The financial pressure that colleges have experienced over recent years is having knock-on effects across the campus, including for IT teams and IT infrastructure.
In some cases, we are finding that a lack of strategically aligned planning and investment in both the technology support teams and the systems that they run is leaving colleges open to considerable risk.
In some colleges, cuts to funding have led to cuts in staff, and therefore a reduction in expertise, which in turn can lead to risky cyber security practices.
Some colleges have run unsupported versions of server operating systems, application software and unsupported critical hardware. This compounds the cyber security and data protection risks.
The importance of reviewing infrastructure
A robust IT infrastructure is not just important for security though, since it underpins the technology used in teaching, learning and assessment.
When the infrastructure fails, the college can’t deliver for its students, staff or other stakeholders, and the reputational fall-out can also be serious.
Jisc has been collecting information on the state of IT infrastructure in further education colleges for the last two years, though our infrastructure review service.
Since 2016, we have carried out more than 100 infrastructure reviews – a service intended as a supportive review aimed at enabling continuous service improvement rather than an audit.
Overall, we have been impressed with the number of dedicated IT staff, and we have found some outstanding practice that we have encouraged our member colleges to share with each other.
Current trends in further education
Further education (FE) colleges are making good use of "software as a service" (SaaS) or "cloud hosted" systems such as Office 365 and G Suite for Education, although some colleges request support to determine which systems best suit their needs.
A hybrid model, using a combination of on-premises hardware and remote hosted systems often gives the greatest flexibility.
For example, most colleges find a combination of locally provided (and therefore low latency) access to critical services and the high availability and collaboration features provided by a hosted email or intranet service works well for them.
In some cases it can be cheaper to run systems internally rather than buying into a service contract.
Valuing your staff and equipment
It’s not enough to address the quality of the physical infrastructure. Colleges should also critically address the true value of the wider IT infrastructure, which includes the use of technology enhanced learning tools and assistive technology. After all, the bottom line is the quality of the experience each college provides for its students.
We have found that the quality of a college’s IT and technology offer is often as much about the staff as it is about equipment or services.
If an organisation does not have a well-qualified and experienced support team, then the risk escalates.
Leadership is also critical: where there is no senior leader taking an active responsibility for this area then results can be mixed.
Ensuring duty of care
Colleges also need to consider how they can meet the best practice expectations of Ofsted in terms of how web filtering, monitoring and reporting systems can be configured to ensure both good safeguarding practices and to ensure that organisations can meet their obligations under the Prevent Duty.
Risks can also include considerable data protection risks, especially as the GDPR (General Data Protection Regulation) has now come into force.