Archive for August, 2008

Presentation at College of Education Design Charrette

Published August 19, 2008 Uncategorized Closed
Tags: ,

I gave a presentation this morning at a design charrette from the UW College of Education where they’re talking about how new web collaboration technologies can be utilized to help support teachers beginning their professional careers.

I started by talking about a story in this morning’s paper that cited several new studies showing that there are some benefits from playing videogames.

Then I shared Michael Wesch’s great video called A Vision of Students Today that he made with his cultural anthropology class at Kansas State last year, and then talked about ways that I get support from my professional community by using new web technologies.

My slides are here.

Organizational changes

Published August 18, 2008 Other Comments

I don’t think it will surprise anybody when I say that as far as work goes here in UW Technology, it’s been a terrible summer.

Hopefully I’m not hallucinating, but I think that now I can begin to see a faint glimmer of light that I’m hoping might be coming from the end of the tunnel.

We’ve now found new homes for all of the folks who remained in UW Technology after the May layoffs, all within various parts of UW Technology Services

I am now reporting to Associate VP Scott Mah. While we’re still working out the details of job title and description, I’ll be generally continuing to work on issues of technology strategy, coordination, and communication with other parts of UW Technology and university units, as well as continuing to coordinate new technology evaluation and integration for the UW. I’ll also continue participating in representing the UW in regional and national technology forums (as much as time and budget allow).

Scott is someone I’ve known since coming to the UW, and as I’ve worked with him more over the last couple of years I’ve been impressed with his growth as a leader over that time. Scott is smart and works incredibly hard at developing his organization and moving the UW in the right directions. I’m pleased and excited about this opportunity to work closely with Scott.

RL “Bob” Morgan is joining the Identity and Access Management (IAM) group within Distributed Systems. Most of Bob’s UW work over the years has been very closely aligned with the IAM folks, so this comes as a natural evolution. Bob will report to Nathan Dors, and will also continue his work with Internet2 and other national groups working on issues of identity management and associated issues.

Fang Lin and Leman Chung, who are software developers who work on the My UW portal and associated apps, have joined the Applications Engineering team in Distributed Systems and are reporting to Janice Granberg. As part of the Apps Engineering team Fang and Leman are situated in a new home with engineering folks they’ve worked closely with over the years.

I’m also pleased that others from my former Emerging Technology team have found new homes within the UW. Bill Corrigan is working with Chuck Benson’s team in Health Sciences, Tony Chang is working as an Integration Architect in the Office of Information Management, and Melissa Albin is also working in OIM.

While I still miss the eTech team and the work we were doing, it feels good to be able to start moving forward towards whatever comes next. Stay tuned – film at 11:00!

, ,

Organizational changes

Published August 18, 2008 Other Comments

I don’t think it will surprise anybody when I say that as far as work goes here in UW Technology, it’s been a terrible summer.

Hopefully I’m not hallucinating, but I think that now I can begin to see a faint glimmer of light that I’m hoping might be coming from the end of the tunnel.

We’ve now found new homes for all of the folks who remained in UW Technology after the May layoffs, all within various parts of UW Technology Services

I am now reporting to Associate VP Scott Mah. While we’re still working out the details of job title and description, I’ll be generally continuing to work on issues of technology strategy, coordination, and communication with other parts of UW Technology and university units, as well as continuing to coordinate new technology evaluation and integration for the UW. I’ll also continue participating in representing the UW in regional and national technology forums (as much as time and budget allow).

Scott is someone I’ve known since coming to the UW, and as I’ve worked with him more over the last couple of years I’ve been impressed with his growth as a leader over that time. Scott is smart and works incredibly hard at developing his organization and moving the UW in the right directions. I’m pleased and excited about this opportunity to work closely with Scott.

RL “Bob” Morgan is joining the Identity and Access Management (IAM) group within Distributed Systems. Most of Bob’s UW work over the years has been very closely aligned with the IAM folks, so this comes as a natural evolution. Bob will report to Nathan Dors, and will also continue his work with Internet2 and other national groups working on issues of identity management and associated issues.

Fang Lin and Leman Chung, who are software developers who work on the My UW portal and associated apps, have joined the Applications Engineering team in Distributed Systems and are reporting to Janice Granberg. As part of the Apps Engineering team Fang and Leman are situated in a new home with engineering folks they’ve worked closely with over the years.

I’m also pleased that others from my former Emerging Technology team have found new homes within the UW. Bill Corrigan is working with Chuck Benson’s team in Health Sciences, Tony Chang is working as an Integration Architect in the Office of Information Management, and Melissa Albin is also working in OIM.

While I still miss the eTech team and the work we were doing, it feels good to be able to start moving forward towards whatever comes next. Stay tuned – film at 11:00!

, ,

Favorite Mac apps

Published August 15, 2008 Technology Closed

My friend and colleague Lori Stevens is in the process of moving from PC to Mac, and she asked me what apps she should have on her Mac. While there are plenty of lists out there of best Mac apps, here, in no particular order, are some of those I can’t live without:

Of course I use the iLife apps that come with the Mac – iTunes, iChat, iPhoto, iMovie, et al. They’re not professional tools, but they’re really good for us commoners.

Adium – my multiprotocol instant messaging client of choice.

Ecto – my blog posting editor of choice. While each successive release seems to get more feature-full and less easy to use, I haven’t found anything I like better.

Firefox – I mostly use Safari these days, but there are lots of things Firefox does better (like have cool add-ons that can be very useful – but that’s a separate list). Good to have choice!

iWork – I like Keynote better than Powerpoint for presentations (and it allows easy save as PDF). I don’t often need a dedicated word processor other than to read other people’s attachments (and Quick Look usually lets me do that, but it sometimes gets confused by fancy formatting), but Pages seems to work fine. Numbers doesn’t begin to have the power of Excel, though. But it’s rare that I need that, and usually Google Spreadsheets work fine for my purposes.

Logic Express – Everything I need in a digital audio workstation. Really deep. When I start working with it I usually end up staying up wayyyy too late and wishing I didn’t have to work for a living. If you constantly find yourself wishing for features GarageBand doesn’t have, Logic probably has ‘em.

NovaMind – Last year I was heavily into mind mapping for trying to organize my thoughts, and NovaMind was my app of choice for that. This year I haven’t been working that way – I’m not quite sure why.

OmniGraffle – I loved Visio when it was first released – it was a great lightweight graphics tool for those of us who are graphically challenged. Then Microsoft bought it and it became progressively more loaded down with baggage that made it slow and cumbersome. OmniGraffle reminds me of what I loved about the original Visio and it’s even better – a great drawing and graphics tool. I use the Pro version – I know there was a reason for that, but I can’t remember what it was. Oh – and the latest versions can read Visio files too.

OmniOutliner – another great tool from our local software development house (on *this* side of the lake :) . A really good outliner, and everyone’s got times when they need that.

PodWorks – For some inexplicable reason, Apple doesn’t provide a way to transfer songs off an iPod (or iPhone) to a computer. Probably a sop to the content industry. There are lots of tools that make up for that absence. I ended up with PodWorks after a recommendation from Ted Leung, and it’s worked great for me ever since. I wrote once to the developer and got back a very quick response (though he hasn’t implemented the feature I want, which is a true Finder-like file system interface to the iPhone).

Skype – You know about Skype, right? I don’t use it a lot, but it’s good for when you want to have a phone call or video chat with folks that don’t have a Mac and can’t do iChat.

Snap’n'Drag – While there are easy built-in keys for taking PDF screenshots in OS X, I use this handy little program a lot because I can save screenshots to r formats like PNG that I can insert into web pages.

TextMate – If you just want to do some plain-text editing, TextEdit, which comes with the Mac, is ok (and it will also do RTF). But if you need to do any code editing, whether it’s HTML, JavaScript, Python, Ruby, what-have-you, TextMate is what you want.

Transmit – While it’s easy enough to fire up the terminal and use command line sftp, I find myself usually wanting to do secure file transfers in a more Mac-like graphical way, and Transmit is my client of choice for that.

Twitterific – For those of us addictedhabituated to Twitter, Twitterific is a great little client – unobtrusive but reliable. You can pay for the add-free version, but this is one case where I actually find the ads, which come from TheDeck (which bills itself as “the ad network of creative, web, and design culture”) informative and useful.

What am I missing here that you would champion for a new Mac user?

, , , ,

Favorite Mac apps

Published August 15, 2008 Technology Comment

My friend and colleague Lori Stevens is in the process of moving from PC to Mac, and she asked me what apps she should have on her Mac. While there are plenty of lists out there of best Mac apps, here, in no particular order, are some of those I can’t live without:

Of course I use the iLife apps that come with the Mac – iTunes, iChat, iPhoto, iMovie, et al. They’re not professional tools, but they’re really good for us commoners.

Adium – my multiprotocol instant messaging client of choice.

Ecto – my blog posting editor of choice. While each successive release seems to get more feature-full and less easy to use, I haven’t found anything I like better.

Firefox – I mostly use Safari these days, but there are lots of things Firefox does better (like have cool add-ons that can be very useful – but that’s a separate list). Good to have choice!

iWork – I like Keynote better than Powerpoint for presentations (and it allows easy save as PDF). I don’t often need a dedicated word processor other than to read other people’s attachments (and Quick Look usually lets me do that, but it sometimes gets confused by fancy formatting), but Pages seems to work fine. Numbers doesn’t begin to have the power of Excel, though. But it’s rare that I need that, and usually Google Spreadsheets work fine for my purposes.

Logic Express – Everything I need in a digital audio workstation. Really deep. When I start working with it I usually end up staying up wayyyy too late and wishing I didn’t have to work for a living. If you constantly find yourself wishing for features GarageBand doesn’t have, Logic probably has ‘em.

NovaMind – Last year I was heavily into mind mapping for trying to organize my thoughts, and NovaMind was my app of choice for that. This year I haven’t been working that way – I’m not quite sure why.

OmniGraffle – I loved Visio when it was first released – it was a great lightweight graphics tool for those of us who are graphically challenged. Then Microsoft bought it and it became progressively more loaded down with baggage that made it slow and cumbersome. OmniGraffle reminds me of what I loved about the original Visio and it’s even better – a great drawing and graphics tool. I use the Pro version – I know there was a reason for that, but I can’t remember what it was. Oh – and the latest versions can read Visio files too.

OmniOutliner – another great tool from our local software development house (on *this* side of the lake :) . A really good outliner, and everyone’s got times when they need that.

PodWorks – For some inexplicable reason, Apple doesn’t provide a way to transfer songs off an iPod (or iPhone) to a computer. Probably a sop to the content industry. There are lots of tools that make up for that absence. I ended up with PodWorks after a recommendation from Ted Leung, and it’s worked great for me ever since. I wrote once to the developer and got back a very quick response (though he hasn’t implemented the feature I want, which is a true Finder-like file system interface to the iPhone).

Skype – You know about Skype, right? I don’t use it a lot, but it’s good for when you want to have a phone call or video chat with folks that don’t have a Mac and can’t do iChat.

Snap’n'Drag – While there are easy built-in keys for taking PDF screenshots in OS X, I use this handy little program a lot because I can save screenshots to r formats like PNG that I can insert into web pages.

TextMate – If you just want to do some plain-text editing, TextEdit, which comes with the Mac, is ok (and it will also do RTF). But if you need to do any code editing, whether it’s HTML, JavaScript, Python, Ruby, what-have-you, TextMate is what you want.

Transmit – While it’s easy enough to fire up the terminal and use command line sftp, I find myself usually wanting to do secure file transfers in a more Mac-like graphical way, and Transmit is my client of choice for that.

Twitterific – For those of us addictedhabituated to Twitter, Twitterific is a great little client – unobtrusive but reliable. You can pay for the add-free version, but this is one case where I actually find the ads, which come from TheDeck (which bills itself as “the ad network of creative, web, and design culture”) informative and useful.

What am I missing here that you would champion for a new Mac user?

, , , ,

[ICPL 2008} Politics 101: When, Why, and How to Talk to Congress

Published August 13, 2008 Uncategorized Closed
Tags: , ,

Steve Johnson, VP of Gov’t Affairs at Cornell.

Find a hook if you can – hook on to something bigger.

Expected themes in the the next congress and administration: sustainability, the economy, global status of the US, helping the middle class, access/cost of higher education, graduate education, healthcare.

Realities in the next congress – new administration and congress, new and recycled staff (keep your rolodexes and reach out to people), hope springs eternal, state governments will be influential.

Taking stock of factors influencing your approach and audience. Some people will be turned off because what you’re involved in is “political” or by the partisan nature of the debate – don’t fall into the trap of thinking of either party as good or bad. Don’t fall into the excuse of being from a Red State or a Blue State. Think about the politics of your own state. How do you navigate the politics of your university – find your government relations representative.

Your message – what do you propose? Can you get it into a 30 second pitch in an elevator? You want to be able to say your objective in that time. Find your campus communication person – people don’t like jargon – speak English. Who are your allies? Keep your friends close and your enemies closer – make sure you’re talking to the other side – find out what they’re doing, who they’re talking to, where they’re going, what they have to lose. Use what media you can – the campus paper, the small weekly papers – your politicos read those or have someone who does.

What do you propose – frame it. Does it improve competition? We’re going into a down economy – hard to sell spending. Investment for the future, Innovation, Privacy, and Security are good.

Who are your allies? There’s more than Educause. In Higher ed, tbe Big 6: ACE, AAU, NASULGC (they’re in every state), ASCUE, NAICU – figure out where your message goes and get it there – they won’t pass the words on among themselves. Remember that politics is popilist, not elite. Need to reach out broadly. Others: NACUBO, Big Ten, Ivy League, Associationof American Medical Colleges, Educause.

How can you sue media to your advantage? Talk to your campus communications people. Who might oppose your ideas? How can you neutralize them?

It’s a game – you don’t like games? Don’t do it. Focus on your goal, but avoid partisan battles and be flexible. Seek your partners carefully – they can be short term and you’re not wedded to them on every issue. Keep it simple, and whatever you do, don’t make enemies – treat it professionally and collegially – the person you want to kill today might be your biggest ally tomorrow.

Jacqueline Powers – a few simple suggestions.

Being a lobbyist is a lot like being a sales person – you have to sell people on your positions. It’s also like being a journalist – have to know a little about a whole huge range of issues.

Lobbyists depend on experts – and legislators don’t want to hear from lobbyists, but want to hear from constituents and experts.

The most important thing to remember is if you need to contact your legislator professionally contact your university lobbyist before. It might keep you from jeopardizing the University’s priorities and other efforts. Congressional offices are becoming more formal in wanting universities to order their priorities and desires.

In order to lobby effectively there are some simple things you need to know. Don’t wear another university’s t-shirt. Bring a stack of business cards – they’re like an entry card in congressional offices and make it easier for the staffers to remember who you are during the conversation.

Lobbying is all about building relationships – be nice, smile. Do your homework – know who you’re going to see, who their staff is, what they like and dislike, ideologies and hobbies. You don’t want to put your foot in your mouth. You may hate the person’s politics and rhetoric – but he’s got something you need. You most likely won’t be meeting with the legislator, but with staff people – treat them with respect, as they’ll be assessing your message and if they like you they may take it to the legislator – treat them just like they are the person they represent. Start by telling the staff that you want to thank the congress person for… anything. If you can’t think of anything, thank them for their strong support of higher education (even if it’s somewhat of an exaggeration). Keep in mind you’ll only get 15-20 minutes with a staffer – so know what you want to say and say it succinctly in plain English – no jargon, no acronyms. Don’t assume they know the issues. Chances are the staffer will be under 25 years old and in the job less than six months – you always have to teach and train the new people all over again. They’re rarely experts in anything other than the care and feeding of their politician.

If you’re looking for congressional support, you have to state the positive practical outcomes in broad terms, so don’t be afraid to engage in some hyperbole and point to impacts and societal benefits.

Make sure you bring along a handout explaining in one page your project – because five minutes after you’re out the door that person won’t recall your name or what you were talking about. Simple answers to simple questions. Headings like: What is the problem? What have colleges and universities done already? What should Congress do? etc. Like a little tutorial. Here’s an example from Cornell.

Sincerely thank them for their time, and remind them to call or email with questions. Send an email follow-up with another thanks and contact info.

John Vaughn

When we’re at our best, many universities are saying the same thing. AAU is a Presidential association, but the most active are the governmental relations people, who meet monthly in DC to coordinate activities, which is really helpful. It’s important to step back from what you want to say and think about who you’re talking to and figure out how to express it in ways that help society, and help the person you’re talking to. We’re public purpose institutions that do good things for society, so if we can convey how particular efforts will benefit people in that congressperson’s district, state, and this county, our message will come across. Politics is very often the art of compromise – important to determine when we can compromise and when we can’t. Often when we have a clear objective we’re working against someone else’s objective – the best outcome is frequently a compromise. There are some issues where we can’t accept compromise – it’s important to understand which those are. Getting the involvement of presidents and chancellors is critical on those issues – they’re the best salespeople. Members of Congress know rank – and they have good contacts with the presidents and chancellors.

Every constituency on your campus has an association in Washington. On research issues AAU works with NASULGC and AAMC. On intellectual property issues they work with ARL, Educause on IT issues.

Two points on P2P that he might disagree with Gigi’s talk from last night – he thinks the outcome language in the final bill is not anywhere near as bad as the original Reid ammendment because it doesn’t authorize the Dept of Education to be an agent of the entertainment industry, which would’ve been unacceptable. The outcome does indeed stink – the federal government should not be getting involved in this. The Higher Education Act is over 1100 pages long. There were a number of fundamentally unacceptable provisions in it early on – federalizing accreditation, control of teacher education curricula, tuition price controls, etc. P2P got more attention (thanks to Educause) than it otherwise would’ve, but there are other issues for higher ed that are important too. Having connections across Washington higher ed associations allow us to work the issues pretty well.

In response to a question, John notes that in many disciplines faculty have more connection with their disciplinary societies on national issues than they do with their university, and the relationship between the national higher-ed institutions and those disciplinary institutions is important.

In response to a question from Tracy, all three panelists agree that the autonomy of higher education is in danger. John thinks it’s because the public investment in student funding and wanting to monitor results of that investment are driving that. Jackie thinks it’s because of the high cost of access. Steve thinks that it’s the cost issues, the public money, and we’re really not autonomous anyway, if you look at the statutes.

[ICPL 2008} Politics 101: When, Why, and How to Talk to Congress

Published August 13, 2008 Uncategorized Closed
Tags: , ,

Steve Johnson, VP of Gov’t Affairs at Cornell.

Find a hook if you can – hook on to something bigger.

Expected themes in the the next congress and administration: sustainability, the economy, global status of the US, helping the middle class, access/cost of higher education, graduate education, healthcare.

Realities in the next congress – new administration and congress, new and recycled staff (keep your rolodexes and reach out to people), hope springs eternal, state governments will be influential.

Taking stock of factors influencing your approach and audience. Some people will be turned off because what you’re involved in is “political” or by the partisan nature of the debate – don’t fall into the trap of thinking of either party as good or bad. Don’t fall into the excuse of being from a Red State or a Blue State. Think about the politics of your own state. How do you navigate the politics of your university – find your government relations representative.

Your message – what do you propose? Can you get it into a 30 second pitch in an elevator? You want to be able to say your objective in that time. Find your campus communication person – people don’t like jargon – speak English. Who are your allies? Keep your friends close and your enemies closer – make sure you’re talking to the other side – find out what they’re doing, who they’re talking to, where they’re going, what they have to lose. Use what media you can – the campus paper, the small weekly papers – your politicos read those or have someone who does.

What do you propose – frame it. Does it improve competition? We’re going into a down economy – hard to sell spending. Investment for the future, Innovation, Privacy, and Security are good.

Who are your allies? There’s more than Educause. In Higher ed, tbe Big 6: ACE, AAU, NASULGC (they’re in every state), ASCUE, NAICU – figure out where your message goes and get it there – they won’t pass the words on among themselves. Remember that politics is popilist, not elite. Need to reach out broadly. Others: NACUBO, Big Ten, Ivy League, Associationof American Medical Colleges, Educause.

How can you sue media to your advantage? Talk to your campus communications people. Who might oppose your ideas? How can you neutralize them?

It’s a game – you don’t like games? Don’t do it. Focus on your goal, but avoid partisan battles and be flexible. Seek your partners carefully – they can be short term and you’re not wedded to them on every issue. Keep it simple, and whatever you do, don’t make enemies – treat it professionally and collegially – the person you want to kill today might be your biggest ally tomorrow.

Jacqueline Powers – a few simple suggestions.

Being a lobbyist is a lot like being a sales person – you have to sell people on your positions. It’s also like being a journalist – have to know a little about a whole huge range of issues.

Lobbyists depend on experts – and legislators don’t want to hear from lobbyists, but want to hear from constituents and experts.

The most important thing to remember is if you need to contact your legislator professionally contact your university lobbyist before. It might keep you from jeopardizing the University’s priorities and other efforts. Congressional offices are becoming more formal in wanting universities to order their priorities and desires.

In order to lobby effectively there are some simple things you need to know. Don’t wear another university’s t-shirt. Bring a stack of business cards – they’re like an entry card in congressional offices and make it easier for the staffers to remember who you are during the conversation.

Lobbying is all about building relationships – be nice, smile. Do your homework – know who you’re going to see, who their staff is, what they like and dislike, ideologies and hobbies. You don’t want to put your foot in your mouth. You may hate the person’s politics and rhetoric – but he’s got something you need. You most likely won’t be meeting with the legislator, but with staff people – treat them with respect, as they’ll be assessing your message and if they like you they may take it to the legislator – treat them just like they are the person they represent. Start by telling the staff that you want to thank the congress person for… anything. If you can’t think of anything, thank them for their strong support of higher education (even if it’s somewhat of an exaggeration). Keep in mind you’ll only get 15-20 minutes with a staffer – so know what you want to say and say it succinctly in plain English – no jargon, no acronyms. Don’t assume they know the issues. Chances are the staffer will be under 25 years old and in the job less than six months – you always have to teach and train the new people all over again. They’re rarely experts in anything other than the care and feeding of their politician.

If you’re looking for congressional support, you have to state the positive practical outcomes in broad terms, so don’t be afraid to engage in some hyperbole and point to impacts and societal benefits.

Make sure you bring along a handout explaining in one page your project – because five minutes after you’re out the door that person won’t recall your name or what you were talking about. Simple answers to simple questions. Headings like: What is the problem? What have colleges and universities done already? What should Congress do? etc. Like a little tutorial. Here’s an example from Cornell.

Sincerely thank them for their time, and remind them to call or email with questions. Send an email follow-up with another thanks and contact info.

John Vaughn

When we’re at our best, many universities are saying the same thing. AAU is a Presidential association, but the most active are the governmental relations people, who meet monthly in DC to coordinate activities, which is really helpful. It’s important to step back from what you want to say and think about who you’re talking to and figure out how to express it in ways that help society, and help the person you’re talking to. We’re public purpose institutions that do good things for society, so if we can convey how particular efforts will benefit people in that congressperson’s district, state, and this county, our message will come across. Politics is very often the art of compromise – important to determine when we can compromise and when we can’t. Often when we have a clear objective we’re working against someone else’s objective – the best outcome is frequently a compromise. There are some issues where we can’t accept compromise – it’s important to understand which those are. Getting the involvement of presidents and chancellors is critical on those issues – they’re the best salespeople. Members of Congress know rank – and they have good contacts with the presidents and chancellors.

Every constituency on your campus has an association in Washington. On research issues AAU works with NASULGC and AAMC. On intellectual property issues they work with ARL, Educause on IT issues.

Two points on P2P that he might disagree with Gigi’s talk from last night – he thinks the outcome language in the final bill is not anywhere near as bad as the original Reid ammendment because it doesn’t authorize the Dept of Education to be an agent of the entertainment industry, which would’ve been unacceptable. The outcome does indeed stink – the federal government should not be getting involved in this. The Higher Education Act is over 1100 pages long. There were a number of fundamentally unacceptable provisions in it early on – federalizing accreditation, control of teacher education curricula, tuition price controls, etc. P2P got more attention (thanks to Educause) than it otherwise would’ve, but there are other issues for higher ed that are important too. Having connections across Washington higher ed associations allow us to work the issues pretty well.

In response to a question, John notes that in many disciplines faculty have more connection with their disciplinary societies on national issues than they do with their university, and the relationship between the national higher-ed institutions and those disciplinary institutions is important.

In response to a question from Tracy, all three panelists agree that the autonomy of higher education is in danger. John thinks it’s because the public investment in student funding and wanting to monitor results of that investment are driving that. Jackie thinks it’s because of the high cost of access. Steve thinks that it’s the cost issues, the public money, and we’re really not autonomous anyway, if you look at the statutes.

[ICPL 2008] Outsourcing E-Mail: Technology and Policy

Published August 12, 2008 Technology Closed
Tags: , , ,

Our panel on email went very well. I didn’t take complete notes, as I was on the panel, but here’s what I got:

The panel started with John Calkins, Assistant General Counsel from Northwestern, where they’ve implemented Google for students. A good quote: “Free is just one point on a spectrum between they pay us to we pay them.”

For FERPA they’re thinking that student email residing in a student account is not a record maintained by the University, and therefore would not be covered by FERPA. They also got Google to agree that any record that would be subject to FERPA at the university would be treated as such by Google. They hear that Google is not necessarily willing to agree to that now.

By and large their view is that the arrangement is between Google and the individual student (or alum), not between the university and the student.

90% of their recent graduating class elected to keep their google account with advertising as alumni.

Asbed Bedrossian from USC, which has also implemented Google for students, talked next. Another good quote: “We in the IT department are the transmission fluid in making things run smoothly.”

They use Shibboleth for allowing people to sign in to Google applications on the web with their USC NetID and password. They give people a different password for use if they want to use a non-web IMAP client to access email. (I need to ask Asbed about what they use for Google Talk access with non-web clients).

66% of people who create accounts forward their USC email address to Google. His theory on the rest is that they just want to use the other collaboration apps.

They haven’t had a lot of support issues, but people did start calling their help desk during the recent Google outage.

They use ga.usc.edu for their third level domain name.

They’re not migrating mail from existing USC accounts to Google – that turned out to not be a big deal to students at all and they’ve only had a couple of requests for it.

Another good quote: “Doing things is easy – thinking is hard.”

My slides from my part of the panel are here.

[ICPL 2008] Gigi Sohn from Public Knowledge

Published August 12, 2008 Politics , Technology Closed
Tags: , , ,

Gigi Sohn from Public Knowledge was our after-dinner speaker. Gigi talked about the file-sharing provisions in the recently passed Higher Education Reauthorization Act and how the work that the higher-ed community did last year to get those provisions struck from the original bill language didn’t hold up when the language reappeared in a subsequent version. She contrasted that with the success of the copyright-reform community in getting the FCC to censure Comcast for interfering with the use of BitTorrent by their customers.

Gigi noted several differences in the two efforts and came up with some recommendations for future efforts in organizing activity around legislative policy efforts, including keeping constant pressure on telling the story to mainstream media, mobilizing the grass roots, enlisting allies from the commercial sector, and more (wish I had had a note pad with me at dinner).

Gigi also proposed forming a task force of university presidents to work on national IT policy issues for higher education. Sounds like a very timely idea to me. It was a great talk that left me energized about poliy issues for the first time in a long while.

[ICPL 2008] Self-Snooping – monitoring your networks

Published August 12, 2008 Technology Closed
Tags: , ,

H. Morrow Long is an Info security guy from Yale.

Have decided not to scan for sensitive data on the network, but do scan for computers looking for sensitive info.

Had two major data incidents.

Had a large federal contracts investigation, and one large data breach.

Now scan administrative desktops, and require all faculty and staff to scan data on their machines, including laptops. Using IdentityFinder on WIndows, and some open source stuff on MacOS and Linux. Have evaluated several enterprise products: Tablus, Vontu.

Spent first half of 2006 doing data breach planning, which led them to realize that they had to have a data classification program. They have an agreement with the Yale Police to report to them every stolen laptop – started to see more stolen laptops. In beginning of 2007 began a program to do PGP whole disk encryption. In July of 2007 two laptops stolen from Dean’s Office – they had backups, which they scanned for sensitive data (Cornell Spider, Texas SENF program, Va Tech’s

python program). They found 5,000 SSNs on each PC’s backup.

“The plan is fine until the shooting starts” – Patton.

Once you know what’s been lost, then you have to act on it. Criteria for scanning compromised computers – reasonable belief that data may have been exposed – evidence that somebody was on the computer for a length of time, or there’s evidence of data transfer, or if there’s belief that there may have been confidential data on the machine – don’t do scans for every time there’s a virus.

Yale complted an SSN elimination project in 2005 – so why were SSN’s on those stolen machines? Course and student lists in email and spreadsheets which were old and not needed. Discovered that almost everybody had at least one SSN on their machine – their own.

Thief stayed behind in office – stole two laptops. Police caught him the next night, but didn’t recover the laptops. Computers were likely stolen for quick sale, not data. Laptops had BIOS and OS passwords, and 1 had disk interlock password. But Connecticut law requires notification. Learned later that notification is really only required if there’s a name associated with the SSN.

Set up a call center for help, staffed by people in the Dean’s office. Crafted a communications plan, with several letters targeted at different people. Immediately encrypted all the laptops in the Dean’s Office iwth PGP Whole Disk Encryption.

One alum claimed ID theft and contacted the AG and the media. THe AG wanted to know why Yale did not offer credit protection plan. Hired ID Analytics to check the SSN #s for probability of compromise.

They created tools for scanning (Windows only at first), and got the General Counsel to send out letters to specified staff lettint them know that their machines were going to be scanned. Getting users to remediate data is the hard part – confusion, false positives, etc.

Policy for files with SSNs: 1. Remove 2. Move 3. De-identify 4. Encrypt

They use their training management system to record whether people have completed and remediated from their scans.

David Escalanted – Director of Security, Boston College

March 2005 – major data breach that required 100k + letters to alumni.

Realized that users don’t seem to mind people looking at their email for viruses and spam, so should be able to scan for PII. They also started collecting netflow data and Snort IDS. PII finder (Fidelis) “catches stupid people”, not hackers. They didn’t notify the community that they’re running these tools – if it’s legit to look for bad stuff coming in, they figure it’s legit to look for it going out. What happens to offenders? For PII, a VP or Dean is frequently involved.

When the White House invited the hockey team to visit, they wanted a list of all the visitors with their SSN #s. Emailed. They caught that going over the wire.

Encryption kills scanning on the wire.

Shirley Payne is the Directory of IT Security and Policy at the University of Virginia

Considerations for general policy decisions: Consistency with existing policies and norms (especially the physical world ones); compliance with or in consideration of laws.

UVa is sort of the opposite of BU: Not generally monitoring content, blocking websites, or scanning devices without permission. There are, of course some exceptions, like traffic monitoring for virus/worms signatures, etc.

subscribe

xml

Pages

Latest tweets

interesting links

What I’m listening to

August 2008
M T W T F S S
« Jul   Sep »
 123
45678910
11121314151617
18192021222324
25262728293031
Follow

Get every new post delivered to your Inbox.