360 likes | 508 Views
Graduating to Mobility through eLearning. Agenda. A Look at Mobility in Higher Education Proliferation of Devices in the Classroom Getting to “There” from “Here” Getting Buy-in at Harvard SEAS Steps to Graduate to Secure Mobility at Harvard SEAS
E N D
Graduating to Mobility through eLearning Agenda • A Look at Mobility in Higher Education • Proliferation of Devices in the Classroom • Getting to “There” from “Here” • Getting Buy-in at Harvard SEAS • Steps to Graduate to Secure Mobility at Harvard SEAS • Harvard SEAS’s Current & Future Mobility Initiatives • Q & A
Mobile Timeline for Higher Education 1990sDesktop computers eTextbooks Publishers take advantage of popular tablets, expanding their catalogues and offering rental digital books that expire after a semester or two Clickers Student handheld clicker allows professors to poll or quiz students and receive results in real-time 1999 2005 2007 2010 2011 2013 iPads iPads enter the classroom Digital Learning Communities Students in today’s classrooms can create their own apps, web pages, blogs and collaborate with a diverse global community Interactive Whiteboards Traditional whiteboard was reinvented using a touch or pen sensitive display, projector and computer
Proliferation of Devices in the ClassroomTrends, Risks & Challenges
Risks & Challenges: How do we protect data & identities? Harvard is a high-value target for such threats
Risks and Challenges: Consequences of Inaction • Legal Repercussions: • Penalties For Mass. Personal Information Law Violation - 201 CMR 17.00 • Up to $50,000 per improper disposal • Maximum of $5,000 per violation • The Massachusetts Attorney General can come after you • Above penalties don't include lost business, dealing with irate customers, mailing out letters, and other associated costs • First Fine: $110,000 • Impact to Reputation • Rapidly growing population of devices: “It will only get MORE complex”
Risks and Challenges: What are other schools doing? • Some schools are using an MDM vendor, others are leveraging resources they already own • AirWatch clients include Georgetown, Indiana University & UCLA • Stanford has developed their own solution • Yale also offers an MDM solution to their customers
Getting to “There” from “Here”What do we need to be doing?How do we sell mobile security in higher education?
Identify WHY You are Doing This “If you don’t have a mobile strategy, you don’t have a future strategy.” Eric Schmidt (Google)
Identify WHY you are doing this • Allowing mobile devices in your environment "because faculty want them" ISN'T enough of a reason • What do mobile devices bring to the table? • How does the use of mobile devices ENABLE the pedagogy at Harvard? • These are no longer just status symbols...they are useful devices. • These are the functions that you want to embrace, enable, and foster • How could the use of mobile devices INHIBIT the pedagogy or even HARM the school?
Security is the main reasons companies hesitate to embrace mobile
Understand WHO you are doing this for? • People are not opposed to being secure… • As long as they don’t have to take steps they consider excessive • If a policy/control is inhibiting their ability to work, they will find a way around it • Any monitoring should be appropriate for your organization • When does it help the user? • When does it protect the organization? • When is it just intrusive? "The Net interprets censorship as damage and routes around it." John Gilmore (EFF).
Understand WHO you are doing this for? • Universities have a high number of exceptions • EMBRACE this fact and PLAN for it in your mobile strategy • Turn your Exceptions into Use Cases (IDENTIFY exceptions and plan for them) • Strategy should acknowledge an appropriate level of flexibility • Any tools you consider should include the ability secure devices with custom (and reusable) policies • You should be able to manage a large percentage of your customers with a small number of policies
Getting Buy-in at Harvard SEASWhere are the resistors?How do we get past resistance?
Resistance Just treat them the same way we do laptops. I don’t want to lock my phone…what if I forget the code? It’s my device, not Harvard’s! Harvard Approved Vendors don’t provide these services in the way we want… It’s a violation of my privacy! Lock codes are annoying! We’re a school, not a bank! I don’t want Harvard to be able to track my location! MDM products are EXPENSIVE! If I lock my iPad down, my kids can’t use it! The faculty will never go for it
How can you overcome resistance? Find champions Start with groups which alreadyhave an interest in protecting data Finance and HR offices Make it personal People are more likely to change bad habits to protect their own data Faculty member whose phone was stolen Build success stories Make it more than just a security tool Only consider tools which add functionality Many tools can maintain a library of useful documents and links Make it an app that people will actually want to install (Campus map, academic calendar, shuttle schedule & cafeteria menu)
HarvardSEAS’s Mobility Initiatives • Today’s devices need a solution to monitor, control and protect the enterprise– across devices, apps, data and the network
Importance of Enterprise Mobility Management in Higher Ed Same goals
Key Enablers for EMM at Harvard SEAS • Enable us to help our customers follow Harvard’s policies and standards • Phased approach to implementation: PIN/password, encryption, locate, lock, and wipe Lock your device with a PIN/passcode Ensure your deviceis encrypted Ensure your device gets wiped if lost or stolen
Harvard SEAS’s Current & Future Mobility Initiatives with AirWatch
Security Solutions End-to-End Security • AirWatch provides solutions to meet almost all of the above requirements • Harvard SEAS started AirWatch pilot project in February 2013 – options and initial results in end-to-end mobile security management User Security • Authenticate users via basic or directory-based authentication via AD/LDAP, SAML, smart-card or tokens • Require two-factor user authentication
Device Security • Monitor: Corporate, employee-owned or shared devices • Configure device security policies based on device ownership • Control: Set up enrollment restrictions to block users or devices based on platform, version, etc. • Require acceptance of Terms of Use before granting access • Require device passcode with configurable complexity and length • Enforce restrictions on device features, apps and web browsing • Detect compromised devices and perform automated actions • Recover a lost or stolen device through GPS location tracking • Protect: Perform a remote device lock or wipe (full/enterprise)
Application Security • Monitor: Provide inventory of mobile apps installed on devices • Authenticate users and verify device security before granting access to the Enterprise App Catalog • Control: Restrict native apps on a device, including YouTube, Siri and Camera • Enforce application compliance policies and monitor status • Disable access to corporate apps if the device is compromised, non-compliant or user has left the company • Protect: Whitelist or blacklist publicly available apps
Data Security • Monitor: Track mobile user access to data • Control: Control access and share of data across applications • Protect: Encrypt data at rest on device and SD card and in transit according to industry standards
Network Security • Monitor: View all devices enrolled in your enterprise via interactive dashboard • Control: Configure certificate-based access to corporate Email, VPN and Wi-Fi networks • Integrate with F5, Cisco, Juniper, etc. for ultimate VPN network security • Protect: Block unknown devices from connecting to corporate networks • Use AirWatch APIs to allow MDM policies and compliance into your network control lists
Questions? Preston Winn, Director of Business Development for Education Solutions, AirWatch IndirAvdagic, Director of Information Security and Risk Management, Harvard University