Download
slide1 n.
Skip this Video
Loading SlideShow in 5 Seconds..
Ghosts and Goblins in 2003 PowerPoint Presentation
Download Presentation
Ghosts and Goblins in 2003

Ghosts and Goblins in 2003

351 Vues Download Presentation
Télécharger la présentation

Ghosts and Goblins in 2003

- - - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - - -
Presentation Transcript

  1. Ghosts and Goblins in 2003 • Budget cuts resulting in increasing work (and money), but inability to hire • BadgerNet Procurement and what it means to UW and to WiscNet • Collaboration with researchers for national network • Technology architecture that works • Getting a CMS up and running for all UW

  2. 2003 - continued • Relationship between central and distributed IT support providers • Security - especially viruses and spam • Policy compliance - HIPPA, FERPA • That RIAA stuff

  3. Administrative Information Systems Hell

  4. Administrative Information Systems • Why does this feel like the hardest work we do? • Used to say you should look for a new position a couple of months before “go live” even if you are having the most successful go live.

  5. Administrative Information Systems • Are the administrators and the IT folks partners? • Is IT involved from the beginning? • If a consulting organization is used are they selected jointly by IT and admin leaders? • Is planning and budgeting a joint effort?

  6. Administrative Information Systems • Can we allocate enough money to do the job well? • Do the folks in charge understand that we can only estimate the costs? • Are administrators going to be challenging all hours and costs? • Is there an adequate contingency fund? • How much time will we spend trying to account for and contain costs rather than working on the project?

  7. Administrative Information Systems • Requirements change as implementation gets closer • Are these additional requirements really needed? • Why can’t we modify business practices? • Are we always unique? • Do we understand that changing requirements result in increasing implementation costs and time?

  8. Administrative Information Systems • Who is managing the IT staff? • Does administration appreciate the value of good IT project management? • Does the IT organization have good project managers? • What is the role of IT leadership in this implementation? • Will the administrative unit insist on assigning and managing the IT staff?

  9. Administrative Information Systems • Are the executive officers champions of this project? • Are there champions beyond the CIO and the administrative unit director? • Who is letting the greater organization understand that this is strategic and critical? • Is leadership actively supporting the changes this will bring?

  10. The Network

  11. The Network • The National Research Network Scene • Internet2 and the Abilene Network • National Lambda Rail • Global Connections Points • New York’s ManLan • Chicago’s Starlite • The West Coast

  12. The Network • Regional Optical Networks (some) • The West Coast (California and Washington) • Texas • Louisiana • New York (and New England) • Florida • Virginia, DC, Maryland • Indiana • Michigan • Ohio • North Carolina • BOREAS

  13. Abilene Network

  14. Lambda Rail

  15. Northern Tier Network: Vision Northern Tier

  16. BOREAS-Net

  17. The Network • Regional Optical Network Challenges • How does this fit with BadgerNet2 • How does this fit with WiscNet? • What are federal telecom initiatives doing to the national infrastructure? • Will we be ready for the next federal network research initiative?

  18. The Network • Our campus 21st Century Network • Wireless challenges • New city wireless initiative • What will happen with CALEA

  19. Keeping Our Environment Secure

  20. Security • Security is about technology • Security is about policy • Security is about culture • Security is about people

  21. Security • External attacks • DNS attacks • Spam attacks • Hackers • Weird Stuff • And from the inside • 40,000+ students • And hundreds of other smart geeks

  22. Security • Three tiered security model • The campus network • The servers • The desktop • Policy is essential • So is education, training, and ongoing communication

  23. Security • Challenges - Catch 22s • Distributed environment and culture makes guarantees difficult • Federal laws require us to be rigorous • Errors are costly • Do we really know when our security has been breached?

  24. Security • Things are happening too fast • Time between discovery of exploit and actual attack is very short • Our spam manager - constant updates • Folks out there have gotten too smart and too quick • Attacking has become a money-making business - eg, phishing scams, everything is prepared - grab all your data, exploit all your holes they are , like boy scouts, prepared • Same people over and over again have become really good subject matter experts in exploiting particular operating systems

  25. Security • Data • Folks don’t understand the value of data and don’t back up their data • Folks often want more than they need • Folks often get more data than they need

  26. Security • We give out even more than was asked for • Eg., a list of email addresses might come with social security number • Folks give out root password when calling the help desk • Don’t understand how data leaks • Innocently put something on a fileserver; ends up on the web

  27. Security • Understanding physical infrastructure • Physical security matters • A backhoe can cut fiber you think is secure because it sits alone • Web server also and file server: layer of separation doesn’t exist • Machines are left in accessible spaces

  28. Security • We are too trusting • Firewalls not configured right • We think that once you are inside, you are safe - that ain’t so • Need to explicitly say who is trusted: big work that you have to do over and over again

  29. Security • Not all vendors are equally concerned Lots of vendors don’t understand about encrypted data • And then there is Microsoft

  30. Password stuff http://www.doit.wisc.edu/security/passwords/passwordrunner.asp

  31. That Shrinking Budget

  32. Budget • Budget for the UW System has been decreasing • IT takes budget cuts • Can we do more with less? • Can we do the same with less? • Are there other sources of funds? • What can we give up?

  33. Budget • Do we know the cost of each service? • Do we know the value of each service? • Do we know its source of funds? • Is the user community prepared to pay full cost for a previously subsidized service?

  34. Budget • Are our cost accounting practices and systems good enough? • How do we do better cost accounting when we need money for other things? • What can we give up? • Who decides? • Who takes the heat?

  35. You Have To Manage People

  36. People • University has multiple human resource models • University has a shared governance model • Faculty • Students • Academic staff • Classified staff are part of WPEC • Differing rules and policies apply

  37. People • The technology is the easy part • The technologists are tough • Smart • Thoughtful • Stubborn • Creative • Challenging • Productive • Inquiring

  38. Then there are the clients • And the users • And the folks who call the help desk • And the folks who second guess you • The folks who think things are not happening fast enough • The folks who think things are happening too fast • The chronic complainers • The demanders • And your friends

  39. To summarize:

  40. Alternatively, sometimes I want to say:

  41. Thank You! Annie Stunden Division of Information Technology UW-Madison stunden@wisc.edu March 2006