Download
1 / 44

Ghosts and Goblins in 2003 - PowerPoint PPT Presentation


  • 316 Views
  • Uploaded on

Ghosts and Goblins in 2003. Budget cuts resulting in increasing work (and money), but inability to hire BadgerNet Procurement and what it means to UW and to WiscNet Collaboration with researchers for national network Technology architecture that works Getting a CMS up and running for all UW.

loader
I am the owner, or an agent authorized to act on behalf of the owner, of the copyrighted work described.
capcha
Download Presentation

PowerPoint Slideshow about 'Ghosts and Goblins in 2003' - emily


An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.


- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -
Presentation Transcript
Ghosts and goblins in 2003
Ghosts and Goblins in 2003

  • Budget cuts resulting in increasing work (and money), but inability to hire

  • BadgerNet Procurement and what it means to UW and to WiscNet

  • Collaboration with researchers for national network

  • Technology architecture that works

  • Getting a CMS up and running for all UW


2003 continued
2003 - continued

  • Relationship between central and distributed IT support providers

  • Security - especially viruses and spam

  • Policy compliance - HIPPA, FERPA

  • That RIAA stuff



Administrative information systems
Administrative Information Systems

  • Why does this feel like the hardest work we do?

  • Used to say you should look for a new position a couple of months before “go live” even if you are having the most successful go live.


Administrative information systems1
Administrative Information Systems

  • Are the administrators and the IT folks partners?

    • Is IT involved from the beginning?

    • If a consulting organization is used are they selected jointly by IT and admin leaders?

    • Is planning and budgeting a joint effort?


Administrative information systems2
Administrative Information Systems

  • Can we allocate enough money to do the job well?

    • Do the folks in charge understand that we can only estimate the costs?

    • Are administrators going to be challenging all hours and costs?

    • Is there an adequate contingency fund?

    • How much time will we spend trying to account for and contain costs rather than working on the project?


Administrative information systems3
Administrative Information Systems

  • Requirements change as implementation gets closer

    • Are these additional requirements really needed?

    • Why can’t we modify business practices?

    • Are we always unique?

    • Do we understand that changing requirements result in increasing implementation costs and time?


Administrative information systems4
Administrative Information Systems

  • Who is managing the IT staff?

    • Does administration appreciate the value of good IT project management?

    • Does the IT organization have good project managers?

    • What is the role of IT leadership in this implementation?

    • Will the administrative unit insist on assigning and managing the IT staff?


Administrative information systems5
Administrative Information Systems

  • Are the executive officers champions of this project?

    • Are there champions beyond the CIO and the administrative unit director?

    • Who is letting the greater organization understand that this is strategic and critical?

    • Is leadership actively supporting the changes this will bring?


The network
The Network


The network1
The Network

  • The National Research Network Scene

    • Internet2 and the Abilene Network

    • National Lambda Rail

    • Global Connections Points

      • New York’s ManLan

      • Chicago’s Starlite

      • The West Coast


The network2
The Network

  • Regional Optical Networks (some)

    • The West Coast (California and Washington)

    • Texas

    • Louisiana

    • New York (and New England)

    • Florida

    • Virginia, DC, Maryland

    • Indiana

    • Michigan

    • Ohio

    • North Carolina

    • BOREAS






The network3
The Network

  • Regional Optical Network Challenges

    • How does this fit with BadgerNet2

    • How does this fit with WiscNet?

    • What are federal telecom initiatives doing to the national infrastructure?

    • Will we be ready for the next federal network research initiative?


The network4
The Network

  • Our campus 21st Century Network

    • Wireless challenges

    • New city wireless initiative

    • What will happen with CALEA



Security
Security

  • Security is about technology

  • Security is about policy

  • Security is about culture

  • Security is about people


Security1
Security

  • External attacks

    • DNS attacks

    • Spam attacks

    • Hackers

    • Weird Stuff

  • And from the inside

    • 40,000+ students

    • And hundreds of other smart geeks


Security2
Security

  • Three tiered security model

    • The campus network

    • The servers

    • The desktop

  • Policy is essential

  • So is education, training, and ongoing communication


Security3
Security

  • Challenges - Catch 22s

    • Distributed environment and culture makes guarantees difficult

    • Federal laws require us to be rigorous

    • Errors are costly

    • Do we really know when our security has been breached?


Security4
Security

  • Things are happening too fast

    • Time between discovery of exploit and actual attack is very short

      • Our spam manager - constant updates

    • Folks out there have gotten too smart and too quick

    • Attacking has become a money-making business - eg, phishing scams, everything is prepared - grab all your data, exploit all your holes they are , like boy scouts, prepared

    • Same people over and over again have become really good subject matter experts in exploiting particular operating systems


Security5
Security

  • Data

    • Folks don’t understand the value of data and don’t back up their data

    • Folks often want more than they need

    • Folks often get more data than they need


Security6
Security

  • We give out even more than was asked for

    • Eg., a list of email addresses might come with social security number

    • Folks give out root password when calling the help desk

  • Don’t understand how data leaks

    • Innocently put something on a fileserver; ends up on the web


Security7
Security

  • Understanding physical infrastructure

    • Physical security matters

    • A backhoe can cut fiber you think is secure because it sits alone

    • Web server also and file server: layer of separation doesn’t exist

    • Machines are left in accessible spaces


Security8
Security

  • We are too trusting

    • Firewalls not configured right

    • We think that once you are inside, you are safe - that ain’t so

    • Need to explicitly say who is trusted: big work that you have to do over and over again


Security9
Security

  • Not all vendors are equally concerned

    Lots of vendors don’t understand about encrypted data

  • And then there is Microsoft


Password stuff

Password stuff

http://www.doit.wisc.edu/security/passwords/passwordrunner.asp



Budget
Budget

  • Budget for the UW System has been decreasing

  • IT takes budget cuts

  • Can we do more with less?

  • Can we do the same with less?

  • Are there other sources of funds?

  • What can we give up?


Budget1
Budget

  • Do we know the cost of each service?

  • Do we know the value of each service?

  • Do we know its source of funds?

  • Is the user community prepared to pay full cost for a previously subsidized service?


Budget2
Budget

  • Are our cost accounting practices and systems good enough?

  • How do we do better cost accounting when we need money for other things?

  • What can we give up?

  • Who decides?

  • Who takes the heat?



People
People

  • University has multiple human resource models

    • University has a shared governance model

      • Faculty

      • Students

      • Academic staff

    • Classified staff are part of WPEC

  • Differing rules and policies apply


People1
People

  • The technology is the easy part

  • The technologists are tough

    • Smart

    • Thoughtful

    • Stubborn

    • Creative

    • Challenging

    • Productive

    • Inquiring


  • Then there are the clients

  • And the users

  • And the folks who call the help desk

  • And the folks who second guess you

  • The folks who think things are not happening fast enough

  • The folks who think things are happening too fast

  • The chronic complainers

  • The demanders

  • And your friends




Thank you
Thank You!

Annie Stunden

Division of Information Technology

UW-Madison

[email protected]

March 2006


ad