140 likes | 297 Views
PBA. Observations. Growth, projects, busy-ness Doing an incredible amount of work Great Quality of work Concern about being perfect Attitudes Tight financial times Salaries No magic solution. Security. Protecting data/resources through security is important!
E N D
Observations • Growth, projects, busy-ness • Doing an incredible amount of work • Great Quality of work • Concern about being perfect • Attitudes • Tight financial times • Salaries • No magic solution
Security • Protecting data/resources through security is important! • 18,625 attacks per hour, 34% of network traffic • Layer 7 firewall is blocking 447,000 attacks a day 24 hour period. • Top 5 concerns of CIOs in higher education • Second biggest concern is cleaning up old data from desktops and laptops and protecting them. • Concern of Board of Trustee’s Audit Committee • Best practices for a University our size • Utah Schools • U • USU • Weber
Security • Need Positions • Backup to ISO on all Systems such as firewalls, IDS, IPS, Incident Handling, PCI, etc. • Desktop security
Positions • Hourly Plan Spider scans on desktops Spider scans of laptops Vulnerability scans of the network End user encryption Desktop audits Web security tips and how to • Full time Plan Backup to ISO on all Systems such as firewalls, IDS, IPS, Incident Handling, PCI, etc. Malware, McAfee Antivirus, EPO, HIPS Security awareness training Integration of EPO , Foundstone and Intrushield products. Vulnerability assessments, penetration tests and security audits Windows update server/policies, Desktop Audits, Desktop Encryption, Backup & Recovery (Disaster Recovery, Business Continuity) Password Strength, management, and expiration, Manage VPN access and monitor, Manage Web filtering solution, Deploy and manage a central logging system Microsoft active directory security , Deploy, manage and maintain all security systems and their corresponding or associated software, including firewalls, intrusion detection systems, cryptography systems, and anti-virus software. Investigates complaints of non-compliance as well as any foreseeable internal and external information security risks and reports on noted irregularities and risks. Monitor server logs, firewall logs, intrusion detection logs, and network traffic for unusual or suspicious activity. Interpret activity and make recommendations for resolution.
Security Requests • IT Security Analysis (Desktop security specialist) $80,000? • Hourly money for security $25,000 • Web filter - $75,000 one-time $15,000 on-going
DBA • Oracle 11g Upgrade • Oracle masking • Identity Vault
DBA Requests • Oracle Tools (Data Masking Pack) • RAC • Support Disaster Recovery of Banner etc. • DBA trainee
OIT • Accreditation – Standard 5
OIT Priorities for This Year • Updated Master Plan with New executive team • ODS/EDW & Webfocus reports/dashboards • Portfolio/Projects Office • IT Security, Compliance, Policies • IT Training, Communications, Metrics • Disaster Recovery Plan • Web 2.0 & Cloud Computing Directions • Academic Computing • SRIs, data, scheduling, faculty workload, ePortfolio
Other Projects • R-25 web-based • Virtual Lab • Wimba in Portal • FSAAtlas • iTunes • Time/Leave Entry • SRITS • Computer Rental Programs
Continued • GroupWise vs Exchange discussion – plan • (Also Novell vs Microsoft) • Wasatch campus • Alpha shut-off • Remote Classroom Demo • Mobile Computing • Campus-wide sustainable MEC • GroupWise 8 ?
Requests • Projects Office (accountability) FTE • Growth funding (people & systems) • catch up (extremely thin) • model for future • Risk mitigation (new environment & rules) • Support – apple, mobile, other • Development vs Maintenance (Projects vs Services)