Insight needed: Teacher trying to build "house points" system and district CTO hostility
Posted by NewConfusion9480@reddit | sysadmin | View on Reddit | 49 comments
Large(ish) ISD. School admin wants a "house points" system with a lot of hesitancy about how to do it and a lot of faculty hesitation.
I (Computer Science (among other things) teacher) build a series of Sharepoint Lists and PowerAutomate flows to make a points system work (List X talks to List Y when Form Z is submitted). Nothing spectacular or particularly interesting.
While building, I realize that my own personal M365's tenant account might hit a 6k PPR/day ceiling, so I request either a service account for transparency/"bus" factor or insight into how I might get a higher rate limit if that's not possible.
CTO goes into red alert. In a private meeting from which I am excluded, mentions me "reverse engineering" the Ron Clark House Points app (lol what? It's literally get/append/update flows), how Sharepoint Lists aren't as "secure" as other parts of our Azure tenant, and how not even student email should be stored in Sharepoint due to security concerns.
I feel like I'm being gaslit, but I'm hoping those with experience can help me get some insight.
Xattle@reddit
What are the odds that CTO is grasping at anything to avoid this becoming IT's problem? In my career I've seen plenty of shadow-IT folks create an odd flow or spreadsheet then it either breaks or the maintainer leaves causing it to get dumped on already overworked IT staff. I've also been places where shadow-IT-to-be get formal reprimands for not going through IT properly and overreaching but that IT dept was more proactive in having documented standards and procedures for new requests and ideas to be implemented.
I do love the idea and your passion for engaging the students, just offering another possible angle. Hopefully the CTO can turn it into a solution discussion instead.
NewConfusion9480@reddit (OP)
Odds are insanely high, IMO, that this is just him wanting to quash anything that might potentially be a headache later.
I asked for policy and documentation so I could be fully in compliance but that's when I was iced out and a meeting with only higher ups was called.
The sticking point is that this temporarily disappears from his plate, but my students and colleagues still have needs that we can solve with the tooling we pay for and I want to help them even if distant IT folk who aren't in schools don't want to bother.
I'd avoiding long term support is the thing then come up with "unsupported but validated" pathing, right?
Xattle@reddit
The fact that your IT dept is aware of it makes it their problem regardless of any documented exceptions for the support side. Speaking to the security angle, restrictions were tightened last year about how student data is stored/accessed/used including behavioral data. We have to have strict controls for security and data retention that's demonstrable at audit time or get penalized heavily for it. You'd have to find your student data retention policy then at bare minimum confirm compliance, document, and demonstrate what data it stores of the students, who can access it, what security measures limit access, how long before that data is removed from the system, what processes handle that the data removal, and where it's hosted. There's probably more than that, those are just off the top of my head based on our own systems. Most of that is federal regulation too, not local IT. Some of the violations can come with legal consequences to the staff if not reported properly.
Because of all that, we opt to keep sensitive data outside of our Microsoft tenant in a record system that is tailored for those regulations. Last I was aware, Sharepoint handles Teams and OneDrive storage behind the scenes so most Microsoft products would all have the same issue.
Sorry for the book, hopefully my tired rambling makes sense. There's points to be made about your IT team communicating better and giving you reasonable ways forward but if they were caught off guard by this and don't understand the scope, I can see why it quickly spiraled.
Mister_Brevity@reddit
Anything they give you, you are going to argue with. District IT is typically so time constrained that the default is “no” unless someone who matters is requesting it, then it’s usually a more diplomatic no.
NewConfusion9480@reddit (OP)
Right.
A tech department in an ISD to whom the teachers building things for their schools aren't people who matter is kind of the issue.
Mister_Brevity@reddit
If IT is too constrained to support, there’s not a lot to be done. This is pretty typical of academic IT, lots of neat ideas and initiatives but absolutely zero backing where it’s needed. So, you’re told to do cool things, but nobody in IT has enough time to deal with it, nobody in IT is willing to be stuck with responsibility for it, etc.
On the flip side, as district IT, have dodged many bullets cooked up by faculty that didn’t understand licensing, or FERPA, or something else critical - or they understand and simply don’t care because they want what they want and they aren’t the ones responsible for negative outcomes.
Mister_Brevity@reddit
If I’m coming across as salty it’s not my intent, I’m exhausted and lack the energy to go shields up and do the whole jazz hands thing.
Darkhexical@reddit
I think if you want help on this you really should start with explaining step 1... Wth is house points? And how does on obtain a "house point"
NewConfusion9480@reddit (OP)
Think Harry Potter.
Harry punches Voldemort (bad guy) in the nuts.
Dumbledore says, "10 points to Gryffindor! (Harry's house)"
There's a concept in education called PBIS (Positive Behavior Interventions & Supports) that encourages positive recognitions of desirable behaviors to encourage said behaviors.
Darkhexical@reddit
What about the spending? Is that a thing?
NewConfusion9480@reddit (OP)
Could be, sure. Easily done.
My concept was to give each individual a spendable coin in addition to the house point when earned and then build a school store (all lists/forms for ease of use and what poverty tooling I have access to) where they would spend the coin.
The house points would be persistent. The coin fungible.
Obviously there are cool ways to do this, but I want it to be all within the tenant and powerapps is a toolset I have access to.
Darkhexical@reddit
Maybe try teams instead. https://learn.microsoft.com/en-us/training/modules/get-started-dataverse-teams/
NewConfusion9480@reddit (OP)
I might give that a shot, but unless I can somehow demonstrate that this is more secure than Sharepoint (?????? I don't know either, man, I don't know) then I'm afraid I hit the same wall.
Darkhexical@reddit
It'd be free. This is essentially how it'd work: Create three Dataverse for Teams tables: Student Wallets, Transaction Ledger, and Store Inventory. Next, set up a simple Microsoft Form that teachers can use to award points. Connect the form to Power Automate so each submission records a transaction and updates the student’s wallet balance automatically. Then, build a Canvas App in Teams where students can view their balances and redeem items. Use a Patch function to deduct coins from their balance and notify the store manager to fulfill the request. Once everything is ready, pin the Form for teachers and the Canvas App for students as tabs within their Teams channels for easy access.
NewConfusion9480@reddit (OP)
Sounds great. Unfortunately it was Teams specifically that was mentioned as a problem.
I'm not trying to be argumentative or difficult. I'm just as confused.
Darkhexical@reddit
So what's the part about "reverse engineering the Ron Clark House Points app" is there already a separate app that's been designated for this use case?
NewConfusion9480@reddit (OP)
The schools who use it hate it and it doesn't actually do much. Also, it's expensive (we pay, not IT, and we just had to cut another teacher spot due to cuts).
Darkhexical@reddit
What does we pay mean? As in out of your own pocket? Or the schools? Tbh if I was paying id just go to pen and paper or a shared spreadsheet/file on the promethian board.
NewConfusion9480@reddit (OP)
School budget. We could do that, sure, but we pay for these tools and I foolishly thought we could just use those instead.
Darkhexical@reddit
I am curious though.. what do you guys use SharePoint for exactly? Or do you guys just not use it?
If you did want to refute him tho.. you could let him know that doctor offices actually use SharePoint ;p
Sunstealer73@reddit
Same, been in school IT for 30+ years and had no idea what this was talking about!
NewConfusion9480@reddit (OP)
I get that.
And the reality is I don't want the IT department to touch this or even talk to me. All I wanted was, "Sure, if you hit PPR limits we'll provision a service account or tell your admin where to send $15/mth for a premium tier."
But... here I am.
Mister_Brevity@reddit
It could be simply that nobody in IT has the time or energy to care about a pet project when a form dumping to an excel document would work fine. There’s likely an entire review process behind it that district IT generally just don’t have time for and they’re shutting it down however they can.
The typical district employee/user perspective for just about everything is “it’s not that complicated” or “it only takes a few minutes”, but it’s multiplied by hundreds or thousands of constituent users all feeling that their issue is not a big deal. No single snowflake is a threat but an avalanche can be a problem.
Alert-Coach-3574@reddit
Not at all how I'd build that, but cto is dumb
NewConfusion9480@reddit (OP)
100% would love to hear ideas. All I want is to build a good system for my M365-backed school but feel like IT is actively against us.
Grouchy-Western-5757@reddit
Do you not have any SQL dbs?
fnordhole@reddit
In an ISD? Lol. No.
But they may have somebody willing to incur the responsibilities of being a DBA for the pay of a janitor.
Grouchy-Western-5757@reddit
Interesting, I've never worked for the school systems before. I would figure they would all have some type of database setup that wasn't reliant on Sharepoint lists.
Mister_Brevity@reddit
It’s generally zero budget, lots of red tape, and a metric ton of extremely strict regulations and rules to follow. It’s not an environment conducive to change or experimentation.
Grouchy-Western-5757@reddit
Well at least we know the last orgs that will still be around if AI ever takes over.
seanpmassey@reddit
An ISD has 72 TIE Fighters, a "legion" of Stormtroopers, and AT-ATs...but no DBAs? No wonder the Empire lost...they couldn't keep their databases running properly.
Ol_JanxSpirit@reddit
Couldn't you just build a form that teachers have access to?
It could dump the results into a spreadsheet.
NewConfusion9480@reddit (OP)
Well yeah. My idea was, "Hey, we can do the usual Form/Excel thing with slightly more security and efficiency" but fuck me, I guess 😉
Xattle@reddit
What was the push back against? Feels like a solid middle ground that would be easier to maintain for something that isn't critical.
Big-Narwhal-G@reddit
I’m sorry but I fail to see how SharePoint would be any less secure than other parts of the tenant? The whole MS tenant is basically a house of cards when one part is compromised anyway. So Secure from what exactly?
RainStormLou@reddit
based on how the post is written, it's possibly not the school's SharePoint being used.
NewConfusion9480@reddit (OP)
It is, 100%.
My ISD account inside a "Staff" sharepoint only accessibly by my school's staff.
joshghz@reddit
I've seen how school staff manage internal documents. I guarantee there's far more sensitive data on the SharePoint than student emails.
RevolutionaryWorry87@reddit
You are being gaslit and he is stupid.
I've never worked as a part teacher part IT department
joshghz@reddit
My high school computer teacher was pretty much doing that from the late 90s until at least mid 10s. Not sure if he's still doing it.
fnordhole@reddit
A lot of folks fall into this trap. They let all the compliments and accolades blind them to getting two jobs for the pay of one.
NewConfusion9480@reddit (OP)
Teachers and accolades... those aren't words that go together.
It's about wanting my students to have some cool/fun stuff and my colleagues to be able to interact with it easily.
RainStormLou@reddit
it depends on their security policy. Perhaps the collaborative nature of SharePoint and mandated sharing restrictions by district doesn't jive with their security policy on student information and where it's allowed to be stored.
what do you mean by your personal m365 tenant though? if you have a personal tenant and you're loading student information to that, they should fire you and press charges. I'm hoping that you stated that incorrectly because if so, that's insane and extremely shocking.
NewConfusion9480@reddit (OP)
By "personal" I mean my individual work account within the tenant. I can see how that's confusing and that lack of clarity is on me.
peacefinder@reddit
I assumed the CTO objection would be that eventually little Timmy is going to complain to his meddlesome parents about how it’s not fair and suddenly the district will be coughing up a civil rights settlement.
NewConfusion9480@reddit (OP)
Fair, but in that case we shouldn't be doing house points in any facet.
ohfucknotthisagain@reddit
You need to start from the beginning with a professional and appropriate plan.
Absolutely not an option. Ever.
If they want an application in the cloud, they can use their own tenant and pay their own way. From day one. Do not even make a proof-of-concept or a demo in your personal environment.
Ideally, they'd have a dedicated build/test environment with its own subscription or landing zone that is isolated from production services.
Ask for requirements. This could include functionality, tech stack, or other things.
Get it in writing. If your organization does "in writing" over email, make a new folder for this project and keep everything in it.
Figure out how to satisfy all of those requirements with organization-funded and -owned resources. If you can't proceed because they don't provide the necessary resources, it's their problem. Refer to the earlier statement about having everything in writing.
NewConfusion9480@reddit (OP)
Here's the thing, it's not their problem.
They can just say "no" to everything every step down the line and the people who suffer lack of support are students and teachers.
snottyz@reddit
Way I see it, if someone in my district is able to do something so horribly insecure, it's my fault for not preventing that.