CIO Closes Data Barn Door - InformationWeek

InformationWeek is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

IoT
IoT
IT Leadership // CIO Insights & Innovation
Commentary
7/16/2007
05:59 PM
John Soat
John Soat
Commentary
50%
50%

CIO Closes Data Barn Door

A year ago, Ohio University suffered an embarrassing incident of comprised personal data. Now the CIO brought in to clean up the mess is articulating the measures he's taking to beef up network security. They sound familiar.

A year ago, Ohio University suffered an embarrassing incident of comprised personal data. Now the CIO brought in to clean up the mess is articulating the measures he's taking to beef up network security. They sound familiar.Still, this makes me glad. I'm a graduate of Ohio University, and my personal information was among the alumni data comprised by hackers. The compromise actually stretched back at least a year before that, when hackers first started using the university's servers for their nefarious ends.

After the university finally discovered the hacker attacks, it started looking for a new CIO. It tapped Brice Bible, then interim CIO and assistant VP for information technology at the University of Tennessee, who started in Athens, Ohio, last April.

Today I received an e-mail release from Ohio University with this subject line: "CIO unveils new university IT plan." The plan lays out these priorities:

"Bible and his team have set a goal of $8 million in additional funding over five years, $2 million of which the Ohio University Board of Trustees approved for this first year. The bulk of these investments will go toward hiring 11 new staff members in the first year, and most of the remainder will support improved hardware systems, Bible said."

My son now goes to Ohio University, so I hope that doesn't mean an increase in tuition. As for security, it said this:

"To continue improving security this coming year, additional internal firewalls will supplement the perimeter to protect sensitive information, and the university will continue to eliminate the use of Social Security numbers wherever possible. When Social Security numbers are essential, OIT will encrypt them. To bolster security, Bible also is calling for tighter policies and procedures governing such areas as data classification, identity management and disaster recovery."

Sounds like your bread-and-butter security initiatives. Even Bible said the new measures amounted to necessary incremental improvements:

"The university began taking strong action a year ago to improve IT security," Bible said. "This plan builds on those efforts by articulating the key initiatives needed to carry information technology to a level of reliability and security that we all expect."

I might gripe that I expected this level of security and reliability a year ago, before my personal data was open to perusal by marauding miscreants. But I guess that's the point.

What do you think? Is there more Ohio University could be doing, security wise?

We welcome your comments on this topic on our social media channels, or [contact us directly] with questions about the site.
Comment  | 
Print  | 
More Insights
News
How to Create a Successful AI Program
Jessica Davis, Senior Editor, Enterprise Apps,  10/14/2020
News
Think Like a Chief Innovation Officer and Get Work Done
Joao-Pierre S. Ruth, Senior Writer,  10/13/2020
Slideshows
10 Trends Accelerating Edge Computing
Cynthia Harvey, Freelance Journalist, InformationWeek,  10/8/2020
White Papers
Register for InformationWeek Newsletters
Video
Current Issue
[Special Report] Edge Computing: An IT Platform for the New Enterprise
Edge computing is poised to make a major splash within the next generation of corporate IT architectures. Here's what you need to know!
Slideshows
Flash Poll