Barry University CIO: Managing The Mobile Security Load

In higher ed, CIOs have to deal with ultra-connected students and faculty whose devices increase the security burden on IT, while managing the growing use of online video as an educational tool. Here's how the CIO of Barry University in Florida handles it all.

Curtis Franklin Jr., Senior Editor at Dark Reading

March 21, 2016

6 Min Read
<p align="left">(Image: Hernan Londono)</p>

10 CIOs Worth Following On Twitter

10 CIOs Worth Following On Twitter

10 CIOs Worth Following On Twitter (Click image for larger view and slideshow.)

IT administrators for universities have to deal with students and faculty armed with personal fleets of connected devices that add to the security load, along with new "flilpped classroom" teaching methods that rely on streaming video. Dr. Hernan Londono, associate CIO at Barry University, in Miami Shores, Fla., shepherds more than 8,000 students and their devices through their academic careers on roughly 20 campuses. It's a task that is evolving rapidly.

Barry University is a private institution founded by Dominican Sisters in 1940. In a telephone interview with InformationWeek, Londono said that the school now offers more than 100 degrees, from bachelors to doctorates, on campuses located primarily in Florida, St.Croix, and the Bahamas.

Londono said that the university's IT operations are highly centralized in a single Miami location. He described the 64 people in the department as working in "a classic IT shop" with traditional client services, communications, training, and information security within the group. The centralization isn't simply the way things have always been, Londono said. It's the result of conscious planning and decisions made over the years.

Learn to integrate the cloud into legacy systems and new initiatives. Attend the Cloud Connect Track at Interop Las Vegas, May 2-6. Register now!

"I've been here for 18 years, and when I first came people were doing their own thing," Londono said. "Today we're highly centralized for IT. There are still some pockets of very simple things that might happen out of the eye of IT, but if I had to quantify I'd say we're 90% to 95% centralized."

Centralization doesn't extend to user workstations to nearly the same extent as it does to backend servers and infrastructure. Bring your own device (BYOD) is as much an issue for the university as it is for the enterprise.

Beyond Simple BYOD

"BYOD is a challenging phenomenon, but in the network we're dealing with the risk of BYOD as fairly simple," Londono said. In the case of students, the university uses basic network segmentation to keep student systems away from the systems that hold sensitive information.

On the faculty and staff side of the equation, BYOD is important but secondary to another consideration. Mobility, not system ownership, is the larger issue for users who are faculty or staff. "In our case we have seen a shift from desktop systems for our employees to laptops," Londono said. "In most cases, the business justification exists." And when you give a user a mobile workstation, then they tend to be mobile.

"The nature of work is such that people don't necessarily work 9 to 5, [and they work] from different locations," Londono said. "This aspect brings more risk, because traditional IT thinks of the classic workday." The laptop given to an employee is set up to be on the university network, but the employee will take the laptop to the coffee shop or their home. The danger in that is when they finally come back to the university network, the security infrastructure may be blind to what they have done or brought back with them.

Barry University uses a combination of network segmentation and advanced network protection devices to deal with risks from mobile faculty systems. But Londono said users are changing the security load faced by the university IT team.

More Devices Than Students

Students are leading the move away from traditional laptop computers to smaller, handheld options, and they're doing it with a lot of devices. "Last semester, we saw something like 41,000 unique wireless devices operating on our network. We're calculating 3.1 to 3.2 devices per user right now," Londono said.

According to Londono, cloud services are the biggest factor in the rise of handheld systems on campus. "Cloud is an enabler for many people. They can have their data anywhere. You can connect to your personal data and business data from anywhere on any device," he said. And managing security becomes a process of managing the cloud.


"Managing the security posture of these devices -- mobility in this case -- you have to build the mobility on top of a cloud, which is very positive in terms of elasticity," Londono said. "We have to manage that risk." Of course, security risks aren't the only concerns for the CIO's office. There are issues like managing the bandwidth required to feed all those mobile devices.

Flipping The Classroom

A growing number of educators are embracing the "flipped classroom," in which students are given assignments before they attend a lecture, rather than doing homework in response to a lecture class. In conjunction with the flipped-class scenario, professors are assigning video lectures to students to watch, either before class or as part of the in-depth study in class.

Londono doesn't want to do anything unnecessary to stifle the creativity and innovation of the faculty. "On the faculty side, we mostly let them do what they want to. There's a recognition that any progress comes from a place where you're not so structured," he said. "If you leave people with a little bit of freedom, they tend to be very creative."

On the other hand, students can be very heavy consumers of the campus bandwidth. "In terms of bandwidth, the shift isn't so much from faculty -- they're careful about moving instruction to streaming -- but the younger generation of kids moving to streaming content," Londono said. And the reality of the new classroom means that the university can't use basic tools to deal with the bandwidth issue. "[Packet] shaping would make video painful, but many institutions like ours are trying to step away from that. We can't tell whether someone is watching video for fun or has been given an assignment by the professor," he said.

Londono said that all of these changes are part of the cycles he's seen since joining the staff at Barry. "We went through client technologies, then forgot about them because of a push to the data center. Then the cloud came and pulled things away from the data center, and now we're looking at pervasive devices. That puts client computing back in the forefront," he said.

As for the future, Londono sees desktop clients joining other services his IT group will provision from the cloud. "VDI has a tremendous potential to help us with inventory management and security," he said. "A lot of the good practice from cloud can be applied to these clients. The desktop-as-a-service has a great potential to help us operate in a very elastic way."

About the Author(s)

Curtis Franklin Jr.

Senior Editor at Dark Reading

Curtis Franklin Jr. is Senior Editor at Dark Reading. In this role he focuses on product and technology coverage for the publication. In addition he works on audio and video programming for Dark Reading and contributes to activities at Interop ITX, Black Hat, INsecurity, and other conferences.

Previously he was editor of Light Reading's Security Now and executive editor, technology, at InformationWeek where he was also executive producer of InformationWeek's online radio and podcast episodes.

Curtis has been writing about technologies and products in computing and networking since the early 1980s. He has contributed to a number of technology-industry publications including Enterprise Efficiency, ChannelWeb, Network Computing, InfoWorld, PCWorld, Dark Reading, and on subjects ranging from mobile enterprise computing to enterprise security and wireless networking.

Curtis is the author of thousands of articles, the co-author of five books, and has been a frequent speaker at computer and networking industry conferences across North America and Europe. His most popular book, The Absolute Beginner's Guide to Podcasting, with co-author George Colombo, was published by Que Books. His most recent book, Cloud Computing: Technologies and Strategies of the Ubiquitous Data Center, with co-author Brian Chee, was released in April 2010. His next book, Securing the Cloud: Security Strategies for the Ubiquitous Data Center, with co-author Brian Chee, is scheduled for release in the Fall of 2018.

When he's not writing, Curtis is a painter, photographer, cook, and multi-instrumentalist musician. He is active in amateur radio (KG4GWA), scuba diving, stand-up paddleboarding, and is a certified Florida Master Naturalist.

Never Miss a Beat: Get a snapshot of the issues affecting the IT industry straight to your inbox.

You May Also Like

More Insights