Daryl Reseigh from Eggar's School outlines the five bring your own device (BYOD) considerations for schools looking to implement a BYOD strategy.
Eggar's School became one of the first academies in the country to adopt the technology and deliver a personalised learning experience to students using tablet computers.
The State of Networking in Education Report from earlier this year discovered that while 50% of schools were looking to implement BYOD in the next three years, 38% do not have an effective strategy to deal with students bringing their own devices to school.
1. Wireless Networking
In the past, wireless networks were a luxury for those who were fortunate enough to own a trolley or two of laptops or netbooks. Access points were installed in departments who owned such equipment and they all relied on a central controller. These days, wireless networks are a necessity. They are as important, if not more important, than a wired LAN. Laptops have become more affordable and mobile devices, such as the iPad, are increasing in popularity, resulting in rapid expansion of your network. To support these devices and take advantage of BYOD, you must build a fast, reliable and feature rich wireless network.
Start by planning how many access points you need across the site for full coverage, then which areas need to be densely populated for heavy use. You must consider the maximum concurrent clients an access point can comfortably handle and install them as required. For example, if you plan to use BYOD in classrooms next door to each other at the same time, it is a good idea to install one access point per classroom so that each access point can handle 30 devices.
If budget is a concern, trialling BYOD in one department and expand to other departments later on.
2. Proxy servers
Considered a swear word by some and a life saver by others, most schools have some form of Proxy Server to filter the internet. Some schools have this onsite and others are controlled by the local authority. Some schools even have both! This can be a real show-stopper for BYOD. How can we expect users to manually enter proxy details into a device to gain access to the internet? Do we want to be giving these details to students, staff and visitors? How does a proxy server determine who you are when a device is not joined to a domain? The short answer is explicit proxy servers do not play well with BYOD.
Before I started looking into BYOD, I had an upstream proxy at the council and an on-site proxy. I contacted the council and arranged for them to provide us with an unfiltered connection to the school.
Happy Days?…maybe not.
The onsite proxy was still an issue. Even if the user inputted our proxy server details into the device, they constantly received a pop up asking for a username and password to authenticate them. Even when entered, this would pop up over and over again. I couldn’t remove the proxy server from site, because we need web-filtering to safeguard our users. The answer?... Move away from explicit proxy servers.
If you move away from explicit proxy servers, BYOD is much easier to implement. I went for a well-known transparent proxy and it is working well with BYOD.
3. Network security
Do not overlook this. You are giving guests and students access to your network, on a device you have virtually no control over. What if a device has a virus? What happens if someone connects to the network and receives an internal IP address? They are just one step away from hacking your network or worse.
You should consider a separate VLAN for BYOD and guest networks outside of your internal IP address scope. This requires configuration changes to network switching, access points, web filters and firewalls. You should only use a secure method of authentication too. WPA2 is not a secure method for BYOD. One correct guess at the password and you will have all kinds of devices joining your network.
Use a RADIUS server where possible. This way, we know who they are and they can only come on with a valid, unique password or username. RADIUS also gives us a lot of control over who can join the network and revoke access if needed.
4. Physical cabling and switches
Some thought must be given to this, if you want BYOD to be a success. You are adding hundreds more devices to your network, so the hardware must be in place to support the increase in network traffic.
I advise looking at edge switching and making sure it goes directly back to the core via fibre (10Gbp/s if possible but 1Gbp/s is OK for smaller schools). If any switches are linked up to other edge switches, via Ethernet, look to improve this before installing a large amount of wireless access points in that location.
In my school, I had to run three new fibre cables to edge switches, to ensure there was no bottleneck along the way. I don’t recommend using any ‘unmanaged’ switches on your network, as you will degrade performance.
5. What will it be used for?
A good question to ask. What do you want to do with BYOD? Do you have a need for it? Do you want it purely for internet access and apps, or do you want to use it as a replacement for a laptop / PC?
If the latter, you should just forget the idea. BYOD will not replace the laptop or desktop PC anytime soon, but it is a fantastic aid to Teaching and Learning.
BYOD is powerful, provided it is being used for the correct purpose. Internet research, apps, creating documents on Office 365, digital content such as videos and quizzes are all very possible with BYOD.
Accessing shared areas, 'my documents', printing, internal email, intranet, VLEs require a different approach and not one I consider for a BYOD network.
Keep it simple, keep it safe and you are on to a winner!