Click here to receive your FREE subscription to Campus Technology
Opinion
Converged Security: Can Ex-Cops, Propeller Heads, and Bean Counters Make Nice?
9/14/2007
The head of physical security is typically drawn from law enforcement or the military and reports to the facilities or business side of the house. Authority and a well defined command and control structure are highly valued.
The head of information security is usually a technologist and typically reports to the CIO. Creativity and technological innovations are valued attributes.
Finally, the head of financial security usually has a financial or auditing background and reports to the CFO. Quantitative financial rigor is a core value.
While each of those perspectives is essential for an enterprise, they evolved independently, each having a specific mission. Since 9/11, however, there has been a growing trend in the corporate sector to more closely integrate or even merge the oversight of information security, physical security, and fiscal security. This trend may be relevant to higher education.
In fact, Ben Palma, former PepsiCo CISO and member of the team that moved the company to an integrated security architecture, has suggested that one reason security has not received more attention from senior management is that the various groups involved in security have not presented a unified and consistent story.
What do companies that have a converged security architecture cite as the advantages? Improved information sharing and coordination between security units provides the organization with more robust and coherent security. A converged architecture provides senior management with a single comprehensive overview of corporate security. If the effort is led by a CSO, it also provides senior management with a single point of contact. Finally, a comprehensive security architecture is easer to align with the institution's goals and objectives.
Given that the corporate sector is much further along in converging badges, bytes, and beans, what can we learn from their experience.
To be successful, any convergence initiative must have support from senior management that views security as a strategic business enabler.
Functional silos are usually well protected. Hostile takeovers or coups seldom work.
Any process or organizational structure must preserve the core functions and capabilities of the physical, information, and financial security units and allow each to do what they are good at.
Convergence does not necessarily mean merging multiple units. It might well be close cooperation, collaboration, and joint planning. It is, however, more than an occasional lunch.
Convergence initiatives are a hard sell if they involve significant additional fiscal expenditures to change, in this case integrate, what you are already doing.
A Cautionary Tale
Discussions, seminars, and conference presentations about combining campus libraries and the information technology unit were the rage in the late 1980s and early 1990s. Now, almost two decades later, it has successfully happened in only a handful of places. The idea was great in theory. Both deal with information. Libraries excel in storing and subsequently finding information. IT organizations excel in manipulating information. What we underestimated was the difficulty and practically of merging two very different cultures, one young and brash and the other steeped in tradition.
Recommended Reading
- Sun, Stanford Working To Archive History
In May in San Francisco, experts from leading universities, libraries, and research institutions around the world met as part of an ongoing effort to address a pressing issue: archiving the world's history, right up to today.
- The Quilt Coalition Rolls Out XO Communications for High-Capacity Network Services
The Quilt, a coalition of 28 regional network organizations, has added XO Communications Services to its authorized vendor list. The Quilt represents 200 universities and thousands of other educational institutions across the United States. With this new relationship, Quilt members can purchase XO's high-speed IP transit and network transport services at competitive rates.
- Wimba Classroom 5.2 Expands Classroom Capture Support, Adds MP3 Downloads
At the NECC 2008 conference in Texas this week, Wimba launched a new version of Wimba Classroom, the virtual classroom component of the company's Collaboration Suite. The new 5.2 release expands options for classroom capture and adds a variety of other functional and ease of use features.
- Automation Chimera: Education Is Not Management
The lure of automating workflow online so human intervention is minimized is continually reinforced in the minds of higher education administrators by examples of automated campus systems such as financials, student information systems, and other enterprise systems. But what's good for management is not always good for learning.
- Cognos Releases BI Software for Linux-based IBM System z Mainframe
Cognos, which IBM acquired in January, has released an update to its business intelligence software that will run on the Linux operating system on IBM System z mainframes. IBM Cognos 8 BI was being developed by the two companies prior to the acquisition, but assimilation of Cognos into IBM accelerated development.
- Facebook and Collegiality: A Serendipitous Social Niche
Facebook is a way to greet a colleague as if she or he is on your own campus: a wave at a distance, a hello at the corner burrito place, a honk as you both leave the campus parking lot. Informal collegiality has been extended over the miles.
