iPads for Assessment: Test Delivery ProfilePosted: February 23, 2013
This post provides an alternative to the earlier post about using Guided Access (in iOS) to provide some level of security in a test delivery app. It has the advantage of being extremely simple, and temporary. In fact you can leave Guided Access enabled and only invoke it when taking tests — or when, for example, you want to let your two year old play with a specific app, and not worry about the child deleting emails or worse.
Sadly, the disadvantage is that there is no programmatic way (that is, no API) to put the device into this mode. Understanding what it is for and how it works, this is not likely to change for some time (years?). [Note also: I am not going to get into devices managed with Configurator and other tools; the use case I am concerned with if for broad use by students with devices they manage themselves. With dedicated, or at least “managed” devices, other options are possible — but with significant overhead and additional management etc. Perhaps in a future post]. So students must, if they have not done so before, enable Guided Access in the accessibility features, etc, and then put the device in this mode once they have started the app, locking the device in that testing app, and disabling task switching, screen capture, etc.. They can exit GA mode, but the app can detect this and terminate, and log a security incident. Examsoft provides nice instructions on how to do this (enable GA mode), and the burden seems low — so it remains my favorite method.
After that longish re-cap, sadly, the “secure test delivery profile” approach is far more complicated.
Rather than attempt to explain (poorly) how it works, I will explain how to use it and what it does.
a. A test delivery app — and my example here is an app from Internet Testing Systems (ITS) [an outstanding Baltimore-based firm that is a leader in assessment technology and systems]. This iPad testing app is free, in the iTunes store, and, interestingly it is “PEARSON NNAT2 – Stanford 10 – OLSATS”, a Pearson test / app that can be used to take any of these three tests. See https://itunes.apple.com/us/app/pearson-nnat2-stanford10-olsat8/id546817211?mt=8.
b. If you try to use this app to take a secure test, it will present a button and require that you go through a controlled process of installing a “test delivery profile” on your ios device. The process is smooth and automatic, and results in your IOS device loosing the “print screen” functionality built into IOS — as long as the profile is installed — irrespective of which app(s) are used. Along the way one is required to “trust” an external certificate authority, install certificates and the profile itself, etc., but with detailed instructions (and this is where additional “Internet Testing Systems” references emerge). A series of screen shots are presented below.
c. The end result is that you can use the test delivery system — which at first blush resembles Pearson’s “testNav” desktop test delivery software — directly on your iPad. In addition to providing some level of content protection by inhibiting the “print screen” function, it is safe to assume that the delivery software includes other security measures when the test delivery system is operational.
The benefit of this system over the “guided access” mode is primarily that it relieves the user (or perhaps an administrator) of dealing with the relative complexity enabling guided access mode and using it when taking a test. The downside is primarily that the user is required to choose between installing and uninstalling the profile for each exam, or forgoing the “print screen” capability that is otherwise quite useful. Different users will find these tradeoffs offer very different impacts — if you are taking an online class that often requires the use of a test delivery app with a “secure profile” — or even an LMS that requires one to “protect” their content, the relative ease of using this approach is quickly lost if other use cases that are important to for rely on the “print screen” function, resulting in installation and removal of the security profile.
There may also be, for some, a bit of concern about installing software whose precise function is not known — or even, to be fulfilled, disclosable — from a third party that impacts other apps that are “none of their business”. Given that “guided access” is a built-in iOS feature, some users would rather be responsible for securing the device this standard way, as with the Examsoft approach, than being ask to “trust”, and be depending on, the skill of the programmers at one company who’s work is impinging on the functioning of programs that you might, at present, be quite happy with.
That said, the “security profile” approach mechanism is not something I yet understand completely, so I plan further research and inquiry to see just have much might be done with this approach (device lockdown, test control, and the like).