RE: CRIME Computers vulnerable at Oregon department

From: Nash, Corbin (corbin.nash@private)
Date: Tue Sep 24 2002 - 11:28:42 PDT

  • Next message: James Wilcox: "RE: CRIME Computers vulnerable at Oregon department"

    I believe DAS is hiring a Chief Information Security Officer whose position
    will be to coordinate security across all of the groups and formulate a
    centralized plan.  The question is will they hire a politician or a
    technically knowledgeable individual.
    
    -Corbin
    
    -----Original Message-----
    From: T. Kenji Sugahara [mailto:sugahara@private]
    Sent: Tuesday, September 24, 2002 8:45 AM
    To: Dion Baird
    Cc: Shaun Savage; CRIME
    Subject: Re: CRIME Computers vulnerable at Oregon department
    
    
    Dion,
    
    I agree that centralized management would be beneficial.  The question 
    is how to do it.
    
    Would you recommend a new agency that deals strictly with tech or 
    delegate the function strictly to DAS (and thereby fold the other IT 
    depts into the super DAS)?  Or do you think that would simply add to 
    the bureaucracy and confusion?  I am assuming that there would be an 
    initial resistance by agency management, but legislative combined with 
    executive mandate could push things along.
    
    Kenji
    
    
    On Tuesday, September 24, 2002, at 08:34  AM, Dion Baird wrote:
    
    >   My perception of the problem as an IT specialist and a state employee
    > is that there is no centralization.  Each Department (i.e. ODOT, HRS,
    > DAS, etc.) calls their own shots as far as desktop and server OS's,
    > equipment, etc.  Only certain systems are centralized for the entire
    > state, and yes Shaun, most of those DO run open source OS.
    >
    >   Most big shops run MS desktop at least because it's easier to train
    > users on (most of them have Windows based systems in their home), and
    > for the most part, it's easier to find trained personnel, and also to
    > train personnel to support it.  Most of the server based stuff will be 
    > a
    > mixture of OS's.  For instance at DAS, we are mostly windows based
    > supporting a citrix environment, however we have a couple of large Sun
    > boxes and a Linux server or two.
    >
    >   The bottom line is that until all IT is centralized as least as far 
    > as
    > management and command and control, it's going to be very difficult to
    > set any standards for OS's and equipment and put them in place.
    >
    > Dion Baird
    >
    >
    



    This archive was generated by hypermail 2b30 : Tue Sep 24 2002 - 12:14:15 PDT