university of wisconsin-madison mobileuw hideko j. mills manager of it research infrastructure,...
TRANSCRIPT
University of Wisconsin-University of Wisconsin-MadisonMadison
MobileUWMobileUW
Hideko J. Mills
Manager of IT Research Infrastructure,
MobileUW Project Manager
Office of the CIO & VP for IT
Summer 2011 CSG Meeting
June 15, 2011
Hideko J. Mills
Manager of IT Research Infrastructure,
MobileUW Project Manager
Office of the CIO & VP for IT
Summer 2011 CSG Meeting
June 15, 2011
2
QuickTime™ and aAVC Coding decompressor
are needed to see this picture.
3
CollaborationCollaborationUniversity Relations DoIT Executive
Management
UW Athletics UW Police Dept
Madison Metro
4
TechnologyTechnology
• Use publicly available data feeds• Use the features and
functionality of the device platform– People Directory integrates with
Google Maps– Location-based services– Accessibility– VPN
4
5
PlatformsPlatforms
• iOS– iPhone, iPod Touch, iPad
• Android• Mobile-Enabled (m.wisc.edu)
5
6
MetricsMetrics
• Google Analytics
• Application and Sub-Application Usage
6
7
Mobile Security Risk Management Considerations
Mobile Security Risk Management Considerations
• Information Risk
• Infrastructure Risk
• Device Risk
8
Information RiskInformation Risk
• What information or data must comply with University Policy, Federal Laws, State Laws to protect confidentiality and integrity?
• How is this information flow auditable?
What Matters?
9
Information RiskInformation Risk
• Loss of grant funding due to insufficient security controls
• Damaged reputation, loss of alumni funding.
• Increase risk of intellectual property stored on the device.
• Increase risk in the number of places (devices) university managed data can exist.
• Increase risk in the number of places personal data can exist that the university does not manage.
• Increase risk in the amount of regulated data created, shared, downloaded, streamed, or stored.
Impact Scenarios
10
Information RiskInformation Risk
• Campus-Wide information classification governance program
• Regular compliance assessments
High-Level Mitigation Strategies
11
Infrastructure RiskInfrastructure Risk
• What is the wireless network broadband capacity necessary for providing campus-wide mobile services?
What Matters?
12
Infrastructure RiskInfrastructure Risk
• Increase in facility costs for making wireless network optimal
• Increase in the demand of wireless availability in any classroom
• Potential for reduced enrollment if student high-tech demands are not addressed
Impact Scenarios
13
Infrastructure RiskInfrastructure Risk
• Infrastructure demand and capacity planning programs
• Continuous demand monitoring
High-Level Mitigation Strategies
14
Device RiskDevice Risk
•What are the audit features that will monitor device feature interactions?
What Matters?
15
Device RiskDevice Risk
• Damage to institutional reputation or legal consequences stemming from device breaches
•Degraded performance of critical device operations (911 calling)
Impact Scenarios
16
Device RiskDevice Risk
• Application security program
• Regular security testing
High-Level Mitigation Strategies
17
Device SecurityDevice Security
• Lock your mobile device when you're not using it. Be sure to use a strong and unique passcode or pattern sequence.
• Keep your device up to date.
• Research an app before installing it. Only use trusted sources for apps.
• Limit your use of applications or browsers over open and unprotected WiFi.
• Turn off your Bluetooth when not using it.
• Don't root or jailbreak your device.
17
18
Governance FrameworkGovernance Framework
• Executive Committee
• Sponsors
• Project Team
Distributed Responsibilities- Interdepartmental collaboration with clearly defined expectations
• Development Team
• Infrastructure Group
• Content Providers & Functional Offices
• Stakeholders
19
RACIRACIExec
CommSponsors Project
TeamDev
TeamInfrastruc
GroupContent
Providers &
Functional Offices
Stake-holders
Define MobileUW Strategic Initiatives
A R R I I C C
Ensure Resource Allocation
A R C C C C I
Ensure Compliance with Standards
A R R R R I I
Responsible - getting the work
done
Accountable - resource
ultimately accountable
Consulted - opinions sought
Informed - kept apprised
20
TrendsTrends
• Continued growth of mobile devices
• Native apps will work in conjunction with HTML5
• Potential convergence between mobile and portal services
• Uses for teaching, E-Learning, research
• Cloud computing implications20
21
Thank You!Thank You!
22
MobileUWMobileUW
• mobile.wisc.edu• Android (Launch June 2011)• m.wisc.edu (Coming Summer
2011)• [email protected]
22