the slow, 00:05:27.689 --> 00:05:30.470 gradual degradation that causes those frustrating, 00:05:30.629 --> 00:05:32.529 intermittent issues. Yeah, the annoying stuff. 00:05:32.910 --> 00:05:35.709 Exactly. And when a device does fail completely, 00:05:35.949 --> 00:05:38.970 having a really good up -to -date network map, 00:05:38.970 --> 00:05:41.589 like a blueprint, is invaluable. It helps you 00:05:41.589 --> 00:05:43.730 configure the replacement quickly and get everything 00:05:43.730 --> 00:05:45.490 stable again. But sometimes it's bigger than 00:05:45.490 --> 00:05:48.019 just one device failing. What about... Well, 00:05:48.199 --> 00:05:51.120 disasters, fires, floods, major outages. This 00:05:51.120 --> 00:05:53.019 brings up, yeah, a really critical point for 00:05:53.019 --> 00:05:55.259 any organization, not just schools. Disaster 00:05:55.259 --> 00:05:57.660 recovery. The article puts it plainly. It's when 00:05:57.660 --> 00:06:00.879 not if. You have to have a plan. And that plan 00:06:00.879 --> 00:06:03.220 can't just sit on a shelf. It needs to be clear, 00:06:03.480 --> 00:06:06.300 written down. Key people, tech leaders, school 00:06:06.300 --> 00:06:09.879 admins need to know it inside out. And crucially, 00:06:10.240 --> 00:06:12.100 you need to follow it when things go sideways. 00:06:12.500 --> 00:06:15.709 A huge piece of this is backups. off -site backups, 00:06:16.029 --> 00:06:19.350 redundant backups. Your data, your systems stored 00:06:19.350 --> 00:06:21.990 somewhere safe away from the school site. A lot 00:06:21.990 --> 00:06:24.290 of schools actually pay specialized companies 00:06:24.290 --> 00:06:26.230 for this now just to ensure they can get back 00:06:26.230 --> 00:06:28.470 up and running. It's about continuity. Learning 00:06:28.470 --> 00:06:30.689 can't just stop. Absolutely. And thinking about 00:06:30.689 --> 00:06:33.670 the future, IT managers aren't just fixing things. 00:06:33.949 --> 00:06:36.329 They're looking at upgrades, new systems, making 00:06:36.329 --> 00:06:38.329 sure, I guess, that new stuff plays nice with 00:06:38.329 --> 00:06:40.930 the old stuff. Sounds like a headache. It definitely 00:06:40.930 --> 00:06:43.910 can be. Compatibility is a constant worry. You 00:06:43.910 --> 00:06:47.290 often see major issues pop up when, say, an operating 00:06:47.290 --> 00:06:49.589 system gets old, reaches its end of life and 00:06:49.589 --> 00:06:52.209 has to be replaced. Nothing supports it anymore. 00:06:52.430 --> 00:06:54.709 And the article highlights two groups that often 00:06:54.709 --> 00:06:57.509 feel this pain the most. Really small schools 00:06:57.509 --> 00:06:59.930 and those who jump on new technology very early, 00:07:00.069 --> 00:07:02.790 the early adopters. For small schools, there's 00:07:02.790 --> 00:07:04.949 this lock -in problem. They might have bought 00:07:04.949 --> 00:07:07.509 cheaper student information or accounting software 00:07:07.509 --> 00:07:10.089 years ago. Maybe stuff that wasn't updated much. 00:07:10.430 --> 00:07:13.050 Just save money initially. Exactly. But then 00:07:13.050 --> 00:07:16.629 switching to a newer, better system becomes incredibly 00:07:16.629 --> 00:07:19.029 expensive and difficult. They're kind of stuck. 00:07:19.110 --> 00:07:21.550 It's that classic trade -off short -term savings 00:07:21.550 --> 00:07:24.279 cause long -term pain. So wrapping this up, what's 00:07:24.279 --> 00:07:26.579 the big takeaway? We've gone from network setup 00:07:26.879 --> 00:07:29.879 user accounts, device control, all the way to 00:07:29.879 --> 00:07:33.300 maintenance, disaster planning, upgrade challenges. 00:07:33.420 --> 00:07:36.279 It really drives her how complex this behind 00:07:36.279 --> 00:07:39.199 -the -scenes IT management is in schools. It's 00:07:39.199 --> 00:07:41.139 a vital work that most people probably never 00:07:41.139 --> 00:07:43.279 even think about. Absolutely. It's the invisible 00:07:43.279 --> 00:07:45.720 framework that lets education happen in the digital 00:07:45.720 --> 00:07:47.800 age. So for you listening, maybe think about 00:07:47.800 --> 00:07:51.199 this. How do these ideas managing users, resources, 00:07:51.319 --> 00:07:53.980 data show up elsewhere? In your workplace, maybe? 00:07:54.189 --> 00:07:56.509 Or even just in how you manage your own digital 00:07:56.509 --> 00:07:59.250 life, your own accounts, devices, backups. What 00:07:59.250 --> 00:08:02.269 strategies do you use consciously or not? And 00:08:02.269 --> 00:08:04.430 maybe more importantly, where are the potential 00:08:04.430 --> 00:08:06.930 gaps? What part of your own digital architecture 00:08:06.930 --> 00:08:09.089 might be a bit shaky? Just some food for thought 00:08:09.089 --> 00:08:10.629 as you navigate your own connected world.