Embracing Consumerisation of IT in EducationIntroduction For many years IT departments in education institutions from schools to universities have been working hard to standardise their systems by reducing the number of supported Operating Systems and hardware device types across campus. There have been many internal battles won and lost to centralise IT procurement across campus, and many senior staff told “No you cant connect that to our network, we wont support it”. Well times, they are a-changin and this new era is known as Consumerisation of IT and it seems to go against the very principals we have been striving so hard to implement. Organisations that are brave enough to adopt this new world of working are seeing many benefits that come with providing less IT resources out of school coffers. But there are many things that need to be considered and thought through before fully making the move. Despite this, Consumerisation of IT isnt a Microsoft initiative nor is it something we actively promote. In fact, arguably it could potentially negatively impact our current licensing models and revenues. This is an industry wide phenomenon and Microsoft is positioning itself strongly at the centre. With the aim of helping our education customers provide the best possible user experience to their staff and students regardless of device, in a well-managed and secure way. This paper attempts to highlight some key areas of consideration and explores some technologies that can enable this transition to take place.
Embracing Consumerisation of IT in EducationConsumerisation of IT in Education Consumerisation of IT hasnt happened overnight, it has evolved over a period of time and is largely down to three things: • Choice – a greater variety of devices, form factors and operating systems • Cloud – many more services running in the cloud • Connectivity – we are connected most of the time, wherever we are As with all new IT Initiatives Consumerisation introduces a host of new acronyms. COIT (Consumerisation of IT), BYOC (Bring your own computer), BYOD (Bring your own device), BYOPC (I am sure you can guess this one) to name but a few. The move to support consumerisation is being discussed in many of our education institutions in the UK, many of whom are already embracing consumerisation and seeing the benefits. With a groundswell of passionate students, academics and admin staff looking to embrace the COIT, if you havent already had the conversation, be prepared…Key Considerations Institutions considering the move to support COIT have many things to consider. First and quite simply, it is important to understand your users and their needs. A good way to approach this is to profile a cross section of your institution, including both staff and students, in order to get a firm understanding of all the situations and apps used by the core stakeholder groups. With a holistic understanding of what devices and applications are used across the institution on a day to day basis in place, it is then important to be mindful of both the data being accessed and the device requirements of the applications used. For example, will they work equally well on a slate or laptop. Secondly, you need to understand your data. This is particularly important around the concept of sensitivity and where the data is both stored and accessed. Then there is the scope of the project – will it be for students, staff or both? Will you start with a small pilot. How will you measure the success of the project? Will you be prescriptive about what types of devices are allowed/supported? Many questions need to be answered! In terms of purchasing equipment – would you consider introducing a financial support package, i.e. buy new device from the school/college/university and pay it back over a 12 month period with support included?
Embracing Consumerisation of IT in Education You will also need re-define your support model – what level of support will you provide, if any, to personally owned devices?Software as a Service One of the key enablers for COIT is the growing number cloud based applications and services. Much of the software available from Microsoft is now available as a cloud hosted service. A great example in Education is Live@Edu which provides free email, calendaring and collaboration functionality and is completely free to education organisations. Office 2010 also embraces the cloud with a great combination of software and services. It is worth exploring this in more detail. As with previous versions, Microsoft Office 2010 is still installed locally on your PC, this provides all the rich functionality you have come to expect from Microsoft Office and works equally well with or without internet connectivity. In addition there are now Office Web Apps - which are lightweight web-based versions of Word, Excel, PowerPoint and OneNote. The Office Web Apps have the same look and feel as their fully installed counterparts (albeit with less functionality) but they work in the browser, with most major browsers supported. When we combine these versions of Office with a centralised storage service such as Windows Live SkyDrive or SharePoint, it opens up a plethora of possibilities. Lets look at an example… As you are probably aware, Windows Live SkyDrive is a completely free storage and collaboration service which provides users with 25GB of online storage and the ability to create folders and share them by defining access permissions. So lets imagine two students, Peter and Jane who are working together on a project. Peter is working on his own laptop at home, running Windows 7 with Office 2010 installed locally. Jane uses a Mac with no MS Office installed. Starting the project, Peter creates a new folder on his SkyDrive with and also grants Jane the read and write permissions on the folder. He then creates an Excel workbook using his locally installed rich client, and uses functionality including pivot tables, pivot charts and sparklines. Peter saves the document to the project folder he created on SkyDrive. Interacting with SkyDrive, shared storage is integrated into Office 2010. From the File menu, under Save & Send, there is an option to Save to Web. This connects directly to the users SkyDrive account and shows the file structure directly from the cloud. The file is now saved on SkyDrive and can be accessed by both Peter and Jane.
Embracing Consumerisation of IT in EducationWorking on her Mac, Jane accesses the Excel workbook via her browser - and importantly even though sheis using the Excel Web App - with the lighter weight feature set, full fidelity viewing is preserved.In the screenshot below, Jane can alter the cell values - and the Sparklines (in Column H) will update andreflect the changes made - even though Jane cannot create Sparklines directly in the Web App.The following day, they both need to work on the document at the same time. Jane is at home and opensthe Excel workbook from her Safari browser. Peter is working on a shared computer in the library, MicrosoftOffice is not installed - so he opens up SkyDrive in his browser and opens the Excel workbook. They can nowhappily co-author this document at the same time across a range of technologies.Excel Web App - showing 2 people co-authoring a document
Embracing Consumerisation of IT in Education The future of cloud based applications is looking very strong. Office 365, a recent addition to the Microsoft Portfolio, includes Exchange Online, Sharepoint Online and Lync Online. An education specific version, aptly named Office 365 for Education, is expected soon and will add additional functionality to those found in Live@EDU. Microsoft Dynamics CRM is also available online which provides customisable and powerful relationship mnagement in the cloud. Many Education ISVs (Independent Software Vendors) are now providing their solutions as hosted alternatives to their on premise offerings. We are passionate about the cloud and its ability to help institutions and students realise their potential.Opportunites with Virtualisation Technologies Virtualisation technologies can also help organisations embrace CoIT . Virtualisation technologies provide us with the ability to run applications or full school desktops on a wider range of device types and operating systems. Presenting Software to Users Microsoft has offered Session virtualisation (aka presentation virtualisation) for many years. Initially, through Terminal Services and more recently with RDS (Remote Desktop Services). RDS Remote App allows for a centrally managed and server hosted application to be presented to remote users via a simple RDP client. RDP Clients are widely available across a range of platforms and devices, thus removing the need for clients to be using a specific OS version. An alternative to session virtualisation is application virtualisation which Microsoft provides through App-V. The key difference being that session virtualisation is server hosted, while App-V applications run on the client device (although they are not installed in the traditional sense). App-V has all the benefits of centrally managed software combined with the benefits of removing any application conflicts on the clients. App-V is part of MDOP (Microsoft Desktop Optimisation Pack). App-V applications can also be extended to non- windows devices through partner tools such as Citrix XenApp. Presenting Desktops to Users Desktops can be presented to users via both session virtualisation and VDI (Virtual Desktop Infrastructure). They are quite similar technologies, the key difference is that instead of presenting the user with a shared computing session from a server, VDI users are presented with a full desktop from a virtual machine. This provides users with a fully customisable and personal computing experience. A VDI server typically supports fewer users than an RDS environment. Storing numerous large VHD (Virtual Hard Disk) Images can also take up valuable disk space, although some VDI solutions make use of sophisticated differencing technologies to
Embracing Consumerisation of IT in Education save space. VDI desktops are also presented to users via an RDP client. Presenting a full desktop experience to users via RDP is a good way of providing a school standard desktop and applications regardless of user device type or location, distance learners for example.Security Considerations When considering security we need to think about the devices themselves, the data and the network. Device Encryption Is any data going to be stored on the device, or is it all in the data center or cloud. If there will be sensitive data, on a member of staffs laptop for example – would you consider enforcing encryption policies with a technology such as BitLocker Drive Encryption. BitLocker Drive Encryption is integrated into Windows 7 Enterprise and Ultimate Editions and encrypts the harddisk at volume level. Thus if a staff laptop goes missing, you will have the peace of mind that any sensitive data is unreadable. BitLocker To Go extends encryption protection to USB memory sticks. Policies can also be enforced to ensure only encrypted memory sticks be used on campus. Providing Network Access With the potential introduction of “untrusted” devices onto your network there are many points to consider including network segmentation (physical or logical) and user authentication. A typical student might require a school PC one day to access internal systems, while the next day she might bring in her own device. What level of access will you give your student when using an untrusted device? Will you limit her access to external access only? Will she be able to use the same username and password regardless of which device she uses? You will likely want to limit the access level based on the level of trust you have in the device they are connecting from. Microsoft Forefront Unified Access Gateway is a solution that can provide secure access (both internal and remote) based on a number of criteria. For example a student logging on from a School PC will be able to access applications 1-5, the same student logging on from an untrusted device might be limited to one application – or have no access at all. Will you enforce a security policy to ensure devices meet minimum security levels, local firewall, antivirus protection etc. Network Access Protection (NAP) a technology introduced with Windows Server 2008 checks policy compliance of Windows clients and enforces security before allowing access to the network.
Embracing Consumerisation of IT in Education Is it likely that you will have students visiting from other schools, colleges or universities? If so, how will you manage their authentication? You might consider using a service such as the JANET(UK) federation service eduroam. The eduroam service provided by JANET(UK) is a federated service that enables JANET connected institutions to offer secure network services for visitors from other eduroam-enabled institutions – without the need for guest account management. Alternatively, running a commercial offering, such as BT OpenZone, alongside your JANET(UK) provision could be a good option for allowing network access to non-approved devices.HTML5 HTML5 offers many interesting ways to make apps shine both securely and across all platforms. With its range of cross platform and device agnostic benefits, it could be argued that HTML5 offers the most seamless COIT solution for institutions. HTML5 enables institutions to build and run rich experiences for students and staff without the need for plugins, all within the browser. As a result, HTML5 offers an elegant single solution to address the majority of institutions BYOD challenges and requirements, regardless of whether the apps are being run on a Windows, Apple or Linux platform. With the advances in HTML5 technologies, these benefits can also be extended to internet enabled mobile devices and could potentially prevent the need to develop individual platform specific applications. We look forward to watching the impact that HTML5 will have on the COIT movement over the coming years.Systems Management Depending on the size of your institution you probably already manage your IT infrastructure with a tool such as System Center Configuration Manager or System Center Essentials. But what if you need to start managing non-windows devices? System Center Configuration Manager 2012, currently in Beta, includes the ability to manage non-windows devices including IOS, Symbian and android based devices. SCCM 2012 puts the user at the heart of the solution and can deliver the best application experience based on their identity, their device, and their connection. For organisations that dont have the resources and infrastructure to support their environment, Windows InTune offers a great alternative. Windows InTune is a cloud based management and security solution that enables PCs to be managed and protected without the need for on-campus servers. Windows InTune also comes with upgrade rights to allow organisations to upgrade to Windows 7 and beyond, based on subscription rights.
Embracing Consumerisation of IT in EducationConclusion With many industry experts stating that the future of technology in education lies with the user, COIT is now firmly on the radars on both suppliers, such as Microsoft, and the institutions we passionately serve. As can be seen within this eBook on the subject, the definitive answer to making COIT palatable for both users and the providers of IT within schools, colleges and universities is not a clear cut one. While students, especially those within FE and HE, want to bring their own devices on campus and use them to connect to their institutions network and systems, there is still a need to offer physical machines on campus. This hybrid approach will no doubt be a reality for some time yet. Despite this, there is clearly a requirement from the users of technology to have more flexibility in when and how they use a mix of personal and institutional devices to carry out their studies and its the industry and IT professionals responsibility, working together, to make this a reality. Locking down systems and preventing access is no longer realistic, particularly at a time when HE students, in particular, are demanding more from their learning experience. Furthermore, with the budget cuts being realised across the sector, COIT offers potential cost saving benefits that educations leaders will find hard to ignore. It is, therefore, all of our responsibilities to embrace more of a can do attitude towards COIT and discover and embrace solutions that students so passionately require, while also maintaining the security of the institutions core networks and systems. The ultimate answer is going to require a mix of cultural change and technology solutions, of which the vast majority is already available. The cloud, combined with client based software, offer flexibility and choice regardless of the platform used by the institutions learners. Furthermore, with the enhancements in virtualisation technologies, such as App-V, it is now possible to easily recreate institutional environments across Windows, Apple, Linux and mobile platforms, such as IOS and Android. Furthermore, a pure-play web solution, using HTML5, also offers a highly elegant option for IT professionals to offer apps to their wide range of users in a highly feature rich and secure environment. Ultimately, the technology is available now to make COIT a practical reality for all institutions. Cultural change is, however, needed to make this truly possible. Only with these two elements in place, are we going to see the COIT available to all.
Embracing Consumerisation of IT in EducationHave your say We would love to hear what you think about the concept of COIT and how you are making this a reality, if at all, within your institutions. Have your say and join the conversation on Twitter by using the hashtag #coit. We look forward to continuing the conversation and debate.