Software as a Service

5 reasons why you should take Single Sign-on seriously

F2MKE BlogA recent report by the credit checking company Experian warned that the average online consumer had 26 separate online logins but just 5 different passwords.

Two thirds of people have accounts they no longer use but have not closed down, leaving them vulnerable, the research found.  Every week we learn about new and major hacks leading to the comprising of our usernames and passwords.

In July 2012 we have already heard about the ‘loss’ of 450,000 Yahoo identities, over 1 Million Android forum IDs, 20% of all Microsoft account credentials – where they had been reused on other websites – and LinkedIn hacked twice in as many months.

It is all too easy to reuse the same ID – typically your email address together with your favourite password – when registering with different websites online.  The problem – and the very real threat – is that it only takes one of these websites to fail in keeping that ID and password safe and suddenly your online information and access across many different websites is in jeopardy.  What’s more, you may not even realise until you go to apply for a credit card, loan, mobile phone, or mortgage and are refused.  Perhaps worse still, the debt collectors come knocking upon your door!  Even if you do discover that a website you use has ben compromised, can you really remember all of the websites that you signed up to using the same ID and password so that you can sign-in and change your login credentials?

Standards-based Single Sign-on is one killer tool in your defence arsenal!  The following 5 reasons pretty much cover the benefits of using the Single Sign-on technology Oauth for your social online world and Shibboleth if you are in the classroom.

Popular Oauth Identity Providers include Twitter, Facebook and Google.  For more about the prevailing Shibboleth standard in education, simply search this website.

Now for those 5 reasons:

1) When you connect to a new website, application, or service provider using Oauth or Shibboleth, your username and password is not shared with, or stored in, that provider’s system.  If it’s hacked, your ID and password stays safe.

2) It is good practice, alongside having a complex password, to change that password often.  In the Shibboleth and Oauth Single Sign-on model, you can do this just once and in one place resulting in all of your other online presences relating to this change.

3) If you suspect that your password has been compromised, as with (2), you change it once and in one place.  No need to try to remember what you’ve signed up for and how to get there!

4) A single username and password for everything leaves space in your memory for other things; like remembering to pick-up some milk, or the kids, on your way home from work.  Oh and less reason to write it down too!

5) There are SO many great online resources out there asking you to sign up.  Can you really trust the honesty and security of them all?  With true Single Sign-on you can register with the peace of mind that they haven’t got hold of your username and password – often they shouldn’t even need to ‘know’ other personal details such as your name.

So there you have it.  Single Sign-on together with a ‘strong’ and frequently changed password will keep thing more simple and more secure for your online adventures.

The quiet Google Apps and Chromebooks revolution

Over the past few weeks I have been assessing how best we can deploy and manage a set of Google Chromebooks to be piloted across a group of schools.  We already have an enterprise deployment of Google Apps for Education with approximately 130,000 users grouped into around 450 Organisational Units.  The entire user and organisational management is efficiently streamlined using the Systems Interoperability Framework (SIF); new users, transient users and leavers are all near-time captured through SIF making account management a breeze!

How does this work?  (1) The school Management Information System (MIS) is updated – pupils and staff intake, leavers, or changes – and modifications are transported securely via SIF and the (2) Zone Integration Server (ZIS) to the Identity Management (IdM) server.  Here users identities are matched or created.  (3) Then the identities are passed via SIF to the ZIS and then (4) on to Google Apps.

SIF Identity Management

Now here’s the cloud clever bit… Before deployment to your users, each Google Chromebook is registered with your organisation’s Google Apps domain using the management console.  Here you can define a multitude of policy options including which applications, or extensions, a user should, or should not, have access to.  Policies can be defined for different organisational units – pupils and staff, sales and marketing, etc. – and updated at any time.  Any user who signs-in in to any registered Chromebook will automatically receive the profile relevant to them.  Organisational Unit policy changes are automatically applied the next time a user signs-in, or after a set time period.

Chromebook Management

This is a fantastic example of how simple, powerful, efficient and cost effective cloud computing really can be.  No expensive domain servers to maintain and house.  No network intensive traditional roaming profiles.  Easy management from any place in the world with an Internet connection.  Flexible and mobile workforce and learners.

Cloud Computing for Slimmers

The emergence of slimline Operating Systems (OS) such as Jolicloud and Google’s Chrome OS, which focus upon delivering applications, file storage and security from the web, changes things.

Jolicloud

They herald the promise of much faster access to what we want and do the most – the web.

Think about it. No really, really think about it. When you boot your PC, laptop, tablet, or mobile device, what and where is it that you want to go fastest and first? Email? Information search? Apps that keep you productive or in the social mix? The probability is that all this stuff is now located on the web – in ‘The Cloud’. Even the files that you store, or media that you might want to share, are sitting out there in the ether…

So… Why on earth would you want to hang about waiting for your device to boot, figure out if it is up to date, virus scan gigs and gigs of inefficiently used, or unused, hard disc drive (HDD) space, nag you for reboots and oh, check if it is still up to date, etc., and so on?

What if your Operating System (OS) went on a diet? What if it was designed to get you onto the Internet and to all of the stuff that you want to do way faster? Maybe you could even stop worrying about losing your stuff, or protecting it from nasty intruders? How about you don’t need to think about changing your device, or upgrading your hardware, every couple of years?

These are just some of the things to start considering when looking at what the slimline and web focussed OS’ have to offer. Whether you are replacing your home setup, or if you are making decisions about a full-on enterprise alternative to traditional desktop solutions, you probably should consider the Cloud desktop.

Here are just a few reasons why…

1) An OS that is slimline, or small footprint, demands less of your device resources and thus – assuming the hardware keeps working – is faster for longer;

2) Less apps installed locally means fewer updates, reduced client management and backup and recovery headaches are pushed into the Cloud;

3) Why not combine a move to the Cloud with a reduction in Hard Disc Drive (HDD) space and device moving parts by phasing in Solid State Drives (SSD) – extended device life too?

4) Consider a support model that favours connectivity and capacity over the device and hardware – if most stuff is in the Cloud then issuing a replacement device is far cheaper – standard builds and courier swaps, as well as pushing identity management and authentication beyond the Local Area Network (LAN);

5) Do we need locally housed and managed servers anymore?

6) A slimmer OS is more likely to accommodate a lower powered device and hence, greener IT – oh and did I mention that you might be able to do away with local servers, related air conditioning and useful space?;

7) Web apps are increasingly device agnostic;

8) Flexible and mobile working combined with workforce reform can only thrive in this environment;

9) So… Sustainability, portability, cheaper and greener!

I’m leading a project to introduce and pilot a small number of Cloud focussed OS devices into schools and these are a few of the questions that I hope to answer. And that’s alongside assessing the real benefits that any of these sorts of ICT devices might bring to an education, or business, environment. So do follow me on Twitter, subscribe to my RSS feed, or keep coming back to see how these questions are answered in the real world.

I’ve focussed upon evidencing the delivery of cheaper desktop solutions here. But this is just one piece in the whole Cloud jigsaw. In my opinion, key to an overall successful Cloud strategy is data and / or information interoperability. You want all of these disparate Cloud apps to link together for the user’s sake! If you are reading this with interest and a watching brief, then whatever your current strategy is, start with open standards data interoperability! If you are in the education market then don’t miss SIF!

The Evolution of the Web

Whilst trawling for information on Chrome OS and its supporting devices to understand how these might be deployed and managed across a large estate, I stumbled upon this great interactive infographic, built in HTML5, which details the evolution of major web technologies and browsers.

The Evolution of the Web

 

http://evolutionofweb.appspot.com/

UK Government seeks a common infrastructure built on open standards

The UK Government’s Cabinet Office has announced a strategy to deliver real financial savings and efficiency gains through the agile implementation of an ICT infrastructure that will enable the reuse and sharing of our ICT assets.

In a move that is believed to reduce the high level of risk associated with large scale ICT projects, the infrastrtucture will build upon the successes of smaller projects that have transformed services through the use of common and open standards.  By encouraging and in some cases mandating the use of open standards, joining-up all of these pockets of smaller projects to form a supportive, comfortable and long lasting king size infrastructure mattress will be simpler.

Some key points to note:

The Government will push ahead with its agenda for data centre, network, software and asset consolidation and the shift towards cloud computing.

The standardised cloud platform will also allow developers, especially SMEs, to generate innovative solutions.

A common infrastructure based on open standards will allow for greater flexibility of policies and services delivered at lower cost and within a shorter timeframe.

The use of common standards can make ICT solutions fully interoperable to allow for reuse, sharing and scalability across organisational boundaries into local delivery chains.

The adoption of compulsory open standards will help government to avoid lengthy vendor lock-in, allowing the transfer of services or suppliers without excessive transition costs, loss of data or significant functionality.

Modern, knowledge-based service delivery underpinned by effective information architecture and open standards will support government to build more transparent, trusted and efficient information exchange processes.

Read more at http://www.cabinetoffice.gov.uk/content/government-ict-strategy

Barack Obama’s State of the Union Speech 2011 Wordled!

Barack Obama's State of the Union Speech 2011

Barack Obama's State of the Union Speech 2011

How much ICT infrastructure does a school really need to manage?

Let’s just start with servers…

A quick tally of the number and types of servers a typical secondary school might have sitting in a dedicated, no doubt air-conditioned, room resulted in this visual…

School Server Infrastructure Today

School Server Infrastructure Today

And a few of the disadvantages of this approach might be:

  • Some poor soul has to keep all of these running and somehow manage stay an up to date expert across a wide-ranging set of server services.
  • Each server is most likely running 24/7/365 at an average of around 200 watts – roughly £2.5k per annum in electricity bills alone and that’s quite a smelly carbon footprint to boot.

Provider: Scottish Power (Tariff: Premier Plus online, London)
Rate: 11.252 pence per kilowatt/hour
Rate last checked: 10th Sept 2009

And that’s without going down the whole maintenance and replacement, licensing and support costs. Nor factoring in stuff like resilience and security…

What if today looked something like this..?

School Infrastructure Today?

School Infrastructure Today?

A few of the advantages might be:

  • High availability resulting in high teacher confidence in the ‘invisible’ ICT.
  • Much lower total cost of ownership – subscription based access to services that you need and when you need them.
  • Flexible – add new and remove unwanted services with ease.
  • More space – no more dedicated server room.
  • Sweeter smelling carbon footprint.
  • Access from anywhere and at any time 🙂

Yeah right… But how do people login to the network?

They don’t. Ideally they single sign-on (online) into the services that they have privileges to access. Look at how you can link-up your accounts on many of the popular web based apps like Google, Flickr, Twitter, Facebook and so on and on and on… In education terms this would most likely look like using the UK Access Management Federation and Shibboleth for single sign-on.

But the web isn’t advanced enough yet to support all of the teaching, learning and management tools, apps and services that we need!

Sure it is! Just check out my Delicious bookmarks for a sample… Also check out Johannes Ahrenfelt’s blog for even more ideas!

Okay… But how on earth do I keep all of these disparate apps updated with the relevant info about students and staff?

How do you right now? A combination of many different and often bespoke or proprietary methods methinks? The Systems Interoperability Framework (SIF) is a promising option for education services. Get involved!

Yeah but what if our connection to the internet goes down?

Get some resilience. A fail-over connection maybe? Let’s face it, with all of those servers a potential weak point, the chances are that your internet connection is far more reliable than you might think!

What do you really think? Some good debate around this is very welcome 🙂

PS Would we still need a proxy server if, as is likely, most of the web traffic is encrypted across Secure Socket Layer (SSL) (port 443 / https)?

Google Apps integrated learning platform!

Well I guess that it was only a matter of time… But fresh into the Google Marketplace is Grockit…

In brief Grockit is a social platform for learning that provides students with collaborative real-time study rooms. There is content but this is aligned to US K-12 curriculum and college entrance exams.

Students with Google Apps can sign on to Grockit through their Google account to instantly join live online study groups with Grockit’s global community of students and expert instructors. Students’ Google Calendars will be synced with their Grockit study session schedule. Additionally, important documents will be automatically downloaded into their Google Docs.

There is an offer of free access until the end of 2010 but after this expect to see prices per user ramp up to a most likely unaffordable $99 per account :-S

It will be very interesting to see how this platform develops and whether or not there is an effort to get into the UK market…

Social media in schools

The following video from Teachers.TV provides a well-rounded overview of the risks and benefits of using social media within schools.

“The Internet is the first thing that humanity has built that humanity doesn’t understand, the largest experiment in anarchy that we have ever had.” – Eric Schmidt

We’re getting so impatient

The term Rat Race was originally coined in the 1930s – a dance to jazz music. It probably had nothing to do with the metaphor we use today which a quick Google suggests originated around the 1950s… Any advance on this is welcome.

But never has our need to keep up in this fast paced world been so great as today. I mean, the first thing I want to do when I boot up my computer is get on the internet and check my email, social networking sites and so on. Spare me the wait while all the unnecessary stuff chugs away loading up. I like a cup of tea to kick start my day, but seriously, my computer doesn’t need to wait while I make one!

Cup of Tea

And so, Michael Hart has made unofficial instant versions of Google Maps and Google Images to help satisfy our desire for instant everything; once our devices have finally booted up and found their way onto the internet that is. They are quick and get quicker still as the graphics cache on your device.

Have a look at Instant Images @ http://cdn.michaelhart.me/mh/instant_images/ and Instant Maps @ http://hartlabs.net/instant_maps/