I said I wouldn’t leave it as long next time so here, hot(?) on the heels of the July post is another instalment of Desktop Modernisation stuff.
In this episode I’ll give a quick update on the rollout, explain the plan for Wi-Fi, tell you how you can use Microsoft Office on your PC at home if you’d like and finally say a little bit about the changes to Active Directory and what it might promise for the future.
I mentioned in the last blog post the work we were doing to remotely update the new thin devices with our tool SCCM and a network of local deployment servers, and why this was key managing devices going forward. The great news is that this update process is now working well and we have updated almost all the devices without incident. Thanks for your patience with this – it’ll get easier as we do it more often.
As we have upgraded the fixed ‘thin’ devices, we’ve also given people access to the new workspace, with about 900 people accessing it now. We’re seeing a good take-up, with lots of people making the switch. If you have access to the new workspace please use it, and tell us about things that aren’t right so we can fix them. For example, we missed many printers at Birmingham on the first pass (sorry about that) but it was spotted straight away once people there connected and we could fix it quickly.
The rest of the deployment is going to plan, with devices being installed in Filton in the coming weeks and the majority everywhere expected to be in place by December. Watch out for the email inviting you to training. If you haven’t already been, go if you can – it’s the best preparation.
A key part of improving the IT service is the new and improved Wi-Fi service that will be deployed soon as part of the Network and Telephony project (which I also look after).
If you’ve been to Birmingham New Street recently you might have seen something of this. There we have two new networks, one for guests and the other for NHSBT corporate devices (there is a third new network too, for the developers on the 4th floor, but that’s not important for this story). Both allow prompt access to the internet, but the benefit of the corporate network is that it can set up a secure connection without you having to enter any PINs or usernames when used with one of the new hybrid or laptop devices. Basically, it uses the credentials on the device – your NHSBT username and password, and a digital certificate installed on the machine – to replace the more cumbersome way of connecting now with the 6-digit passcode. What it means in practice is that once it’s rolled out when you visit another NHSBT site or go to a meeting room, your hybrid machine will automatically and securely connect to the wireless network.
Guests and donors attending our sites will also have a straightforward way of accessing the internet, which is kept separate from any of our corporate data.
It’s worth noting that the Wi-Fi service is not intended to replace the wired network connections at everyone’s desk, as these provide a more dependable service. When you connect your device to a docking station with a network cable, the connection to the Wi-Fi network will drop. You’ll also have spotted that I’m being quite specific about hybrids and laptops using this service – it might be possible to allow NHSBT mobile phones to access the network automatically too, but that is yet to be confirmed and probably won’t be available from day one.
As well as redesigning the networks we’re looking at improving the coverage at the largest sites, so the Wi-Fi signal is stronger and more dependable. The aim is to allow you to reliably use wireless connections across the building, not just near the meeting rooms, like at Liverpool for example.
In total, 19 sites including all the large ones will get the new service. This does mean that 19 small sites that currently have Wi-Fi will lose it, as the existing devices are out of support, but as funds become available and subject to business prioritisation, we can extend the new service to more places.
Office on your home PC
One you’ve migrated to the new desktop you can if you’d like install Microsoft Office on your home PC, using your NHSBT username (email@example.com) and password. To do this you go to www.office.com and sign in – there are some instructions from Microsoft here. You can have up to five copies activated by your username, but it’s important to remember that the installation will check periodically to make sure that the registration is still valid, so if you leave NHSBT and your account is deactivated, your Office account will stop working too.
Active Directory at its simplest is the database that stores usernames and passwords – it’s what allows you to log on each day. Like lots of IT components it’s really important but should stay completely invisible.
The Desktop Modernisation project is upgrading Active Directory to the latest version as well as making changes to the way the data in there is accessed, and taking the opportunity to iron out some anomalies to remove complexity.
One of the complexities is the way in which the precursor organisations came together to form NHSBT. It’s quite dull so I won’t elaborate at length, but some colleagues based in Stoke Gifford have more than one account as they must access legacy systems as well as current corporate tools. This can create difficulty for very little benefit, and this is one of the housekeeping activities we’re doing this time round.
We have also taken the opportunity to replicate our username and passwords onto a cloud-based version of Active Directory. This allows us to use our standard usernames and passwords to authenticate to cloud-based services (like Office 365), and opens options for single sign-on to other things in future. Think of the services (e.g. expenses, travel booking) that you use that ask for a username and password, and of the effort you put into remembering these and keeping them up-to-date.
Single sign-on can remove the need for separate passwords, and the Active Directory work puts in place the tools to make this happen.
Active Directory can also store much more information about each of us, and we can edit some of this ourselves. For example, it can store location, phone numbers, line manager and photos, and this would give us the ability to have an always up-to-date corporate directory. Another one for the future, but watch this space.
It’s great to get comments and questions on these posts, so please keep them coming. You’ll have to be quick on this one if you want an answer from me though, as I leave NHSBT to join HMRC at the end of September, after 21 years. It will be odd to not be part of this great organisation – I’ve never met anyone yet who didn’t find what we do fascinating and have a great opinion of our work. (Not sure that’s the same for where I’m headed!).
I’ve been lucky in my time here to work with some fantastic people, and if I’ve achieved anything it’s by being able to “stand on the shoulders of giants”. I’ll continue to champion the work of NHSBT and tell anyone who’ll listen about the dedicated hardworking people who make all of this happen. Good luck for the future and thanks.
Delivery Director – Desktop Modernisation
If you have a comment or question for Alan, please post it below. If you post something after Alan has left NHSBT then we will forward it to a member of the desktop project team to answer.