SECURITY & THE UNIVERSITY INCLUDING A HOSPITAL October 3, 2008 Doyle Friskney Chief Technology Officer University of Kentucky.

Slides:

Advertisements

Similar presentations

Network Systems Sales LLC

Advertisements

Information Resources In Transition… Adding Value… Making a Difference University of Scranton – IT Forum February 14, 2013.

CS898T Mobile and Wireless Network Handheld Device Security By Yuan Chen July 25 th, 2005.

Doug Couto Information Systems and Technology Committee (ABJ50) Washington, DC January 25, 2011.

Voice over the Internet Protocol (VoIP) Technologies… How to Select a Videoconferencing System for Your Agency Based on the Work of Watzlaf, V.M., Fahima,

CAMP Med Building a Health Information Infrastructure to Support HIPAA Rick Konopacki, MSBME HIPAA Security Coordinator University of Wisconsin-Madison.

With Microsoft ® Enrolment for Education solutions Be the school of tomorrow, today.

Enterprise CAL Overview. Different Types of CALs Standard CAL base A component Standard CAL is a base CAL that provides access rights to basic features.

The Cable Guys Inc. Drew Leach Tom McLoughlin Philip Mauldin Bill Smith.

A Technical Overview of Microsoft Forefront Client Security (FCS) Howard Chow Microsoft MVP.

Network and Server Basics. 6/1/20152 Learning Objectives After viewing this presentation, you will be able to: Understand the benefits of a client/server.

Government Technology Bay Area Technology Forum November 5, 2009 Presented By: Jon Fullinwider Director, Local Government Citrix Systems, Inc. Presented.

August 9, 2005 UCCSC IT Security at the University of California A New Initiative Jacqueline Craig. Director of Policy Information Resources and.

Prepared: October, Ann Garrett, State Chief Information Security Officer Statewide Security Update October 25, 2005 Information Technology Advisory.

Cloud Services for Education

Rodney Neal Office 365 for Education Montgomery County Schools

Small Business Security By Donatas Sumyla. Content Introduction Tools Symantec Corp. Company Overview Symantec.com Microsoft Company Overview Small Business.

Cloud Computing Will Crowley Monica Lopez Jaimie Morrison.

CLOUD COMPUTING.  It is a collection of integrated and networked hardware, software and Internet infrastructure (called a platform).  One can use.

1-1 Copyright © 2011 Pearson Education, Inc. publishing as Prentice Hall MANAGING INFORMATION TECHNOLOGY 7 th EDITION CHAPTER 1 MANAGING IT IN A DIGITAL.

Network Topology. Cisco 2921 Integrated Services Router Security Embedded hardware-accelerated VPN encryption Secure collaborative communications with.

EarthLink Business IT Services. EarthLink Business IT Services Snapshot Comprehensive IT services portfolio −Data center, virtualization, IT security,

THE DICOM 2013 INTERNATIONAL CONFERENCE & SEMINAR March 14-16Bangalore, India DICOM Medical Image Management the Challenges and Solutions – Cloud as a.

Introduction IT Department at CEU Contribution to carry out CEU’s mission with appropriate: -Information technology tools and services -Hardware and software.

© 2003, EDUCAUSE/Internet2 Computer and Network Security Task Force Computer Access, Privacy and Security: Legal Obligations and Liabilities Rodney J.

Accessibility, Integrity, & Confidentiality: Security Challenges for E-Business Rodney J. Petersen University of Maryland & Educause/Internet2 Security.

Ferst Center Incident Incident Identification – Border Intrusion Detection System Incident Response – Campus Executive Incident Response Team Incident.

1 Managed Security. 2 Managed Security provides a comprehensive suite of security services to manage and protect your network assets –Managed Firewall.

Cloud Enabled Healthcare Presented by: Ron Parker and Stanley Ratajczak Emerging Technology Group Canada Health Infoway Inc. May 28, 2013Copyright © 2013.

Financial Advisory & Litigation Consulting Services Risk Management 2006 September 14-15, 2006 The Metropolitan Club, New York, NY Workshop B: Information.

Adam Leidigh Brandon Pyle Bernardo Ruiz Daniel Nakamura Arianna Campos.

1 Deployment of Computer Security in an Organization CE-408 Sir Syed University of Engineering & Technology 99-CE-282, 257 & 260.

1 Faculty Council IT Committee C-13 February 4, /4/2010.

Copyright © 2006 CyberRAVE LLC. All rights reserved. 1 Virtual Private Network Service Grid A Fixed-to-Mobile Secure Communications Framework Managed Security.

University IT Presentation Department Heads Meeting Monday September 24, SecureU and Server Security - Your role as Department Head - Jason Pufahl,

MIS3300_Team8 Service Aron Allen Angela Chong Cameron Sutherland Edment Thai Nakyung Kim.

Security Professional Services. Security Assessments Vulnerability Assessment IT Security Assessment Firewall Migration Custom Professional Security Services.

DISCOVER IT PEACE OF MIND Staying HIPAA-Compliant Revised: April 13, 2015.

Salsa Bits: A few things that the analysts aren't talking about... December 2006.

Internet2 Health Sciences Security Jere Retzer, OHSU March 7, 2001.

Collaboration Tools and Challenges at the University of Washington Tony Chang, Senior Strategic Integration Architect Computing and Communications Scott.

Ali Pabrai, CISSP, CSCS ecfirst, chairman & ceo Preparing for a HIPAA Security Audit.

Information Services during the Year of Transition.

EDUCAUSE 2005 Annual Conference October 19, 2005.

Cloud Computing May November 2015 Author A bad book is as much of a labor to write as a good one; it come as sincerely from the author’s soul.

STANFORD UNIVERSITY INFORMATION TECHNOLOGY SERVICES 1 The Technical Services Stuff in IT Services A brief tour of the technical and service offering plethora.

ORGANIZING IT SERVICES AND PERSONNEL (PART 1) Lecture 7.

Clinical Computing Secure, reliable technology that improves clinical workflow at the point of care.

Raya for Information Technology. About US  Raya IT, established in 1998, operates in the field of systems integration and IT business solutions.  A.

The Integration of Information and Communication Technology (ICT) into Development of Future Teacher Education Program in Teachers Education Institutions.

Federations: The New Infrastructure Speaker Name Here Date Here Speaker Name Here Date Here.

The Integration of Information and Communication Technology (ICT) into Development of Future Teacher Education Program in Teachers Education Institutions.

Quickly Establishing A Workable IT Security Program EDUCAUSE Mid-Atlantic Regional Conference January 10-12, 2006 Copyright Robert E. Neale This.

1 ITS STRATEGIC INITIATIVES Ken Orgill Assistant Vice Chancellor, Information Technology Services and Campus Chief Information Officer.

VDI AND DAAS – SAY WHAT?!? Bob Marshall, MD MPH MISM FAAFP Faculty, Valley Family Medicine Residency Faculty, DoD Clinical Informatics Fellowship.

Campus Texas STaR Chart Presentation for Los Fresnos HS Technology Leadership EDTC Project 2 Jaime Villarreal.

 TECHNOLOGIA is a startup company in Bangalore in 2007 which is completely owned by emirates telecommunication corporation- ETISALAT.  It has helped.

Jonathan P. DeShazo, Laishy Williams-Carlson, Rich Pollack.

Barracuda Networks. Safe Public Cloud Transitions Why Barracuda? The Challenge When organizations move workloads to the public cloud, data protection.

Job offer IT Infrastructure Specialist We are currently looking for an IT infrastructure specialist in order to respond to one key-account customer demand.

Philip J. Beyer, Information Security Officer John P. Skaarup, Sr. Security Engineer Texas Education Agency Information Security.

Agenda Current Network Limitations New Network Requirements About Enterasys Security Branch Office Routers Overall Enterprise Requirements Proposed Solution.

IOT Critical Impact on DC Design

Information Technology (IT) Department

BIDMC Center for IT Exploration

Skyhigh Enables Enterprises to Use Productivity Tools of Microsoft Office 365 While Meeting Their Security, Compliance & Governance Requirements Partner.

Technology Management- A CIO Perspective

IT Management Services Infrastructure Services

Information Technology Organization Overview RFP #220-05

Cloud Computing for Wireless Networks

Presentation transcript:

SECURITY & THE UNIVERSITY INCLUDING A HOSPITAL October 3, 2008 Doyle Friskney Chief Technology Officer University of Kentucky

Research University 27,000 students 14,000 faculty and staff Land-grant university Healthcare w/ hospital & clinics Constitutes Office Residents Hospital Service industry

Doyle Friskney Chief Technology Officer University of Kentucky  Medical Center faculty: about 1,000  Medical Center staff: 6,000+  UK A.B. Chandler Hospital attending physicians: 630  UK A.B. Chandler Hospital residents: about 500  UK A. B. Chandler Hospital and Kentucky Children’s Hospital (2006) discharges:24,760  UK A. B. Chandler Hospital Emergency Department (2006) visits: 44,646  UK A. B. Chandler Hospital (2006) outpatient visits:275,608  All Kentucky Clinic (2006) visits: 1,082,334

Doyle Friskney Chief Technology Officer University of Kentucky University Security Model  Best practices & policy  Perimeter firewalls w/ Authentication & Authorization  FERPA Issues  The library influence  Mobility – access changes everything Hospital & Clinics Security Model  Best practices & policy  Perimeter firewalls w/ Authentication & Authorization  HIPAA Issues and patients wanting to stay in touch  Student & the protected medical environment  Mobility, remote locations, influence of the private practice

Doyle Friskney Chief Technology Officer University of Kentucky Status of the Healthcare Communities According to analysts at a leading IT research and advisory company, "By 2011, early technology adopters will forgo capital expenditures and instead purchase 40 percent of their IT infrastructure as a service. Increased high-speed bandwidth makes it practical to locate infrastructure at other sites and still receive the same response times. Enterprises believe that as service- oriented architecture (SOA) becomes common, 'cloud computing' will take off, thus untying applications from specific infrastructure."  Academic environment  Demands high for all collaboration tools  Faculty Issues  Student Issues  Facebook  Blackboard & Student Systems  Directories & federation  & text  Research Issues  Openness  UK Healthcare environment  Patient rights & wishes  PHI &  Struggle of academic role & physician responsibilities  Desktops, patient rooms & the Patient Record  Demands of HIPAA & patient freedoms (mobility)  Layer’s of security  Firewalls  Data Center (data repository)  Desktops (degree of controls)  Authentication & Authorization issues  Remote Access  NAT is good  Audit trails  Business partners (physicians, clinics & hospitals)

Doyle Friskney Chief Technology Officer University of Kentucky  Infrastructure  10 Gig to Kentucky Regional Optical Network  Gigabit connection to Internet 2  900+ Megabit connection to Internet 1  10 Gig campus backbone  Video  Polycom e-health video teleconferencing sites  TANDBERG Codian video bridges  Desktop solutions (Microsoft, IBM & Polycom)  Desktops  80% Windows & 20% Apple  Security  Cisco Firewall’s & VPN  Microsoft Active Directory ( & LDAP)  IronPort (PHI)  Regular Scanning & Log Logic

Doyle Friskney Chief Technology Officer University of Kentucky Hospital at a University 1. 1 st firewall stops bad stuff 2. 23,000 students & 10,000 faculty and staff next 3. 2 ed firewall protects medical center students & 6000 faculty and staff 5. Wireless everywhere 6. WiFi, WiMax & Why 7. Referring physicians & adjunct faculty 8. All the outsource contracts 9. HIPAA still counts firewalls IDS/IPS VPN/MPLS DMZ of sorts Access Issues AntiVirus Vulnerability testing

Doyle Friskney Chief Technology Officer University of Kentucky

Govern How should security professionals manage an effective security governance framework, align with operational and enterprise risk management, manage the delegation of authority and manage security budgets Plan How should security professionals create an appropriate organization, and develop a long-term vision and plan for the security program. Build How should security professionals negotiate security policies, develop a security architecture and improve process maturity? Run How should security professionals ensure identity and access management, control security threats, manage vulnerability effects, direct forensics, manage incident response, conduct security engineering, conduct risk and control assessments, and manage awareness communications?

Doyle Friskney Chief Technology Officer University of Kentucky University Communities will be able to interact at anytime with anyone having the support of all online resources.

Doyle Friskney Chief Technology Officer University of Kentucky  Cloud based influences  Google & Microsoft services  Amazon, IBM Blue Cloud & others  Healthcare Vendor Solutions  iPhone & others  Voice Services  From hardware to software  Centralized (to) Departmental  Infrastructure  Directory Federation  Presence  Security appliances

Doyle Friskney Chief Technology Officer University of Kentucky Integration of all collaboration tools With emphasis on directory federation Robust Mobility platform iPhone (1 st ) & Microsoft Mobile (2 ed ) Transparent access to information With improved security Emphasis on changing service model

Doyle Friskney Chief Technology Officer University of Kentucky Why & Who Physicians, Clinics, Hospitals & outsource agreements Remote Requirements Patient care Network & Computing Role of Microsoft in Communications Strategic Partners local Interfaces & content resources Integration of on campus resources & remote hosting Common interface for mobility Transition Computing Servers Software Virtualization

Doyle Friskney Chief Technology Officer University of Kentucky

Embrace Change Influences Understand the influence of governance & networks in security issues Weave emerging technologies with proven university pedagogy Manage content & security (anywhere any time) Camps and Clouds Ensure openness within the bounds of patient & student rights Enjoy Success FUTURE