Friday, 17 October 2014

Anonymous hack, or do they?

Yesterday I took part in some training for University Incident Managers in how to handle the media if you're in the middle of an incident. I'm one of about 10 people who are trained to handle a University major incident, and although we wouldn't expect to be key spokespeople, we might be expected to give some sort of interview, and there's always the chance we could be "doorstepped".

Although the day was fun, and we had lots of laughs in our small group of 5, it was also very scary, mainly because it was so realistic! It was run by two professional broadcast journalists, and we had to take part in interviews which were recorded and then played back and pulled apart. It didn't help that the "incident" was an IT security one, so I got very special treatment!  First up we were given a briefing that there were reports that "Anonymous" had hacked our system and published lots of data - usernames and passwords, sensitive research information, credit card details - anything you could think of that you wouldn't want published. With only a small amount of information we had to do a TV interview where we were asked very probing questions.  We all did it and it was then played back and we analysed how we'd all done. As the IT Director, to the opening question 'this is a very worrying situation isn't it?", I answered "Yes, it is a very worrying situation". Of course it would have been for me (in real life I would have been considering whether to resign or not....), but it was completely the wrong answer. I'm pleased to say I recovered eventually. After lots of discussion we did two more interviews - a "down the line" one, where you are in one studio and the interviewer is somewhere else. And a simulated live radio interview on BBC Figve live with a very aggressive presenter which was really tough. My opening question was "are you going to resign?"

Of course, the scenario eventually played out to reveal that there had been no major security breach, and that what had happened was that a departmental site developed by an academic, outside of our central systems had been compromised. There had been a data breach, but it had been contained and our central systems had remained secure. Totally fictitious of course...
An excellent day, and I do feel better prepared to face the media. As long as I can remember to slow down, and not say "Absolutely"

Thursday, 16 October 2014

You're fired....

First thing we did this week was have a review meeting of how we had handled the major incident last week when we lost our network connection. We do this after all of our incidents, looking at what we did well, and where we can learn and improve things. Although this wasn't actually our issue, we did review how we communicated internally and externally, and whether there were any measures we could put in pace to mitigate against the effect of any similar incidents in the future. We identified several things which we'll be putting into effect over the coming weeks.

I went with an Assistant Director on a visit to  Newcastle University on Tuesday to look at how they handle IT Support in their Faculties. They are a very similar University to us, and it was good to see how they do it, and what we can learn from them.

Yesterday I spent some time in a workshop looking at equality and diversity issues - if you're a long time reader of this blog you'll know I've been a member of the University Equality and Diversity Board for some time, and have been working for the last couple of years on objectives for the University. I firmly believe that diversity is extremely important, and its not just about box ticking and achieving targets - it's about embedding the culture in everything we do.  We discussed so much yesterday - including what is the education rationale for diversity? Why should we do it? Will it make a difference to our students and staff?  How can we recruit staff differently to ensure that we appoint from a diverse pool - something that I fear we don't do well at the moment for staff on grades one to five. there was lots of energy in the discussion, lots of ideas, and lots of things to take forward. For me, one of the key rationales for diversity, is that a diverse team is more creative, solves problems quicker, gets the right answers and is much more successful. You've only got to watch The Apprentice to see what happens when you put a group of similar people into a team....

Friday, 10 October 2014

Incidents are like buses.....

...they all come at once. Problem early Tuesday morning, then the major network incident on Tuesday - which we found out the primary cause of:

That's the reason we are so nervous of any building work around our campus!

Then today we woke up to discover we had no incoming or outgoing phone lines! Our supplier had suffered a major power outage which was affecting most of Sheffield. So, in early for another incident team meeting.  Not a lot we could do apart from get the message out, although we did make sure our control centre had a couple of working lines. All back on now, but apparently still at risk. Now where have I heard that recently?

In between incident teams, I have managed to get to some other meetings, including our Professional Service executive where we had a great presetnation from our Student sabbatical officers about their priorities for the year. Some really great ones including:
looking at the attainment gap for BME students (very appropriate for our diversity agenda)
looking at different methods of teaching and learning - reimagining education
creating more opportunities for students to take part in sport, especially as part of treatment for stress related illnesses
creating a sustainable campus. Building on initiatives such as Sheffield on a plate, the local fruit and veg market now held in the student union, and the student allotment society. They have ideas for more food growing areas around campus.

Of course we have our own new garden at the back of our offices which this year has yielded potatoes, runner beans, courgettes, tomatoes, peas, herbs and hopefully some pumpkins. Next year we're aiming for much more, including strawberries.

Wednesday, 8 October 2014

A good read...

Welcome to the latest version of our Newsletter - MyCiCSNews.
Download it and read about  engaging your students with new improved MOLE, Sheffield on iTunesU, supporting research and big data, and the review of our student information system.

There's an article on identity and why it is so strategically important to the University, as well as one on our staff creative media suite. Find out about our new, longer, stronger passwords, and things to do with Google groups.

We tell you about work we've been doing in CiCS looking at providing excellent customer service, and there's a timeline of when all of our projects should hit your desktop.

Good bedtime reading :-)

Tuesday, 7 October 2014

You don't know what you got till it's gone...

Interesting day today which really confirmed Cory Doctorow's assertion last night that "everything we do today involves the internet".  You don't know how much you need something till it's gone. At about 1020 this morning we lost our internet connection. Part of a much wider outage affecting all Yorkshire and Humberside Universites, caused by an issue at our ISP. I'm not blaming them at all - things go wrong and as yet we don't know what caused it. There will be a full investigation I am sure, and measures will be put in place to reduce the risk of it happening again. In fact, up until today we have had an excellent service, and none of us can remember an outage like it. But, it really made us realise how dependent on it we are - for everything.

No-one could contact us - our website and all of the services it gives access to was unavailable. We couldn't receive or send email. We had no ourgoing connectivity, so we couldn't see the web. Our library system which is in the cloud was unavailable. And our VLE, which we have just outsourced to make it more resilient, was inaccessible. Oh the irony.

Comms was hard, but Twitter and Facebook were our saviours, as was a message on our Helpdesk phone line telling everyone to look at our status page.

We started seeing it come back about 1400, and it has remained up, but it's probably still at risk till they diagnose the cause. We coped, but there was lots of disruption, especially  for teaching and learning. The thought of the impact if this had happened at a different time of year - confirmation and clearing for example - doesn't bear thinking about.

So thanks to everyone in CiCS who pulled together, for our users who remained calm and understanding, and the Janet engineers who drove  to Leeds to fix it. Hope tomorrow is nice and quiet....

Monday, 6 October 2014

Information doesn't want to be free

Back to work, with only a touch of jet lag. Spent the morning in interviews using an interesting interactive panel discussion between the candidates and stakeholders. Then this afternoon we had a visitor from another University interested in our ideas on organisational change. Always a pleasure talking to visitors, and we learn a lot from each other. Also had the opportunity to show him our Helpdesk operates, which of course he was very impressed with, and around the Information Commons.

This evening I went to a meeting of the Open Rights Group, an organisation set up to protect and promote our rights in this digital age. We were privileged to hear Cory Doctorow, a founder member of ORG and all round good internet guy and sci-fi writer, talk to us about "Information doesn't want to be Free". He covered many topics including  Digital Rights Management, monitoring, copyright and how important free and universal access to the internet is. Always interesting and entertaining, sometimes scary.

He suggested that everything we do today involves the internet. Everything we do in the future will require the internet. It is the nervous system of the 21st century. He explained how DRM does not stop people making copies of work (as he put it, most DRM systems can be broken by a bored Norwegian teenager in an afternoon), but they do make it very difficult to get your content back from a publisher as you lose all negotiating rights. Interesting case in the news at the moment illustrating this between Hatchette and Amazon.

He also talked about competition between indie channels and the big publishers, and the laws preventing you revealing flaws in software and devices, because they could lead to DRM being compromised. I was pleased he covered our own awful Digital economy Act, ruched through in the "wash up" before the last parliament was dissolved which gives the potential for a whole family's access to the internet to be removed if someone in their household has infringed copyright. Or as he put it - we can take away a family's access to free speech, information and public services just because someone has entertained themselves in the wrong way.

Great talk as always.

Friday, 3 October 2014

EDUCAUSE round up

Final keynote session was from the President of SUNY, (State University of New York) on New Responsibilities for post secondary education in the 21st century.

A call to arms on the importance of higher education and how it has to change to educate more people and educate them better. However, it was very US centric, and I'm not sure the speaker realised that she was speaking to an international audience. Not an inspiring end to the conference, which was a shame because the rest of it has been excellent.

One of the hot topics here was " big data", how do we use the huge amount of data we're collecting all of the time. There was an excellent session on using wireless data which I've posted about, and several about learner analytics and looking at how we can spot students who might be having problems and intervene to help them. One of the best was from Purdue University which was entitled "Putting the I back into CIO", and looked at how we can turn the data we have into useful information. There was a great video to go with the talk, and I'm just waiting for it to go online and I'll post a link to it.

Wearables was another hot topic, and I saw a few pairs of Google glass around, as well as a narrative clip, the wearable camera which takes a picture every 30 seconds. Caused a bit of a Twitter storm when a delegate admitted to wearing one, with some people finding it too intrusive. Others couldn't see why it was a problem, comparing it to tiny cameras on smart phones. Will be interesting to see how things like this and Glass become socially acceptable.

So, that's the end of another great conference. Lots of good sessions. Some mediocre ones but no really bad ones, and lots of contacts made and networks strengthened. Always good to hear what other people are doing, and how they are responding to the challenges we all face. Also made some good contacts with vendors and saw some new, interesting products which we'll be keeping an eye on. Now to work out how to get all the freebies I've collected at the exhibition home....

- Posted using BlogPress from my iPad

Thursday, 2 October 2014

Wearable devices

First session today is about wearable devices. Quick audience poll shows that quite a few of us are wearing a fitness band, there's also two people wearing Google glass.

Wearable devices are the next major technology cycle. Hands free, always connected, environment aware. They can go anywhere on the body, including being tattooed on the skin. On bands, on belts, in jewellery.
Google glass has had most publicity, but very few around.

Some examples of wearable technology:

Meta 3D glasses, true augmented holographic reality glasses available later this year. Wired to a small pocket computer that handles processing.

The connected and monitored body. Wearables are collecting vast range of data related to health, could have huge implications. Our sixth sense is going to be digital.
Some of them being highly designed as fashion statements, such as misfit shine.

Lechal shoes connect to a users smartphone via Bluetooth to ascertain your current location and destination. They vibrate when you need to change direction.

Wearables can also track our brainwaves. Muse is a brain sensing headband. Has six sensors on it and tracks brainwaves which are then sent to a tablet. Analyses how calm or active you are.

Narrative clip life logging camera. Incredibly small, takes a time stamped geotagged photo every 30 seconds. No on/off switch, 2 day battery life

Oculus rift, virtual reality head mounted display, 1920x 1080 resolution. The tethered to a computer, designed as an in expensive gaming device.

Wearables in the learning environment
UC Irvine School of Medicine using Google glass in labs, theatres, emergency rooms.
Other universities using them in architecture classes, journalism courses and other field studies.
Also if you wear them for prolonged periods you collect a lot of feedback on your behaviour

Can use wearable technology in teaching for:
Field trips
Online teaching
Mentors, coaching sessions
Language instruction
Feedback and evaluation
Real,time search and reference
Provide accessibility for visual, auditory and physical
Interactive problem solving games

Types of sensors available currently include:
Acceleration, vibration
Acoustic, ultrasonic
Chemical, gas
Electric, magnetic flow
Force, load
Humidity, moisture
Machine vision
Motion, velocity
Position, presence

Augmented reality, the overlay of information on the world as we see it. History pin project, can use smart phone to see London as it was in 19th century. Will be able to do with Glass, eventually anywhere.

Virtual reality, new forms of sensory experience. Reality cave is a 3D immersive environment.

Wearable challenges:
Biggest one is battery life. Has to improve. Lots of Ashdod solutions currently for Glass, including battery in a head strap.
Social acceptance, Glass prohibited in some areas. Will change as become more available
Fashion and design

Some impact of wearables
Tidal wave of data and images. 10% of all photos ever taken were taken last year.

We share 1.8billion photos daily.
Privacy. What is public, what is private.
Will our technology read us? Analyse our brainwaves and anticipate what we want to do.
User interfaces. In the future, the limiting factor will be us.

- Posted using BlogPress from my iPad

Wednesday, 1 October 2014

Cloud, crowd and outsourcing will eat your lunch

Presentation from Cornell University, Enterprise cloud strategists.

Disruptive changes are happening in IT sourcing.

Cloud computing is the obvious one. We can't compete with it. Commoditisation, scale etc. No brainer. Everyone should be doing it for commodity services.

Crowdsourcing will reshape IT staffing. Gartner have predicted that in 15 years the predominant employment relationship for IT staff will be freelance/contract based. Will have to reach outside of our community for some skill sets.
Cornell have done a crowdsourcing pilot with TopCoder. They have a global, talent pool approaching 1m. It's competition based, and Cornell only pay for the best solution. Projects broken down into very small projects which encourages hyper specialisation. The individual solutions then Integrated by specialist integrators.

Outsourcing is rising. Big companies like Accencture, Capgemini offer packages for outsourcing whole services

Disruptive innovation is accelerating. Time between disruptive innovations is decreasing. Foundations are being shaken everywhere. Digital experiences are replacing people experiences. Uber vs yellow cabs. Airbnb vs hotels. Travelocity vs travel agents.

Cloud vendors have the ability to disrupt us, can go to end users and bypass IT departments. They sell above IT directly to business units, and below IT directly to end users. We are no longer necessarily the providers of services.
We want to wrap our services around cloud, but consumers want to just buy products.

Enterprise IT roles are changing.
Oliver Marks from ZDNet quote. "Cloud companies are cost effectively emancipating enterprises from the tyranny of IT, solving lots of problems with tools that are a pleasure to use."

So, campus goes shopping, but the problems will still be ours! We need to change our relationship with our customers. Bridge the gulf between what our current structure/staffing was built to do and what is required of us in the era of post enterprise IT

We need to be a business asset by becoming the following:
Expert advisor for disruptive change
Navigator of procedural barriers
Innovation hunter
Time to market experts
Bridger of gaps (integration, architecture, security etc)
Value added reseller of cloud services, ie wrap our support etc round cloud services
Be or support an IT VMO (Vendor Management Office)
Refocus ourselves on supporting the core mission of teaching and learning and research. Running IT is not the core mission of the University.

Enterprise IT must become the strategic advisors to our customers and our vendors.

Don't be a mere operational function, a follower in a era of disruption and commoditisation
Be a change leader, a business asset, aligned with the core mission.

- Posted using BlogPress from my iPad

Leadership lessons from US presidents

Keynote today from Doris Kearns Goodwin, Leadership Lessons of History from the American Presidents.

A great speaker and very famous historian researching US presidents. Focusing today on Abraham Lincoln, Theodore Roosevelt, Franklin Roosevelt. Looked at leadership traits and illustrated them with stories and anecdotes.

Some of the traits she illustrated were
The ability to motivate people
Surrounding yourself with people who will question you, strong people who you trust. Take criticisms with grace.
Acknowledge errors and learn from mistakes. Turn failure into success.
Stay loyal to the constituencies you serve
Understand how to relax and recharge your batteries
Speak to your fellows with language and stories that everyone understands and can connect with. Communication is key.

Fascinating talk, she is a great storyteller, and far too much for me to take notes and record all of the stories she told. The talk was recorded and should be available soon if people want to watch.

The conference centre is huge, and so big that the organisers get around on Segways. I want one!

During the breaks between sessions we spend a lot of time in the very large exhibition, I know I've not been round all of it yet. Talked to a lot of vendors, some of whom we know well and are customers of. Some are ones that are new to me, and they also have a lot of start ups here who are really interesting to talk to. I'm also taking the opportunity to to talk to vendors that might be able to help us with some of our current challenges.

- Posted using BlogPress from my iPad

Top Ten IT Issues for 2015

First session today is on the top ten issues for IT as identified by the EDUCAUSE Issues panel, and then voted on by members.

Three trends:
Inflection point, curve of change has moved from thinking to doing.
From technical to business, the IT organisation is moving to much more delivering business value.
The new normal, we still have to deliver day to day services, but all of the challenges still coming at us.

Top 10 issues, by theme
Theme: Pervasiveness and pace of change reaches an inflection point

1. Hiring and retaining qualified staff and updating the knowledge and skills of existing technology staff

6 Increasing the IT organisation's capacity for managing change, despite differing community needs, priorities and abilities

9 Developing an IT architecture that can respond to changing conditions and new opportunities

10 Balancing agility, openness and security

Theme: from Technical to Business. IT's primary focus moves from the back end to the front end.

2 Optimising the use of technology in teaching and learning in collaboration with academic leadership including understanding the appropriate level of technology to use

3 Developing IT funding models that sustain core services, support innovation and facilitate growth

4 Improving student outcomes through an institutional approach that strategically leverages technology

5 Demonstrating the business value of IT and how IT can help the institution achieve its goals

Theme: The New Normal

7 Providing user support in the new normal - mobile, online education, cloud and BYOD environment

8 Developing security policies for mobile, cloud and digital resources that work for most of the institutional community

The second theme interested me the most, and is something I have been pushing for a while. It's the reason we've revised our Service Portfolio to demonstrate the range of services we offer, the value we provide and how we can help the university achieve its goals. Someone commented on it that it showed how much we do that isn't core IT. I think they meant it as a criticism, but I take it as a huge compliment! A mature IT department does so much more than keeping the infrastructure working, which is itself extremely important. Technology is pervasive, and touches every person and every area of our organisation. We need to be heavily involved in strategic initiatives, especially in the key areas of teaching and learning and research. It's all about building partnerships.

Interesting point to come out in the discussion, funding has been on the issues list since it began.....

- Posted using BlogPress from my iPad

Tuesday, 30 September 2014

Crowdsourcing your IT strategy

University of Michigan.
In 2008 massively decentralised. Had 193 desktop support systems, 125 networks, 44 email systems, 102 helpdesks!! Spending a lot on IT. I'm not really surprised.

So, formed central IT department, appointed a CIO. Had to produce a Campus Wide IT strategy. Had to represent the whole University, including all of their campuses which were relatively independent, all departments and units and all major staff and student roles. It had to provide direction, so chose rolling 5 year window, updated annually. Definitely not a wish list of IT projects. Needed a strategic plan that came with a well thought out and sustainable financial road map. Important that it had buy in.

Original process was to have an IT strategy team, interview people, write a document, take it back and socialise it. So, set off and interviewed the deans and senior staff and distilled notes into themes. But, how to get faculty buy in? So, interviewed and had workshops with 20 senior IT staff. Different needs became apparent. So, central IT senior managers developed the themes into strategies. But that didn't work as academics questioned their authority.

So decided to crowd source it. Faculty staff wrote the strategies, IT people, wrote how they would deliver it. Project team became facilitators and coaches. Used Google docs as the tool. The interviewees became the writers. No need to then socialise it because they had written it.

Took and extra year but was worth it. Process of getting the campus to work together was probably worth as much as the strategy. It was endorsed by Deans, academics, senior managers and students.

Now being reviewed and some parts being rewritten, by the faculty staff. Had become part of the culture.

Lessons learned:
The conversation is at least as important as the strategy. Distribute the ownership.
Get non IT people heavily involved in the process. Central IT need to be in the background.
Get it wrong to get it right. Give the community time to have multiple goes at it. Ask lots of questions. It's all about partnership.
Take advantage of collaboration technology. They used Google docs, and built a culture which accepted commenting on and editing other people's work.
Also used Google hangouts a lot.
You need a really good editor. Mustn't look like it was written by a committee, and be concise. Is a tendency to bloat with crowdsourcing. Need a disinterested third party to edit it. Also brought it into one voice and one writing style.
Have a strong champion at a high level.

- Posted using BlogPress from my iPad

From Chief Information Officer to Chief Digital Officer

Speaker 1 from McGraw Hill
How does the CIO shape the future?
Ask ourselves if we are we realising the maximum potential of our technology investment on our campuses.
Over past 15 years we have looked a lot at infrastructure and commodity services. These matter deeply to the organisation, but we we all have limited managerial time and budget. We need to minimise the cost/time on commodity offerings.

Focus on the learning ecosystem. Make it open, accessible and interoperable. How come we can't share identity easily? And we still buy technologies that are walled gardens. What can we do to make open learning ecosystems happen. We need learning content repositories. Open APIs, personalisation.

Become the Chief Digital Learning Evangelist. Influence future pedagogy. Help academic staff engage with TEL. Make sure your governance model takes into account learning outcomes. Moves budgets from administrative computing to teaching and learning. Speak in the language of learning outcomes. Enable disruption.

Speaker 2 from Notre Dame University

We all need to be digital evangelists. The core of everything we're doing is being disrupted by digital:

The classroom. Students bringing devices in, wireless being strengthened. Better collaboration and versatility.

Libraries are collaboration spaces with wireless and power, places to learn socially. Major changes to design.

Creating and managing learning materials. Digital learning materials are being built and delivered.

Enabling digital publishing. Digital publishing needs to carry same weight as traditional ways.

Orchestrating the mobile ecosystem. Students want to do everything on their devices. Not just academic. Whens the next bus, how long is the line in the cafe.

Enhancing campus life for students, whilst the campus is their home, we have to provide the services they want, even if it has detrimental effect on our networks.

Producing and managing video. Being produced at exponential rate, needs storage and curating.

Building new production facilities. Creative media suites for audio, video, editing.

Archiving, curating and preserving digital assets. The digital archive. Opens up data and information for all to use

Supporting research and analytics.

Delivering a demanding fan experience. Build a relationship with community who come to our campuses, no matter who they are. They have to leave with a positive experience.

We need to become evangelists for the next thing in education. We won't be calling it digital for long!

- Posted using BlogPress from my iPad