As a manager in a schoolhouse, do yous allow your teachers to install software on a school's computer? Or do you prevent them to practise and so to avert risky software?
The aid desk software for Information technology. Free.
Track users' Information technology needs, easily, and with only the features you demand.
140 Replies
Brand Representative for AdRem Software
I never worked equally an admin for a school, just I'm very skillful friends with a guy who's been running a network for a K-12 schoolhouse district. In short - no.
It'south a licensing nightmare ("oh, I just reused this copy of Microsoft Office...") and since there are shared folders/drives, any malware a teacher would go, would be immediately passed on to other machines (especially ransom-ware). On meridian of that, improperly installed or configured software volition terminate upward on your line of back up in the end.
Thanks for expressing your thoughts. I was feeling every bit a Sheriff over here, but information technology looks like this is the right road to follow (at least for safe)!
Thanks
EBS Estimator Services is an IT service provider.
No no no no no no no no no.
No.
Nope.
Nonononononononononononononononononononononono.
Err nope......licensing is an issue. If there is a requirement for them to install software on an advertizement hoc basis, if you lot take SCCM you lot can annunciate what software they are allowed.
Comcen is an IT service provider.
I would imagine that not allowing anyone but the School's IT grouping to install anything is the only way to go for school PCs/Laptops. The liability and licensing precludes any other arroyo, IMHO.
Letting teachers onto PCs is dangerous at the all-time of times, nevermind allowing them to install software.
Letting ANY "non-admin" install software on computers is request for trouble. They may install something that violates the license, something that they downloaded illegally, something that causes issues on the network or introduces virus/malware, causes the system or network to be unstable, etc...
I have worked in a K12 environment since 2000. Nosotros accept never allowed the stop user to install annihilation. At first, they were able to (nosotros had just started with a fundamental IT staff and had to gain control of the computers), but that only caused issues. Software licenses were out of compliance, computer labs were "imaged" using OEM versions of Os instead of the correct Enterprise versions, shareware galore, not-standard setups, the list goes on.
Part of the Information technology person'southward chore is to make sure the systems are stable and software is properly licensed. If you have an "Academic license" understanding with Microsoft, you should be able to use 95% of the MS software. If and then, await into SCCM for software distribution and arrangement management.
..and of course once you start giving out access rights, the students inevitably get that admission.
How, exactly, would you manage licensing bug?
Why would you lot allow unknown software on your network?
I work for a police force firm and I had an attorney lament to high heaven that he needed admin rights on his PC. Upon investigation I discovered what he wanted to practice was put an educational activity licensed copy of Power Point on his PC (it was a version newer than what we had). He was very indigent when I explained it was non legal to put that software on our PC, merely in the end, I won out.
Contrary to all these mail service I work for a very big district, 106 schools 83K users. 55+Chiliad computers.
The schoolhouse I work at has 1300 computers, 102 teachers- on 110 computers for teachers.
I let them be admin on their computers- Why? I could not keep up with it if I did non. A tech at a smaller school took the admin rights abroad from their teachers and it was a nightmare.
Concern 1- virus- we have AV installed all though non are perfect and volition terminate everything if a user gets infected they lose everything because I wipe and reload, they are trained not to install anything without checking with me beginning. They know that I install all the needed software.
Concern two- United nations licensed copies of software- since I install all the district approved software they should not be installing it. I use Spiceworks inventory to run scans and report whatever new software installed, I research information technology and if need exist I uninstall it notify Primary and district way they did. If it continues then I remove their rights on the computers.
Educate them on what to do and what non to do. If they cannot be educated and follow the rules so have it away on a case by instance basis. Only to bare say no is very short sighted, not existence admin may work at a small elementary school but would non work at a big high school.
I was Internet Admin for a local college for v years and while I was there we did not let anyone exterior of the It department install software. If you always go audited information technology won't matter who installed the software, the school will be responsible for any fines. We didn't grant Admin privileges to anyone which inherently blocked software installation.
There were over 2500 users and 650 computers (210 of which belonged to faculty). We used Deep Freeze to lock downwardly the lab machines so they were never an upshot.
Edited Mar 27, 2017 at 12:32 UTC
I tend to agree with JohnABarbuto on this one. I think it depends on your goals for the computers. Does your school have any kind of ambitious ed-tech plan or program or do the teachers just use the computers for word processing, web access and PowerPoint? If information technology is the former, then I recollect they demand to feel as much ownership of the computers as possible, inside the bounds of supportability and legality. Students, also, though of form there are lots of other factors at play there.
I oversaw ane-one Tablet PC programs (the original name for the digital ink enabled Windows computers) at my last iii schools over virtually thirteen years and in each case we encouraged faculty specially and students equally much as possible to consider the reckoner their primary device. This was crucial to the success of the programs. (Well, at least the 2 that were successful. The attempted program was ahead of the engineering science the first time around.) That said, I did *not* have anyone running as admin on their computers, but nosotros did provide a second admin business relationship to faculty to let them to install software with the caveat that we only supported school-issued software and if a reimage was required for any reason (especially if their software screwed upward the computer) we would not reinstall their stuff, just the default image. We would do installs for students, within reason and equally time immune.
If teachers (and students) cannot do what they need to exercise on the schoolhouse computer, they will but use it for what they must and will revert to a different device for near things. I think this stifles programs. They aren't familiar with the schoolhouse computer. They don't experiment with the software on it because they only go on it when they have something they accept to do. They resent having to utilize it. (Over-generalization, but I have seen it.) All counter-productive to a solid ed-tech program.
Educational activity well-nigh condom and good practices is key, equally are clear ground rules for what happens if they hose the system, and so look them to exist responsible.
One thing to note, yous did not say if you were in public instruction or private education. Huge difference. Public Pedagogy y'all have many hurdles, Teachers Unions, Principals, District rules, DOE-Department of Education rules. to follow and abide past, information technology is a tightrope for It or ET at all-time. No matter what "best practice" maybe sometimes it comes down to what the teacher wants or needs to do his or her task and brainwash the student and that one statement rules supreme for the Principles and District School Board. I take been at this school for 5 years, I have seen merely iii infections- twice by the same teacher, she lost her admin privileges. I take found one slice of improper licensed software which was promptly removed and the instructor was given a exact reprimand and I explained it and information technology has non happened since.
Yes Microsoft best practise is to just give admin access to those who need it, but many of the vendors assume that instructor are admin on their computers and write software to run as such. Then in the stop information technology is needed, although maybe not best practice.
I like the thought of allowing the teachers to be the admin nevertheless the same computer may be used past others, staffroom is skillful example so assuasive them to scramble the calculator is not adept as it may affect other people work. Moreover teachers have access to department folder on the server, hence each instructor may disrupt other same-department teacher's piece of work over the shared folders if a delete-everything malicious software is being inadvertently run.
used to work for a school district and this answer is like shooting fish in a barrel....NO NEVER NOT HAPPENING
I currently work for a pocket-size school district. 500+ Staff, 1500+ computers. Before I arrived all the staff had admin rights. Needless to say I clamped down on that quickly. Out of the 500+ staff only well-nigh ten have local admin rights and that's only because of some old poorly written programs crave it. We try to practise the least permissions principle were nosotros tin. After the commencement few weeks afterward implementing this change everyone pretty much quieted down. Overall I'd say our management and command over the district pc's is markedly improved since the change. We've besides gotten very strict on having them put in tickets when they have issues, outside of emergencies of form.
I work for a Public K12 Commune and I say hell no. In our district I am in charge of software deployment, inventory, and licensing/copyright compliance (too as other duties). Our district is ~315 staff, 1300 students, 1400 Windows devices, and 700 Chromebooks. All of our users (outside of It) take standard permissions and nosotros have no issues. In past years I have installed whatever non-standard software by manus over Summer (when we re-paradigm all our computers). This year, I am implementing user-specific deployments through SCCM. This will allow me to "advertise" software through Software Center and permit users cull to install information technology. This way the software will still need to be vetted past me and nosotros won't have any issues with licensing because likewise many staff are using limited software.
I'm curious what your users need admin rights for? You noted that software yet needs to get through y'all.I let them be admin on their computers- Why? I could not go along up with information technology if I did not. A tech at a smaller schoolhouse took the admin rights away from their teachers and it was a nightmare.
Business organization 1- virus- we have AV installed all though non are perfect and will stop everything if a user gets infected they lose everything because I wipe and reload, they are trained not to install anything without checking with me first. They know that I install all the needed software.
Business organisation 2- Un licensed copies of software- since I install all the district approved software they should not be installing information technology. I utilize Spiceworks inventory to run scans and report any new software installed, I enquiry it and if need be I uninstall it notify Principal and district fashion they did. If it continues and then I remove their rights on the computers.
Absolutely non.
For a couple of reasons: licensing - as mentioned earlier, buying - who is responsible for the upkeep of these randomly installed apps. If a teacher jeopardises the use of a machine\s with a dodgy app the tech is always held responsible for its downtime, non the teacher who invariably will not hold their hands up when questions are asked. The downtime can impact a lot of other lessons the said teacher will not realise - they usually have only a (quite rightly) narrow focus on their own subject\projects.
Nosotros insist on a quick evaluation of whatsoever apps and ready them up in SCCM where possible for deployment so we tin can keep control of where and when the are installed.
Nosotros have likewise had to limit printer install access as teachers were hogging the large reprographics dept. printers, for even small jobs, at the expense of huge postal service-outs to parents etc. withal once more causing huge time delays and inconvenience to others.
Too beware of information usage - teachers love "sharing" (duplicating) instruction videos whilst keeping their ain copy every bit well - we had a 42% space savings rate later deduplication evaluation due to "shared resources" beyond the loftier schoolhouse.
No.
It's not just risky software. It'due south about retaining command of the systems, software and compliance. Once there is unwanted software, that may well crusade all sorts of compliance and licensing issues, as well as introducing technical problems. The reckoner belongs to the school and is there to assist them do their job. If in that location are too many PCs to manage, then implement systems to streamline management - opening all of them upwardly then every system is dissimilar does non reduce TCO or help management and troubleshooting in any way. How can I confidently test and deploy a new awarding or upgrade to 100 or 1000 systems if they are all dissimilar?
In that location may be a handful of staff that require a special approach, perhaps even admin rights (if an app demands it, not them), but do non give admin admission to anyone or without consideration and justification. Heck, I'1000 the SysAdmin and I don't accept it.
Privacy and data protection. How much practise yous want that information secured? Information technology'due south non just about installing software, just admin rights allowing all sorts of other unauthorised changes to take place. How much practise you want that user's unabridged music drove replicating to the network and opening copyright issue because they 'needed to install itunes'. How much do you want to explicate those dodgy copies of Autocad or Office when you next get audited?? How much do you want that torrent software on your network downloading who knows what? I couldn't get my software to install properly so I disabled the anti-virus, only temporarily, y'know...
Who is responsible for these systems? The school, yeah. And yous.
But no.
Prior to my time here at a non--turn a profit, in that location were "admin" users added to each PCs Administrators grouping. I was told they needed this access so they can install school software etc. It turned out they would ship a ticket for any installation they needed anyway and ended upwards installing all kinds of junk on their PCs like toolbars and other crap. I bought PDQ Deploy and took abroad this "privilege" that they driveling.
This topic has been locked past an administrator and is no longer open for commenting.
To go along this give-and-take, please ask a new question.
DOWNLOAD HERE
Source: https://community.spiceworks.com/topic/1978765-allowing-teachers-to-install-software-on-school-pcs
Posted by: juradocueen1985.blogspot.com