For those PlayStation members who for whatever reason are yet to see this email, you will want to read the latest (and lets face it, long overdue) message direct from Sony:

Valued PlayStation Network/Qriocity Customer:

We have discovered that between April 17 and April 19, 2011,  certain PlayStation Network and Qriocity service user account information was compromised in connection with an illegal and unauthorized ntrusion into our network. In response to this intrusion, we have:
1)     Temporarily turned off PlayStation Network and Qriocity services;
2)     Engaged an outside, recognized security firm to conduct a full and complete investigation into what happened; and
3)     Quickly taken steps to enhance security and strengthen our network infrastructure by re-building our system to provide you with greater protection of your personal information.
We greatly appreciate your patience, understanding and goodwill as we do whatever it takes to resolve these issues as quickly and efficiently as practicable.
Although we are still investigating the details of this incident, we believe that an unauthorized person has obtained the following information that you provided: name, address (city, state/province, zip or postal code), country, email address, birthdate, PlayStation Network/Qriocity password and login, and handle/PSN online ID. It is also possible that your profile data, including purchase history and billing address (city, state, zip), and your PlayStation Network/Qriocity password security answers may have been obtained. If you have authorized a sub-account for your dependent, the same data with respect to your dependent may have been obtained. While there is no evidence that credit card data was taken at this time, we cannot rule out the possibility.  If you have provided your credit card data through PlayStation Network or Qriocity, to be on the safe side we are advising you that your credit card number (excluding security code) and expiration date may have been obtained.

For your security, we encourage you to be especially aware of email, telephone, and postal mail scams that ask for personal or sensitive information. Sony will not contact you in any way, including by email, asking for your credit card number, social security, tax identification or similar number or other personally identifiable information. If you are asked for this information, you can be confident Sony is not the entity asking.  When the PlayStation Network and Qriocity services are fully restored, we strongly recommend that you log on and change your password.  Additionally, if you use your PlayStation Network or Qriocity user name or password for other unrelated services or accounts, we strongly recommend that you change them, as well.

To protect against possible identity theft or other financial loss, we encourage you to remain vigilant to review your account statements and to monitor your credit or similar types of reports.

We thank you for your patience as we complete our investigation of this incident, and we regret any inconvenience.  Our teams are working around the clock on this, and services will be restored as soon as possible. Sony takes information protection very seriously and will continue to work to ensure that additional measures are taken to protect personally identifiable information. Providing quality and secure entertainment services to our customers is our utmost priority.  Please contact us at www.eu.playstation.com/psnoutage should you have any additional questions.

Sincerely,
Sony Network Entertainment and Sony
Computer Entertainment Teams

Sony Network Entertainment Europe Limited
(formerly known as PlayStation Network Europe Limited) is a subsidiary of Sony
Computer Entertainment Europe Limited the data controller for PlayStation
Network/Qriocity personal data

Well. Not much that can be added to that is there.
Whenever you are asked to provide information online, think very carefully before hitting submit…. and don’t provide anything you are too concerned with loosing!

**UPDATE** There is a follow-up article available by clicking here.

Users of the above service have been advised by Sony that a large amount of their personal information (including payment details/history) may have been compromised and may now be available to 3^rd parties responsible for the hacking. PSN users are being recommended to change all passwords used on the service, all ‘secret questions’, and carefully monitor transactions on payment methods used on the service.

If you have any specific PSN concerns PlayStation Support can be contacted by clicking here.

While the above may be helpful for PSN users, the information below is intended as a more general update.

General advice/best practice for engaging with any online service provider:

• Where possible, do not use a payment method connected to your current account (or an account which has significant funds in it). Instead, look to use a separate bills/online payment account with minimal funds in it. This way if your account is compromised any financial loss will not be substantial.
• Do not use generic or shared passwords. Passwords should be unique to a particular service and not shared across several services.
• When setting up an online account and providing a ‘secret question’, make sure the question/answer are not details which can easily be guessed, or are known by others.
• When receiving emails / phone calls relating to online services, never give out security information if you can not 100% prove the authenticity of a contact. Most service providers will not ask for pecific passwords or confirmation of pin numbers, and instead have separate passcodes or words unrelated to the main account setup.
• Regularly check banking transactions and query any unknown purchases with your bank – most offer fraud protection and will return payments, but can only act when they are informed of the potential issue.
• If you use Internet Banking, ensure that your computer is regularly updated/patched, and that you have up to date anti-virus software.

Using the above best practice should minimise the potential of online fraud / account compromise issues.

To save re-typing a large proportion of the information, I would direct you to this article from The Guardian newspaper (Don’t worry about the link – it’s one of those funky tiny url flavoured links straight from my twitter post : http://gu.com/p/2zjk9/tw

So, hopefully you’ve clicked back here after reading The Guardian article. Hopefully, if you hadn’t previously been aware of the issues surrounding ‘befriending’ students on social networking sites, or indeed your own personal use affecting your working life, then you do now! So, what best practice can I suggest? Lots – here goes:

• Never ‘accept’ a current student as a ‘friend’.
  This opens the door for suggestion, accusation and can often confuse boundaries between staff and student.
• Think long and hard about clicking ‘accept’ to a past student.
• Only ever engage via social networking with students in a work-approved project
• Work approved projects should advise you to not use your personal account – create a work-based account which your colleagues / line managers have the details to – no one person should have exclusive access to ensure safe and appropriate use
• Keep all communication, where possible, public – wall posts directed to the work-based account etc.

The most important advice:

• If you are not sufficiently proficient in the use of social networking, or have not been provided adequate training to ensure you use appropriately…. or have been asked to use your own personal account for work based activity …… say ‘no’.
• Do not place any information (textual, visual or otherwise) on social networking sites that you wouldn’t want displaued on a staffroom wall or printed in a newspaper.
• Ensure that your social network security settings are set high enough. Can non-friends see all information? Can friends of friends see information? Are you happy with people posting direct to your wall/page?

I hope the above is useful to some. Please feel free to leave comments or message direct if you feel you need more advice.

Over the last 10 years, one of the largest costs committed to my budget lines have been software licensing. I am a huge fan of the Microsoft Schools Agreement, which is a perpetual license based on an annual or tri-annual payment. This licensing model makes it possible for a School to budget in advance, make use of the latest software as and when it is released – potentially at no additional cost – and streamline license management as most standard software (OS and Office etc) is simply licensed by registering your School’s total desktop count.
The Schools Agreement also comes with Software Assurance (used for upgrading instantly to latest software as highlighted above), but also allowing extras such as Staff Home Use (allowing Staff to use a copy of Office at Home), and several complimentary licenses for sites such as Technet and Microsoft’s e-Learning library.

Historically, the other main licensing options for Schools have been Campus (similar to School, but covering all hardware, not just school owned) and Select (where an individual license is purchased for an individual piece of hardware. This doesn’t come with upgrade rights, and when the time comes to upgrade, would require an update license if one is available).

The only issue with Schools Agreement has been cost. A typical example with very standard pricing (so as not to upset any license resellers out there!) would be:
Schools Agreement – Example Pricing:
5 x Servers @ £50 each. 400 x PCs (in total on site) @ £30 each for “Desktop Core CAL”
Total = £12,250 per annum

Now, some people may look at that figure and question whether it is really worth it, and to be honest there isn’t one general rule which makes it right/wrong for an individual school.
My ethos has always been to present a real-world perception of IT to learners (as well as Staff and the Community). Once Learners leave us, they will continue in to Further Education or in to training/workplace. It is very likely, that if we present them with out-dated technology over their 5 years of education, they are not only going to struggle to adapt to newer software outside of school, but that they will have newer software thrust upon them.

So, if the Microsoft Schools Agreement is so good, how is ESS better?

Microsoft ESS is set to change the way in which Schools look at licensing forever.
It is likely to interest not only schools who have previously been Schools Agreement customers, but also those schools who have opted for Select or OEM licenses in the past.
Why? Put simply, due to cost + the unique (and some would say more “fair”) way of working the cost out.

Schools Agreement  = total amount of all hardware that a School owns multiplied by the unit cost of a SA license
ESS = total amount of full time staff a School employ multiplied by the unit cost of a license

Now, Microsoft won’t be releasing pricing for ESS until mid/end of January 2011 – but what they have said, is this WILL result in a reduction in cost compared to the School Agreement.
Let’s revisit my example above. Let’s say that Microsoft decided to raise the license cost from £30 to £50, but have it applied to staff rather than desktop:

Schools Agreement – Example Pricing:
5 x Servers @ £50 each. 400 x PCs (in total on site) @ £30 each for “Desktop Core CAL”
Total = £12,250 per annum

Enrolment for Education Solutions – Estimated Pricing:
5 x Servers @ £100 each. 90 Full Time Staff @ £50 each for “Desktop Core CAL”
Total = £4,500 per annum

Now, if you’re anything like me you might have got to this point and now be wondering “What is the catch”?
Well, the answer is – there isn’t one – honestly!

If you work in a School (state, private or academy) and have your license renewal coming up, you should definitely ask for a comparitive EES quote!

Who am I?

My name is Mark Braham. I am an IT specialist who has primarily worked in the Education sector for over 10 years.

Currently I hold a senior position which sees me line manage a technical support team, coordinate and operate an external support service for Primary Schools, as well as work in a unique role which seems me sit somewhere between ‘client’ and ‘consultant’, designing and implementing site-wide IT and Communication plans for a £17.5million new school. With a specific IT budget of  just shy of £1million, I remain passionate about delivering a future-proof, reliable, resilient and highly performing IT system, while avoiding all of the pitfalls and negative comments associated with new builds – especially those which were BSF-related.

Should you wish to get in touch via this site, please feel free. Otherwise, please feel free to browse, enjoy and comment.