Friday, November 13, 2009
by Ron Kraemer
The best information safeguarding practice we can have is to not store unneeded data. We now have tools available on campus that you can use at work and at home to find and remove data like social security numbers, bank account numbers and other high value data. We also have encryption software and software that allows you to digitally sign messages.
At the Dean’s Council Retreat this past week, we also talked about two strategic actions that will improve our security posture from both short-term and long term perspectives.
The first is to revisit and strengthen our information security governance, management and policy practices. We will more clearly articulate who has access to what data, what individuals can do with that data, and what steps must be taken to protect the data.
The second is more rigorous assessment and audit processes. This will require some investments in people and tools, but is critical to ensure that we are all continually improving our practices in safeguarding the data entrusted to us.
The presentations I made at Dean’s Council can be found here:
Deans security talk 11.11.09.pdf (2.59 mb)
Deans retreat IT talk 11.09.pdf (2.92 mb)
Read or post comments.»Friday, November 06, 2009
by Ron Kraemer
Last week I attended a meeting of 75 Chief Information Officers (CIOs) from major universities, businesses and organizations from around the world. It was a diverse group including CIOs from places like Oxford, the National Basketball Association, Microsoft, the Department of the Army, and Harrah’s Gaming.
The diversity was interesting, but what really left an impression on me was our consensus that we all face common challenges and opportunities. The number one topic was the recent recession and how the world will forever be changed. The economy will not come back in the format we saw before. Business models will change, organizational structures will change and how organizations apply information technology (IT) will more than ever influence which organizations will be successful.
There is a “new normal.” The role of IT is changing from an enabler of innovation to something that is so deeply embedded it is difficult to distinguish it as something independent of our teaching, research and business processes. In many organizations, IT has gone from being the enabling strategy to being the strategy.
One of the cornerstones of this strategy will be how we apply social networking tools and services. Social networking is normal for our students. The business world has started to use these tools too. Many of the CIOs I talked with say something similar - We need take the collaboration approach our young people invented and put strategy and discipline behind it – that’s how organizations will become most successful.
Social networking technologies are growing at an incredible rate. Facebook now has 300 million active members that spend 6 billion minutes per day using it. LinkedIn and Twitter each have more than 50 million members. The first wave of the Internet was about content. The current phase is about connectedness and social networking, whether for business, learning, or recreation. How do we help our students transform themselves from casual users of social technologies to masters of applying collaboration tools and strategies as they pursue careers in the new global economy?
My guess is all of us will be learning as we go.
Read or post comments.»Friday, October 09, 2009
by Ron Kraemer
I had the wonderful opportunity to attend parts of the UW-Madison Diversity Forum yesterday. Vice Provost Damon Williams and Chancellor Martin gave thought-provoking talks, and other speakers helped us think about things that we should all be thinking about more. My favorite part was listening to Dr. Christopher Metzler from Georgetown University. His perspectives will help all of us stretch ourselves a little more as we work to further embrace diversity and inclusiveness on our campus and in our community.
One of the things that stuck with me most from Dr. Metzler’s talk was this. We can all say that we are committed to diversity and inclusion, but what are we doing to demonstrate our commitment. As I thought about this, I started to imagine how this approach could be applied across our mission. “Demonstration” of commitment is a very powerful concept. It strikes up images of holding others and ourselves accountable, being relentless in our beliefs and actions, and being open to new ideas and concepts. So how can this be applied to other areas of service in our university community?
I have been spending considerable time lately about our commitment to safeguarding personal information on campus – October is Cyber Security Month. We all say we are committed to security, but what is each of us doing to demonstrate that commitment. We can all start by doing a few little things. Make sure your virus protection software and firewalls are up to date. Use strong passwords. Ask your IT professional about your department’s security set up. Delete data you do not need. If you are a manager, understand the data the people that work for you have on their servers, desktops and laptops. Encourage your staff to care for the data entrusted to them.
I trust we all have some commitment to security. Now let’s take it to the next level and demonstrate that commitment.
Thanks to Vice Provost Williams for a wonderful event and thanks to those that helped us all think a little bit more about so many challenges we face.
Read or post comments.»