The best information safeguarding practice we can have is to not store unneeded data. We now have tools available on campus that you can use at work and at home to find and remove data like social security numbers, bank account numbers and other high value data.  We also have encryption software and software that allows you to digitally sign messages.

At the Dean’s Council Retreat this past week, we also talked about two strategic actions that will improve our security posture from both short-term and long term perspectives.

The first is to revisit and strengthen our information security governance, management and policy practices. We will more clearly articulate who has access to what data, what individuals can do with that data, and what steps must be taken to protect the data.

The second is more rigorous assessment and audit processes.  This will require some investments in people and tools, but is critical to ensure that we are all continually improving our practices in safeguarding the data entrusted to us.

The presentations I made at Dean’s Council can be found here: 

Deans security talk 11.11.09.pdf (2.59 mb)

Deans retreat IT talk 11.09.pdf (2.92 mb)

Last week I attended a meeting of 75 Chief Information Officers (CIOs) from major universities, businesses and organizations from around the world. It was a diverse group including CIOs from places like Oxford, the National Basketball Association, Microsoft, the Department of the Army, and Harrah’s Gaming.

The diversity was interesting, but what really left an impression on me was our consensus that we all face common challenges and opportunities. The number one topic was the recent recession and how the world will forever be changed. The economy will not come back in the format we saw before. Business models will change, organizational structures will change and how organizations apply information technology (IT) will more than ever influence which organizations will be successful.

There is a “new normal.” The role of IT is changing from an enabler of innovation to something that is so deeply embedded it is difficult to distinguish it as something independent of our teaching, research and business processes. In many organizations, IT has gone from being the enabling strategy to being the strategy.

One of the cornerstones of this strategy will be how we apply social networking tools and services. Social networking is normal for our students. The business world has started to use these tools too. Many of the CIOs I talked with say something similar - We need take the collaboration approach our young people invented and put strategy and discipline behind it – that’s how organizations will become most successful.

Social networking technologies are growing at an incredible rate.  Facebook now has 300 million active members that spend 6 billion minutes per day using it.  LinkedIn and Twitter each have more than 50 million members. The first wave of the Internet was about content. The current phase is about connectedness and social networking, whether for business, learning, or recreation.  How do we help our students transform themselves from casual users of social technologies to masters of applying collaboration tools and strategies as they pursue careers in the new global economy?

My guess is all of us will be learning as we go.

I had the wonderful opportunity to attend parts of the UW-Madison Diversity Forum yesterday.  Vice Provost Damon Williams and Chancellor Martin gave thought-provoking talks, and other speakers helped us think about things that we should all be thinking about more. My favorite part was listening to Dr. Christopher Metzler from Georgetown University. His perspectives will help all of us stretch ourselves a little more as we work to further embrace diversity and inclusiveness on our campus and in our community.

One of the things that stuck with me most from Dr. Metzler’s talk was this.  We can all say that we are committed to diversity and inclusion, but what are we doing to demonstrate our commitment. As I thought about this, I started to imagine how this approach could be applied across our mission.  “Demonstration” of commitment is a very powerful concept.  It strikes up images of holding others and ourselves accountable, being relentless in our beliefs and actions, and being open to new ideas and concepts. So how can this be applied to other areas of service in our university community?

I have been spending considerable time lately about our commitment to safeguarding personal information on campus – October is Cyber Security Month.  We all say we are committed to security, but what is each of us doing to demonstrate that commitment.  We can all start by doing a few little things.  Make sure your virus protection software and firewalls are up to date.  Use strong passwords. Ask your IT professional about your department’s security set up. Delete data you do not need.  If you are a manager, understand the data the people that work for you have on their servers, desktops and laptops.  Encourage your staff to care for the data entrusted to them.

 I trust we all have some commitment to security.  Now let’s take it to the next level and demonstrate that commitment.

 Thanks to Vice Provost Williams for a wonderful event and thanks to those that helped us all think a little bit more about so many challenges we face.

Identity theft remains one of the fastest growing crimes in America. Every minute of every day, nefarious people and organizations around the world are scouring the Internet to gain control over computers or find personal data that they can sell to the highest bidder.

October is “National Cyber Security Awareness Month” and a great time for each of us to increase our awareness of the online risks we face and the steps we can take to reduce those risks.

High-value data about each of us is stored on computers across the globe. In recent years, this has become complicated by the growing mobility of computers and communications. A few years ago, our Social Security numbers, credit card numbers, and banking information generally resided on central corporate or government systems. Today, that same data is also on our cellphones, laptops, flash drives and other highly portable devices. We also stay much more connected today through wireless networks at work, home, and everywhere we travel.

Cyber-criminals are well aware of our habits, our practices and the extent to which we are going (or not going) to protect our personal data, and they stand ready to take advantage of any openings we create.

Each of us can do two simple things to improve security:

1. Take the time to learn how to protect your own personal data. Make sure you run virus protection software. Be careful not to open emails that seem suspicious and don’t visit high-risk Web sites. If you participate on social networking sites, think twice before disclosing too much personal information and know who can access your sites.
2. Take seriously your responsibility to protect personal data entrusted to you. None of us should retain high-value personal data on our computers (e.g., social security numbers, banking or credit card numbers, passwords). If you store such personal data on your computer or mobile devices, either delete it or protect it.

There are no guarantees that our data will always be safe, but taking a few simple steps can help us protect ourselves. Take some time this month to learn more about cyber-security. For more information, please visit www.cio.wisc.edu/security/

Chancellor Martin has recently called for proposals in support of the Madison Initiative for Undergraduates.

Many of the IT Strategic Plan themes and charters directly relate to the Madison Initiative.

I encourage those who have been involved in developing the IT Strategic Plan to work with your faculty to develop proposals. Topics could include technology to facilitate distance education, enhanced in-class instructional tools and technology training for those who support teaching and learning. The primary focus should be the support for undergraduate education.

You may submit a proposal by following the guidelines explained in this pdf file.

Many of us have been involved in meetings over the last few months that are called something like "Pandemic Planning" or "Continuity of Operations Planning." Whenever I leave one of these meetings, I end up thinking it is reasonable planning even if there wasn't the potential for a pandemic to come our way.  We talk about sustaining our highest priority services, how we can best contact one another, what are logical staff backup scenarios, how we keep our work areas as "infection-free" as possible, and generally how do we all work together to ensure that the university operates as effectively as possible under "special conditions."

It turns out, we have "special conditions" every day.  We have a wondrous mix of campus-wide research and education services, student activities, college and school programs, outreach and public service activities, and administrative services. It is always complex and we are consistently expected to perform at extraordinary levels. As it should be.

Do we really need to be faced with a pandemic to get better organized or should we just let it become normal to strive to do that every day? Once this crisis passes, I challenge all of us to carry on with this greater attention to detail in all we do.  I think it makes our university stronger and more resilient, makes our services better, and keeps our workforce more content.

I have been thinking lately about why parts of Wisconsin still don’t have high-speed, high-quality Internet access. When it comes right down to it, regions remain underserved because as a state and a nation we have tried to apply out-dated business and service models to an industry that is now critical for the vitality of our state and region.

We want to treat high-speed Internet access with the same approaches we used for the telephone and cable television industry.  In those industries, the network infrastructure and the service are coupled in a way that allows businesses selling a specific service to dominate service areas regardless of the quality of services or the menu of services they offer. Telecommunications and cable TV vendors only build infrastructure in places that are profitable for them.

Traditionally we have classified these services by the devices or the media delivery technology used. We would buy “telephone service” or have “cable television” installed. Now voice, video, music, television shows, movies, and text are all just data that can run over a network.

It is time to decouple the network from the services. Consumers and businesses should be able to buy the device that best meets their needs on the service that they view as the highest quality for their needs.

Our state and national broadband policies and funding strategies should support ever-increasing bandwidth to all parts of our state. Vendors should not own the network and the state should not support any network policies that give any vendors an advantage over their competitors. The vendors should focus on delivering services over a network that is open to all those who wish to compete to deliver services.

Encouraging innovation by establishing a level playing field would enhance education, stimulate research, and accelerate business vitality throughout Wisconsin.  The broadband stimulus program is an opportunity for Wisconsin. I hope we have the wisdom to make decisions that position us to better compete in the region and the world.

Summer 2009 marked the transition to the third of four phases in the IT strategic planning process. Ten work teams, led by faculty and staff across campus, convened from June through August to identify what it would take to bring roughly 50 strategic initiatives to fruition. The activities are divided into 5 categories:

Teaching and Learning

Research Service

Outreach and Public Service

Campus Services

Information Technology Infrastructure

A few of the activities or projects that are gaining momentum include:

Teaching and Learning: Teams are looking at new approaches for using technologies in the classroom or for collaboration and learning outside the classroom. Better support for faculty and instructors, classroom design and support for mobile devices were also high on the list.

Research Services: Teams are investigating how we better prepare graduate students to support research and how faculty and staff members can use new collaboration tools as they apply for grants and conduct their research activities.

Outreach and Public Service: Teams collaborated with faculty, staff, students, alumni and partners to identify approaches and technologies that could be applied to better support the Wisconsin Idea and the Wisconsin Experience. Learning opportunities at UW-Madison traverse the globe and technology is integral to our myriad delivery strategies.

Campus Services: Activities are underway to roll out new digital imaging services to streamline admissions and registration, save paper and other natural resources, and better serve students. We are also poised to implement improved email services, expanded wireless capabilities and better access to technology and support across campus.

Information Technology Infrastructure: Infrastructure is usually invisible to our faculty, staff and students, but upgrades to our network, data centers, collaborative learning spaces, computer labs and help desk ensure that UW-Madison can deliver some of the finest technology-based services in the country.

Regardless of how many of these new IT service initiatives we can implement in the coming year, the process of IT strategic planning will continue.

For more information about the IT strategic plan, see www.cio.wisc.edu/plan