CSG – Data Management & Governance at Berkeley Shel Waggener – CIO/AVC IT UC Berkeley.

Slides:



Advertisements
Similar presentations
Presented by Nikita Shah 5th IT ( )
Advertisements

UCSF Enterprise IT Consolidation
Security Education and Awareness Workshop January 15-16, 2004 Baltimore, MD.
Inter-Agency Child Protection
Institutional Insurance: Creating a Comprehensive Campus-wide IT Security Risk Management Program Brian Davis IT Security & Policy Office of Information.
May 16, 2014 Analytics Short Discussion. ECAR Analytics Maturity Index Source: ECAR Analytics Maturity Index, 2012.
Summer IAVA1 NATIONAL INFORMATION ASSURANCE TRAINING STANDARD FOR SYSTEM ADMINISTRATORS (SA) Minimum.
1 INTERNAL CONTROLS A PRACTICAL GUIDE TO HELP ENSURE FINANCIAL INTEGRITY.
Connecting People With Information DoD Net-Centric Services Strategy Frank Petroski October 31, 2006.
August 9, 2005 UCCSC IT Security at the University of California A New Initiative Jacqueline Craig. Director of Policy Information Resources and.
Data Management Awareness January 23, University of Michigan Administrative Information Services Data Management Awareness Unit Liaisons January.
Cybersecurity Summit 2004 Andrea Norris Deputy Chief Information Officer/ Director of Division of Information Systems.
Innovative Instruction Transformation Team Jeffrey Bartkovich, Monroe Community College Kim Scalzo, SUNY Center for Professional Development Carey Hatch,
Computer Security: Principles and Practice
Stephen S. Yau CSE , Fall Security Strategies.
Network and Systems Security Security Awareness, Risk Management, Policies and Network Architecture.
Affiliated Information Security Collaborative An Affiliated Enterprise Approach to Information Security Deans and Vice Presidents Meeting April 17, 2014.
Network security policy: best practices
Presented by INTRUSION DETECTION SYSYTEM. CONTENT Basically this presentation contains, What is TripWire? How does TripWire work? Where is TripWire used?
Website Hardening HUIT IT Security | Sep
DATA GOVERNANCE: Managing Access Jeremy Singer Suneetha Vaitheswaran.
April 2, 2013 Longitudinal Data system Governance: Status Report Alan Phillips Deputy Director, Fiscal Affairs, Budgeting and IT Illinois Board of Higher.
XML Registry and Repository for the Education Community Holly Hyland, Federal Student Aid.
Thomas Hacker Barb Fossum Matthew Lawrence Open Science Grid May 19, 2011.
Re-organizing Information Technology University at Buffalo.
Information Security Issues at Casinos and eGaming
Module 3 Develop the Plan Planning for Emergencies – For Small Business –
Security Policies Jim Stracka The Problem Today.
What if you suspect a security incident or software vulnerability? What if you suspect a security incident at your site? DON’T PANIC Immediately inform:
University of Nevada, Reno Data-Driven Organization Governance 1 Governing a data-driven organization (4/24/2014)  Define governance within organizations.
© 2001 Carnegie Mellon University S8A-1 OCTAVE SM Process 8 Develop Protection Strategy Workshop A: Protection Strategy Development Software Engineering.
1 CISCO SAFE: VALIDATED SECURITY REFERENCE ARCHITECTURE What It Is Business Transformation Top Questions To Ask To Initiate The Sale Where It Fits KEY.
What if you suspect a security incident or software vulnerability? What if you suspect a security incident at your site? DON’T PANIC Immediately inform:
Network and Systems Security Security Awareness, Risk Management, Policies and Network Architecture.
Chapter © 2009 Pearson Education, Inc. Publishing as Prentice Hall.
Certification and Accreditation CS Phase-1: Definition Atif Sultanuddin Raja Chawat Raja Chawat.
Getting Started Conservation Coaches Network New Coach Training.
Project Administration Chapter-4. Project Administration Project Administration is the process which involves different kinds of activities of managing.
Enterprise Architecture, Enterprise Data Management, and Data Standardization Efforts at the U.S. Department of Education May 2006 Joe Rose, Chief Architect.
Russ Hobby Program Manager Internet2 Cyberinfrastructure Architect UC Davis.
E.Soundararajan R.Baskaran & M.Sai Baba Indira Gandhi Centre for Atomic Research, Kalpakkam.
EPA Geospatial Segment United States Environmental Protection Agency Office of Environmental Information Enterprise Architecture Program Segment Architecture.
ONC’s Proposed Strategy on Governance for the Nationwide Health Information Network Following Public Comments on RFI HIT Standards Committee Meeting September.
The Impact of Evolving IT Security Concerns On Cornell Information Technology Policy.
Enterprise Content Management: Building a Collaborative Framework 32 nd Meeting of the Section of International Organizations, International Council on.
Converting Policy to Reality Designing an IT Security Program for Your Campus 2 nd Annual Conference on Technology and Standards May 3, 2005 Jacqueline.
INTRUSION DETECTION SYSYTEM. CONTENT Basically this presentation contains, What is TripWire? How does TripWire work? Where is TripWire used? Tripwire.
Networked Systems Survivability CERT ® Coordination Center Software Engineering Institute Carnegie Mellon University Pittsburgh, PA © 2002 Carnegie.
Develop your Legal Practice using “Cloud” applications, but … Make sure your data is safe! Tuesday 17 November 2015 The Law Society, London Allan Carton,
Evaluate Phase Pertemuan Matakuliah: A0774/Information Technology Capital Budgeting Tahun: 2009.
Research Data Management: University of Edinburgh Roadmap Jeff Haywood Vice Principal, CIO & Librarian Professor of Education & Technology University of.
1 Overview of Economic Statistics in Africa UNECA Andry Andriantseheno Regional Workshop on Basic Economic Statistics Addis-Ababa October 2007.
Chapter © 2012 Pearson Education, Inc. Publishing as Prentice Hall.
Information Resource Stewardship A suggested approach for managing the critical information assets of the organization.
HIPAA Compliance Case Study: Establishing and Implementing a Program to Audit HIPAA Compliance Drew Hunt Network Security Analyst Valley Medical Center.
BYOD: An IT Security Perspective. What is BYOD? Bring your own device - refers to the policy of permitting employees to bring personally owned mobile.
Organization and Implementation of a National Regulatory Program for the Control of Radiation Sources Program Performance Criteria.
REPORTING AT THE UNIVERSITY OF CHICAGO AUGUST 20, 2010.
Chapter 15 Telecommunication Department Management.
Computer Security: Principles and Practice First Edition by William Stallings and Lawrie Brown Lecture slides by Lawrie Brown Chapter 17 – IT Security.
April 23, A shared commitment to provide the most effective education to all students so they live successful lives. We envision using technology.
Data Management Program Introduction
Updating the Value Proposition:
Data and database administration
IT Governance at the SCO
TRIP WIRE INTRUSION DETECTION SYSYTEM Presented by.
Drew Hunt Network Security Analyst Valley Medical Center
Agenda Purpose for Project Goals & Objectives Project Process & Status Common Themes Outcomes & Deliverables Next steps.
Technology Department Annual Update
Knowledge Management Strategies to Improve Business Performance
Presentation transcript:

CSG – Data Management & Governance at Berkeley Shel Waggener – CIO/AVC IT UC Berkeley

Common Data Management Challenges Data is replicated over and over again, modified and fragmented by the many independent systems and the organizations who manage them. Security weaknesses exist as a result of both the spread of the data and the vast number of varying architectures used to collect, distribute, and manage the data. The administrative and academic units that manage duplicated data (or create duplication for the purpose of local management) all assert some level of ownership to each data element, often overlapping. Considerable and overlapping investments continue to be made across campus silos with technologies and staff time for both functional and technical groups to maintain this “spaghetti architecture” of legacy, current, and emerging technologies. This represents a divergent strategy at a time where, more than ever, the campus needs greater visibility, accessibility to, and sharing of data within and across silos to make better decisions and work together as a campus. The opportunity here is not only for administrative data, but also for scholarly information not only for structured, but also for unstructured data.

Berkeley Data Services Four groups in support of Institutional and Scholarly Data: Data Repository Management: Supports data modeling, data warehousing, data repositories, data integration, collections and archives/media vault. Collaboration, Presentation, Analysis: Supports tools for data capture and collection, user interface tools for reporting, decision support, visualization and collaboration. Data Architecture: Facilitates the definition of architectural standards for campus Information Services and coordinates architectural planning with the CIO Office’s Architecture group. Social Sciences Computing Laboratory: Operates instructional facilities and consultative services for academic use. Operates environments to provide on-line access to large-scale collections of quantitative, structured, or image-type data. Provides specialized research services, including custom application for data collection and data management for the collection and processing of survey-type data.

Source: NSF Atkins Report on Cyberinfrastructure NSF Cyberinfrastructure View Scholarly Data

Source: NSF Atkins Report on Cyberinfrastructure NSF Cyberinfrastructure View Scholarly Data

Case Study - Decision making UC Berkeley Enterprise Data Warehouse Opportunity analysis and conceptual EDW Architecture study performed over the last 30 months. From the inception, it was universally recognized that the core decision making structures and processes necessary to support prioritization and commitment beyond existing data was absent at a campus level. We have not made progress in developing an implementation plan for the EDW beyond tactical enhancements. This has contributed to parallel implementation efforts and investments with separate data warehouses and reporting systems (and tools) for use across the same university community. The issues involved are complex, however, inadequate decision making and the pace of that decision making equates to missed opportunities and greater risk. Enterprise Data Warehousing and reporting are disconnected from other major campus initiatives.

Case Study – Policy and Compliance UC Berkeley Requests for data across organizational boundaries are increasing dramatically. However, we have not adequately invested in the tools, infrastructure, processes or people needed to make the data safely available The data itself may be sensitive, with “ownership” or stewardship issues associated with it. While we have no perceived shortage of policies and regulations …we do lack a compliance program to measure how effectively the policies are Compliance is “best effort” approach rather than a systematic program

UCB Data Management Governance Status New “Campus Technology Council” assembled and general IT Governance processes in development Campus “Data Stewardship Council” exists as an advisory body 2007 target to establish a formal Data Management Governance strategy, moving beyond advisory and into an operational mode with decision making abilities Proposals under consideration, including…

UCB - DM Governance Structure Proposal

A Use Case – Restricted Data Data Management for Restricted, Sensitive or Personally Identifiable Information IS different. Stolen laptop with no encryption constant problem Security Breach of Sensitive Data is big $$$$$ loss Most of the centrally managed data is the greatest target but best protected. Most of the distributed data is smaller target but much easier to get to Berkeley is trying a carrot with stick approach

What We Provide Simply tell us where the PII is and we… Add rules to all the scanning tools to monitor your server Setup 7x24 response procedures for notification any identified issues Application scan for vulnerabilities against all registered apps Provide augmented security training to administrators of those departments Provide security tools and licenses at no costs

What We Do if You DON’T tell us Possible approaches… Once identified, give you 72 hours to get the system registered before we block traffic Once blocked, require training and penetration testing before allowed back on the network.

Validation Thank you for using the Restricted Data Management (RDM) system at ! We appreciate your efforts to safeguard restricted university information assets by letting us know about your data systems and the machines that host them. You are receiving this because you have logged in to RDM, or have been set up as a user of the system by another member of your department. We want to follow-up with all users of RDM and find out if you have experienced any difficulty or need further information/assistance. Please reply to this with any questions or comments about RDM, or if you would like to arrange an in-person meeting with us to demonstrate RDM. To ensure that your systems are being protected by SNS, please make sure that you complete the following steps: 1) Add you systems to RDM and check appropriate data elements (if you aren't sure about any elements, just skip them for now as you can always update this information later). 2) Let us know where the data is stored -- a local machine in your department or an IST supported service. 3) For local machines, please BE SURE TO INCLUDE AN IP ADDRESS. This is critical to the SNS monitoring systems and will result in a higher level of SNS services for your host machine. 4) Register a security plan for your system Thanks again and please contact us with any additional comments or concerns.

Additional materials Refer to UCB CIO’s Data Management Governance Proposal 2007 UCB EDW Process Architecture Presentation 2006 UCB EDW Process Architecture Report 2006

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.