Docstoc

mills

Document Sample
mills Powered By Docstoc
					University of Wisconsin-Madison
                MobileUW

                                     Hideko J. Mills
              Manager of IT Research Infrastructure,
                        MobileUW Project Manager
                        Office of the CIO & VP for IT
                         Summer 2011 CSG Meeting
                                      June 15, 2011
      QuickTime™ and a
  AVC Coding decompre ssor
are neede d to see this picture.




                                   2
                 Collaboration
University Relations   DoIT Executive Management




UW Athletics                        UW Police Dept



Madison Metro




                                          3
             Technology
• Use publicly available data feeds
• Use the features and functionality of
  the device platform
  – People Directory integrates with Google
    Maps
  – Location-based services
  – Accessibility
  – VPN

                                        4
               Platforms
• iOS
  – iPhone, iPod Touch, iPad
• Android
• Mobile-Enabled (m.wisc.edu)




                                5
                Metrics
• Google Analytics

  • Application and Sub-Application Usage




                                       6
       Mobile Security
      Risk Management
       Considerations

• Information Risk
• Infrastructure Risk
• Device Risk



                         7
                                   Information Risk
What Matters?

    •   What information or data must comply with University Policy,
        Federal Laws, State Laws to protect confidentiality and integrity?


    •   How is this information flow auditable?




                                                                   8
                                        Information Risk
Impact Scenarios

    • Loss of grant funding due to insufficient security controls

    •   Damaged reputation, loss of alumni funding.

    • Increase risk of intellectual property stored on the device.

    • Increase risk in the number of places (devices) university managed data can
      exist.

    • Increase risk in the number of places personal data can exist that the university
      does not manage.

    • Increase risk in the amount of regulated data created, shared, downloaded,
      streamed, or stored.


                                                                             9
                             Information Risk
High-Level Mitigation Strategies


    •Campus-Wide information classification governance
    program


    •   Regular compliance assessments




                                                   10
                        Infrastructure Risk
What Matters?



    •   What is the wireless network broadband capacity
        necessary for providing campus-wide mobile
        services?




                                                     11
                         Infrastructure Risk
Impact Scenarios


    • Increase in facility costs for making wireless network
      optimal

    • Increase in the demand of wireless availability in any
      classroom

    • Potential for reduced enrollment if student high-tech
      demands are not addressed




                                                          12
                       Infrastructure Risk
High-Level Mitigation Strategies


    •Infrastructure demand and capacity planning
    programs

    •   Continuous demand monitoring




                                                   13
                                      Device Risk
What Matters?


 •What are the audit features that will monitor device feature
 interactions?




                                                       14
                                    Device Risk
Impact Scenarios



    • Damage to institutional reputation or legal
      consequences stemming from device breaches

    • Degraded performance of critical device operations
      (911 calling)




                                                    15
                                       Device Risk
High-Level Mitigation Strategies


    •   Application security program


    •   Regular security testing




                                              16
              Device Security
• Lock your mobile device when you're not using it. Be
  sure to use a strong and unique passcode or pattern
  sequence.
• Keep your device up to date.
• Research an app before installing it. Only use trusted
  sources for apps.
• Limit your use of applications or browsers over open and
  unprotected WiFi.
• Turn off your Bluetooth when not using it.
• Don't root or jailbreak your device.



                                                     17
          Governance Framework
Distributed Responsibilities
- Interdepartmental collaboration with clearly defined expectations

      • Executive Committee
      • Sponsors
      • Project Team
      • Development Team
      • Infrastructure Group
      • Content Providers & Functional Offices
      • Stakeholders
                                                                  18
                                             RACI
                 Exec        Sponsors     Project       Dev      InfrastrucG    Content        Stake-
                                                                     roup      Providers       holders
                 Comm                      Team        Team                       &
                                                                               Functional
                                                                                Offices
Define              A            R           R           I               I         C             C
MobileUW
Strategic
Initiatives

Ensure              A            R           C           C               C         C              I
Resource
Allocation


Ensure
Compliance
                    A            R           R           R               R          I             I
with
Standards


               Responsible -       Accountable -         Consulted -         Informed - kept
              getting the work   resource ultimately   opinions sought           apprised
                    done            accountable


                                                                                        19
              Trends
• Continued growth of mobile devices
• Native apps will work in conjunction
  with HTML5
• Potential convergence between mobile
  and portal services
• Uses for teaching, E-Learning,
  research
• Cloud computing implications
                                  20
Thank You!




             21
              MobileUW
•   mobile.wisc.edu
•   Android (Launch June 2011)
•   m.wisc.edu (Coming Summer 2011)
•   hjmills@cio.wisc.edu




                                  22

				
DOCUMENT INFO
Shared By:
Categories:
Stats:
views:14
posted:7/8/2011
language:English
pages:22