http://thepost.baker.ohiou.edu/Articles/News/2007/09/28/21463/ By David Hendricks Staff Writer September 28, 2007 Ohio University is trying to turn negative media attention over its computer security problems into an opportunity for change, said its chief information officer. CIO Brice Bible said that his office, which a consultant reported last spring was historically underfunded and understaffed, has made immediate fixes and is preparing a long-term plan. Security improvements, proactive hiring for vacant positions, a status update on the university’s crackdown on file-sharing and proposed infrastructure upgrades are part of a five-year plan Bible outlined to university trustees at the Academics Committee meeting yesterday. OU’s Hudson Health Center, which was forced to revert to a paper record-keeping system after one of its servers was hacked into last year, went back online earlier this month. Office of Information Technology staff configured and installed six new firewalls to protect the university’s data center. Computers that store sensitive data will receive additional firewalls of their own, according to a packet distributed to board members. During the summer, OIT stopped routinely using Social Security numbers — a key piece of information for identity thieves — at Alden Library and Ping Center. It also replaced university ID cards, which contained unencrypted SSNs and student names. Bible hired a new director of Information Security, who began work this month and expanded the university’s security team to five members. Though he said his hiring plan is behind schedule, Bible expects to fill eight more critical positions before the end of the year. Those include a director of Systems and Operations, firewall administrators, a security analyst and director of Customer Services. “If you followed the traditional way of recruiting … it’s very hit or miss,” Bible said, adding that he’s tried to be proactive about filling open positions through a contract with job search Web site www.monster.com and by meeting with job candidates at higher education conferences. Bible’s presentation also included plans to upgrade the speed and reliability of the university network by replacing outdated hardware. OIT will also review its data center’s heating, cooling and electrical systems, according to a packet distributed to board members. After his presentation to the committee, Bible spoke about the university’s crackdown on file-sharing. The Recording Industry Association of America announced in February that it had sent more file- sharing complaints to OU than any other university in the nation. It followed up in Winter and Spring Quarters by identifying 100 computers on the OU network that were sharing music and threatened to sue their owners. The university responded by reiterating its stance against illegal file-sharing and purchased software to identify file-sharers on its network. Bible said that last week he was contacted by an RIAA representative who sought to use OU as an example of how to deal with piracy. Bible said the woman told him that if a similar list were released today OU wouldn’t place in the top 100 schools, but the list was still “very unofficial.” The RIAA confirmed that it had contacted OU and said it would release an official list of top recipients of piracy notifications later this year. __________________________________________________________________ CSI 2007 is the only conference that delivers a business-focused overview of enterprise security. It will convene 1,500+ delegates, 80 exhibitors and features 100+ sessions/seminars providing a roadmap for integrating policies and procedures with new tools and techniques. Register now for savings on conference fees and/or free exhibits admission. - www.csiannual.com
This archive was generated by hypermail 2.1.3 : Mon Oct 01 2007 - 01:51:44 PDT