The IT issues that will dominate 2016
The IT issues that will dominate 2016
By Meris Stansbury, Managing Editor November 2nd, 2015 An EDUCAUSE preview during the organization’s annual conference of the “Top 10 IT Issues of 2016” encompassed what higher education IT departments have known for some time now: It’s time to hold onto your hats, because a hurricane is here. But that doesn’t mean rays of sunlight aren’t off in the distance.
Susan Grajek, vice president of Data, Research, and Analytics for EDUCAUSE said after analyzing the issues IT departments reported for 2016, researchers at the organization determined that there are three main themes:
Divest: IT is transforming the way services are delivered.
Reinvest: New investments are needed for information security, hiring and retention, new technology funding models, and the department’s organizational development.
Differentiate: New strategies are needed to not only enhance functionality, but set the institution apart from others.
“There are also a number of relevant, strategic technologies many IT leaders say will factor into these issues and themes; which include Software-as-a-Service (SaaS) solutions, service desk tools, and cloud management platforms,” she noted. And while EDUCAUSE only sampled 4 of the Top 10 IT Issues from next year’s report, it’s these 4 issues CIO panelists wanted to discuss during the conference.
Issue 1: Having a Wholistic, Agile Approach to Information Security
“The overarching issue here is changing from a technology department to a services department,” explained Curtis Hillegas, associate CIO of Research Computing at Princeton University. “For example, security has to enable research, not hinder it.” One way to do this, said Hillegas, is to stop relying solely on passwords and working within new data security models that provide a secure network infrastructure.
“It’s not to say that passwords shouldn’t be used,” said Jennifer Nowell, national director for State, Local Government & Education at Symantec in an interview with eCampus News. “But think of passwords as level one, with today’s campus needing two or three levels of security protection that can clearly identify when an attack happens via system behavior and where it happens all without compromising ease of use or access.”
“A company like Symantec that works with enterprise business is used to figuring out solutions for these types of information security issues and we have a breadth of solutions…but we’ve never had to implement these solutions and strategies so heavily for higher education like we do today,” she continued. And though a focus on securing borders is still critical, institutions will also need to understand that border security doesn’t mean across the board security, experts emphasized.
“Everyone is using the word ‘breach’ now and there’s a culture of panic around it,” said Patrick Feehan, director of IT Policy and Cybersecurity Compliance for Montgomery College. “But really it should be ‘incident,’ because no matter what protection you have, something will usually occur at some point somewhere in the system. What’s important is to minimize ‘dwell time,’ or how long the hacker is within the system, and that can only happen by integrating a wholistic strategy especially as we move to the cloud.”
Issue 2: Institutional Data Management: Improvement through Standards, Integration, Protection and Governance
Though discussion of this issue was cut short due to time constraints, one way to help provide a wholistic approach to information security (Issue 1) is to help standardize and manage institutional data. “A great step is to understand where your data is, why it’s housed there and who needs access to it,” said Michael Fary, enterprise data architect at the University of Chicago. “A good inventory allows for a good reaction time to an incident; and a data classification scheme (confidential versus public, etc.), where it’s housed and guidelines for its use, also helps target where attacks come from or pinpoints who may have been in breach of protocol."
Issue 3: Enterprise App Integration as Scalable and Constituent-Centered
While management of apps may seem like the biggest concern for enterprise app integration, according to Paige Francis, CIO of Fairfield University and eCampus News stakeholder, managing expectations is the main concern. “Start by looking at what’s available in your own ERP [Enterprise Resource Planning] system and don’t immediately eliminate chunks. At the same time, also be aware that though IT will always be at the table, they will need to let go of pieces of system. But it’s okay!”
For Fary, app integration also ties into Issue 2, since data from the ERP is an institutionally-owned asset, and therefore needs the best possible governance during integration. “Departments can’t have their own codes for the data if it’s going to be scalable and constituent-centered,” he noted. “We need shared governance access to apps across multiple departments, while also ensuring they’re of the best quality possible.”
Issue 4: IT Funding Models that Sustain Core Services, Innovation & Growth
“This is one of the longest running issue within our yearly survey,” said Grajek, “and it doesn’t look like it’s going away any time soon.” For panelists, moving to the cloud and new investments in technology-supported research programs require the biggest shift in funding models from capital to operational, or managing from an as-needed basis to a regular basis.
“It comes down to thinking about the shift from bought-to-operate models that requiring maintenance as-needed to consolidating disparate systems in a private cloud,” said John Suess, vice president of IT and CIO of the University of Maryland, Baltimore County. “We’re giving some funding back since we save on in-house management, but we also need continuous funding for the cloud to operate systems over time. That’s a huge shift from capital to operational."
Hillegas also noted that RI institutions need operational funding models as research today often relies on big data analytics engines and software platforms, which are now moving (if not there already) to the cloud. “Finding an ongoing funding source rather than going on your hands-and-knees to provosts is critical for institutional research today,” he emphasized. “The whole IT culture is moving to this ongoing funding model and it’s the only model that will ensure we get the most research out of our investments, which is one of the best ways to ensure the legacy of an R1 institution.”
“I mean, when you think about, what we need is a business model for funding: operational dollars handled by an expert in finance, not dollars doled out by those with a background in higher education,” concluded Francis.
Rays of Hope
Even though the issues listed by panelists and the EDUCAUSE report seem daunting, IT leaders were quick to say that many of the shifts in security, funding, and operational management have the potential to provide positive outcomes. For example, Fary said there is a renewed energy in the value of data in higher education, and Hillegas noted that research computing has broadened to social sciences and the humanities thanks to new funding models.
“Overall there is stronger technology adoption by faculty, who are also coming to IT for help, which never happened before,” exclaimed Francis. “Also, we used to have to beg for basic technologies like a wireless overhaul and provide extensive justification—spending two million on something so un-sexy-sounding wasn’t easy! But now the higher-ups get it, and not only do we not have to beg for what we really need, we can get what we really need for about a tenth of what it used to cost just a couple of years ago.”
Riding on Francis’ comment, Feehan said that quicker buy-in for IT initiatives is helpful, and it’s mostly due to campus awareness campaigns. “We’ve launched a number of successful awareness campaigns so that we don’t have to fight as hard for resources and get less pushback from users on issues like security. We couldn’t be more grateful to these campaigns and to the community for their support.”