So it was working properly and now it’s not? Sounds like a classic case of deploying to production before testing and verification. Edsby is taking responsibility, so it seems reasonable to think that they are not adhering to one of the fundamental rules for software development and deployment. What other shortcuts are they taking. No test suites? Not encrypted at rest? Not encrypted in transit? No authorization and authentication process? No access logs? This could well be the tip of the iceberg and should trigger an investigation that includes a third party aaudit of policies and procedures. At their expense, of course.
It’s a big problem in schools, in general. Schools have basically no budget for IT. As a substitute teacher, I’m regularly deadnaming students because attendance lists can only be printed with LegalName. It sucks.
But I also dabble on the tech side of the education sector, and it’s embarrassing how far behind student information systems are, in general:
No API access to anything, so everything is done by .CSV file.
No databases, nor training in how to use them, so massive student datasets are emailed around in spreadsheets.
Teachers leave their systems logged in with access to the entire district’s networked drives system.
Districts are running everything on prod with no backups.
I could go on.
But schools are never given the budget to hire experts to do these things right, nor the budget to get the hardware they need for robust testing environments and backups.
This sounds like it could have been this contractor deploying without sufficient testing, but it could just as easily be the province’s contractor changing the student data portal and breaking everything.
So it was working properly and now it’s not? Sounds like a classic case of deploying to production before testing and verification. Edsby is taking responsibility, so it seems reasonable to think that they are not adhering to one of the fundamental rules for software development and deployment. What other shortcuts are they taking. No test suites? Not encrypted at rest? Not encrypted in transit? No authorization and authentication process? No access logs? This could well be the tip of the iceberg and should trigger an investigation that includes a third party aaudit of policies and procedures. At their expense, of course.
It’s a big problem in schools, in general. Schools have basically no budget for IT. As a substitute teacher, I’m regularly deadnaming students because attendance lists can only be printed with LegalName. It sucks.
But I also dabble on the tech side of the education sector, and it’s embarrassing how far behind student information systems are, in general:
I could go on.
But schools are never given the budget to hire experts to do these things right, nor the budget to get the hardware they need for robust testing environments and backups.
This sounds like it could have been this contractor deploying without sufficient testing, but it could just as easily be the province’s contractor changing the student data portal and breaking everything.
Of course it’s like that. Why would anyone properly fund a school? Drives me nuts.