University of Wisconsin-University of Wisconsin-MadisonMadison

MobileUWMobileUW

Hideko J. Mills

Manager of IT Research Infrastructure,

MobileUW Project Manager

Office of the CIO & VP for IT

Summer 2011 CSG Meeting

June 15, 2011

Hideko J. Mills

Manager of IT Research Infrastructure,

MobileUW Project Manager

Office of the CIO & VP for IT

Summer 2011 CSG Meeting

June 15, 2011

2

QuickTime™ and aAVC Coding decompressor

are needed to see this picture.

3

CollaborationCollaborationUniversity Relations DoIT Executive

Management

UW Athletics UW Police Dept

Madison Metro

4

TechnologyTechnology

• Use publicly available data feeds• Use the features and

functionality of the device platform– People Directory integrates with

Google Maps– Location-based services– Accessibility– VPN

4

5

PlatformsPlatforms

• iOS– iPhone, iPod Touch, iPad

• Android• Mobile-Enabled (m.wisc.edu)

5

6

MetricsMetrics

• Google Analytics

• Application and Sub-Application Usage

6

7

Mobile Security Risk Management Considerations

Mobile Security Risk Management Considerations

• Information Risk

• Infrastructure Risk

• Device Risk

8

Information RiskInformation Risk

• What information or data must comply with University Policy, Federal Laws, State Laws to protect confidentiality and integrity?

• How is this information flow auditable?

What Matters?

9

Information RiskInformation Risk

• Loss of grant funding due to insufficient security controls

• Damaged reputation, loss of alumni funding.

• Increase risk of intellectual property stored on the device.

• Increase risk in the number of places (devices) university managed data can exist.

• Increase risk in the number of places personal data can exist that the university does not manage.

• Increase risk in the amount of regulated data created, shared, downloaded, streamed, or stored.

Impact Scenarios

10

Information RiskInformation Risk

• Campus-Wide information classification governance program

• Regular compliance assessments

High-Level Mitigation Strategies

11

Infrastructure RiskInfrastructure Risk

• What is the wireless network broadband capacity necessary for providing campus-wide mobile services?

What Matters?

12

Infrastructure RiskInfrastructure Risk

• Increase in facility costs for making wireless network optimal

• Increase in the demand of wireless availability in any classroom

• Potential for reduced enrollment if student high-tech demands are not addressed

Impact Scenarios

13

Infrastructure RiskInfrastructure Risk

• Infrastructure demand and capacity planning programs

• Continuous demand monitoring

High-Level Mitigation Strategies

14

Device RiskDevice Risk

•What are the audit features that will monitor device feature interactions?

What Matters?

15

Device RiskDevice Risk

• Damage to institutional reputation or legal consequences stemming from device breaches

•Degraded performance of critical device operations (911 calling)

Impact Scenarios

16

Device RiskDevice Risk

• Application security program

• Regular security testing

High-Level Mitigation Strategies

17

Device SecurityDevice Security

• Lock your mobile device when you're not using it. Be sure to use a strong and unique passcode or pattern sequence.

• Keep your device up to date. 

• Research an app before installing it. Only use trusted sources for apps.

• Limit your use of applications or browsers over open and unprotected WiFi.

• Turn off your Bluetooth when not using it.

• Don't root or jailbreak your device.

17

18

Governance FrameworkGovernance Framework

• Executive Committee

• Sponsors

• Project Team

Distributed Responsibilities- Interdepartmental collaboration with clearly defined expectations

• Development Team

• Infrastructure Group

• Content Providers & Functional Offices

• Stakeholders

19

RACIRACIExec

CommSponsors Project

TeamDev

TeamInfrastruc

GroupContent

Providers &

Functional Offices

Stake-holders

Define MobileUW Strategic Initiatives

A R R I I C C

Ensure Resource Allocation

A R C C C C I

Ensure Compliance with Standards

A R R R R I I

Responsible - getting the work

done

Accountable - resource

ultimately accountable

Consulted - opinions sought

Informed - kept apprised

20

TrendsTrends

• Continued growth of mobile devices

• Native apps will work in conjunction with HTML5

• Potential convergence between mobile and portal services

• Uses for teaching, E-Learning, research

• Cloud computing implications20

21

Thank You!Thank You!

22

MobileUWMobileUW

• mobile.wisc.edu• Android (Launch June 2011)• m.wisc.edu (Coming Summer

2011)• hjmills@cio.wisc.edu

22