So 2020…
It’s impossible to review what has been done the last few months without mentioning the elephant in the room: Covid-19. It is still our new normal and we’ve had to adapt so quickly and there has been so many changes that it’s easy to lose sight of it all. This is one of the reasons that prompted this newsletter. In IT, the urgency of the situation has forced us to manage changes and fixes much faster than we usually do, either because it had to be done for “yesterday” or because we needed to move on to the next big Covid related thing quickly to make sure the school could remain opened and as safe as it could be. Karl and I are fully aware that doing things with such haste, can be detrimental to you all and it is a constant struggle to get the balance (if any) right. We both feel very lucky to have such a supportive and understanding team during this pandemic. Nobody has bitten our head off yet and we are very appreciative of that. 🙂
The first Lockdown – Part 1: The risks when working from home
With employees having to work remotely, impersonation fraud, phishing attacks, virus attacks and ransomware attacks have seen a sharp increase.
There are many reasons for their success: lack of security in a home environment (firewall, antivirus, shared computer…), not following the same safety guidelines at home because of time pressure (https://www.zdnet.com/article/cybersecurity-half-of-employees-admit-they-are-cutting-corners-when-working-from-home/)…
But this is changing. On Youtube and Reddit, many home owners concerned about security are slowly becoming a “network enthusiast” and turning to enterprise grade security. This is a sign of the times, but without becoming a security expert, there is a lot you can do!
Checklist when using a personal computer:
Software Updates
- Is Windows/OSX up to date? If you can’t update because you have no space, make some space urgently and update.
- Are all the pieces of software on my devices up to date? Updating software brings new functionalities but also fixes bugs and security holes. Anything you do not use, just remove it.
Hardware updates
- Are all the network devices up to date? If it’s connected to the network with ethernet cable or Wi-Fi, check if it can be updated. If you can enable auto-update, do.
When I say all devices, I mean it. Your TV? your smart thermostat? Your connected lights? Anything. Like software updates, hardware updates often bring new functionalities, so it might improve your user experience… win-win. 🙂
Security
- How many people can administer the computer and network devices? Is it required for all?
- Are the users on my computer (especially administrators) secured with a strong password? On PCs, is “Window Hello” enabled?
- Are there any users still on your device(s) that shouldn’t exist anymore? For example, an account created by a repair shop. Yes? Delete them.
- Do I have an antivirus, is it licensed, working and up to date?
- Do I have a software firewall, is it licensed, working and up to date?
- Does my broadband router provides a firewall, is it “on”?
- Is my Wi-Fi secured with WPA2 or (better) WPA3 (if it is insecure or using WPA or WEP, change it to WPA2 as a minimum!)? Wi-Fi encryption is especially key if you use IP cameras / babycam / CCTV in your home as you don’t want anyone watching the feed.
- if you have children who are gamers they might try to convince you to set their device in the DMZ (Demilitarised Zone) on your broadband router (or they might have done it without you knowing). You should be aware that the device will then not be protected by your router’s security measures and that all ports will be opened, which is a major security risk. It is a misconception that DMZ is a requirement, at best, it should only be used for testing.
- Built in Parental control on PCs, Consoles… can also improve security on top of giving you more control over what your children can or can’t do online. There are even apps for you to take control in real time (xbox, switch… some Wi-Fi products…).
Let’s talk about Flash…
Flash won’t be supported by Adobe anymore: Adobe Flash end of support on December 31, 2020 – Microsoft Lifecycle | Microsoft Docs
Flash will not be supported by various companies within their internet browsers (Chrome, Firefox, Internet explorer, Edge…).
https://wccftech.com/microsoft-begins-killing-adobe-flash-player-kb4577586-manual-update/
https://www.blog.google/products/chrome/saying-goodbye-flash-chrome/
Let’s talk about Chrome/Edge…
Microsoft Edge is now based on Chromium, the same as Chrome.
But Edge also brings a wealth a features that are specific to it (like better integration with Office 365). It is also integrated by default in Windows and will replace Internet Explorer long term.
For this reason, we will shift from using Chrome to using Edge. Migration to be complete during Summer 2021.
Let’s talk about Wi-Fi…
Do you have bad Wi-Fi at home? If you are using the Wi-Fi from your broadband router, it might not have the reach to cover the whole house.
The other things to check are…
- which Wi-Fi channel you and your neighbours are using. You don’t want to be on the same one. Some free mobile app can show you the channels in use around. Watch this video: https://www.youtube.com/watch?v=X3ykmJco-kI
- What frequency (2.4ghz? 5ghz??) Read this: https://kb.netgear.com/29396/What-is-the-difference-between-2-4-GHz-and-5-GHz-wireless-frequencies
- What networking standard? Wi-Fi 5 (802.11ac)? Wi-Fi 6 (802.11ax)? both are good, forget anything older than these two and only pay the premium of Wi-Fi 6 if your devices are compatible (Note: Wi-Fi 6e is coming soon).
The new trend for home is to get Mesh Wi-Fi, each points communicates with each other which simplifies installations (Note: some mesh systems are pricier because they have a dedicated antenna to communicate with each other).
Websites:
- https://haveibeenpwned.com/
- How to look your best on a video call: https://www.theverge.com/2020/4/8/21202907/zoom-tips-video-call-lighting-audio-look-your-best
The first Lockdown – Part 2 : Phishing and MFA
The rule of thumb is to be extremely careful when providing your credentials (if you are already logged in in Office 365 and in Azure information protection, be suspicious if you get asked credentials again) and if you believe you have provided your credentials to a hacker, then change your password ASAP and contact IT.
One way to prevent attackers from using illegally obtained credentials was to use Multi Factor Authentication (MFA) that required an additional check on top of your password. This change was widely recommended by security agencies and by our DPO, Judicium.
In fact, you shouldn’t just use MFA for work. Use it everywhere, especially shopping/banking websites (eBay, Amazon, Paypal…) or anything else with sensitive data (Facebook, twitter…).
Do not use the same passwords between accounts. If one set of credentials gets compromised, usually hackers will then try these credentials on the most common websites.
Do not re-use passwords. if your account was once compromised, this password will be known to hackers. Don’t assume your accounts have never been compromised. Companies don’t usually advertise when they’ve been hacked and major companies got in trouble for keeping it a secret. The website to check if your accounts were compromised is https://haveibeenpwned.com/
As always, make your password hard to guess. The school still recommends 8 characters minimum (with letters, numbers, upper case, lower case and special characters) but security experts seem to believe 12 should now be the recommended minimum number of characters.
Securing classroom displays
The basic rule is: avoid mirroring your screen as you might accidentally show confidential emails or sensitive data on Arbor.
Laptops for Teachers and remote parents evenings
With parents’ evening going online and teachers having to travel between bubbles, the school decided to provide laptops to all teaching staff.
If somehow you didn’t get one yet, please talk to us.
If you are a new teachers starting in NKS, come to IT and ask if we still have some stock! 🙂
New Staff Rooms
Of course, with so many of you not having a base to call home, we had to create some spaces. B01 temporarily became a staff room but then reverted back to a classroom. The caretakers refurbished D03 (you can access it from the canteen) and B24 also became a staff room. We now have a total of 4 staff rooms. All of them but S09 have computers. Wi-Fi is available in all 4 rooms. See the map below.
Note (2022): D03, now P03, is not a staff room anymore. Same for B24, now repro.
Seating plans on Satchel One
Covid, once again, made us re-think our process and, specifically, how we could centralise seating plans and make it easily available in the event of a Covid case.
This will not only benefit Covid tracking but it will also help regarding vandalism. On this note, please remind the students to report any damage as they sit down, this will help to identify those who go around the school punching screens or removing keyboard keys…
Templates were created for each rooms.
If a template is incorrect or if you have suggestions, please contact IT.
Microsoft Teams
A lot of work has been done in the background for Teams but none better than the training materials created by our Microsoft Expert Extraordinaire, Matt Gowen. If you haven’t yet, check them out here: http://bit.ly/NKSStaffGuides
Conclusion:
Like I said, it is easy to lose track of it all, but when you start listing all these changes, it becomes evident there were many IT changes impacting your day to day life on top of everything else you have to deal with. Change is always challenging and usually requires careful planning and implementation, but time was of the essence and lives – not something I thought I would ever say – were in the balance, so we ended up with a lot of changes in one year.
I started this newsletter in November. America had just celebrated Thanksgiving and said what they were grateful for… It’s now December but let’s!
I can’t emphasize enough how grateful Karl and I are to see everyone getting on board every time we take IT in a new direction and for all your patience and kindness working with us on these urgent projects even though you are all super busy with the implementation of a million new Covid rules. So yes, Kudos to you all, you’ve been amazing.