Azure Vs Amazon - The Manager View

I was looking in my drafts folder and found this post that I wrote almost two years ago. Everything still looks correct to me. The appeal of hosting applications yourself continues to decline, and vendors continue to embrace the SaaS model. Microsoft continues to be the enterprise glue holding things together and more and more of the Microsoft software we use is in Azure or is Azure-adjacent (like Defender and Intune). [Read More]
Tags: cloud, AWS, Azure, higher ed

Where to Focus IT Security at a College

Last year I talked about implementing multifactor authentication in higher ed. Today, I want to take a minute to zoom out and look at the bigger security picture for colleges. When considering security improvements, we are sometimes faced with a list of dozens or hundreds of ideas or recommendations for improving security posture. No one has the time, money, or will to implement all of them, so where should you focus? Where are the real security risks for colleges? What kinds of controls should we implement to mitigate these risks? [Read More]
Tags: security, ransomware, higher ed

Making Sense of IT Budgeting

So what do you do when you find yourself suddenly responsible for an IT budget and IT spending? If you’re lucky there are people around you who can take on some of the responsibility and orient you. But there might not be. Sometimes it’s up to you to figure out how to keep the bills paid and technology running without much guidance. This is what I’ve learned over the years from being in this position. Note: not all of this will apply to every organization. My experience is in a public institution with a roughly fixed budget each year (and... [Read More]
Tags: management, higher ed

Sending MFA to College

It’s 2022: does your school use MFA to protect accounts? If you are looking to implement MFA at your institution or expand its usage, let’s talk about some strategies and lessons learned from my experience building out MFA from scratch at a college. The first question you might ask is: do I really need to implement MFA? Yes, at least in some form. It is an essential strategy to prevent account compromises from phishing emails, and phishing and social engineering attacks account for 70% to 90% of all malicious breaches. It also serves as a failsafe for accounts with weak... [Read More]
Tags: security, MFA, 2FA, higher ed

Reading Deep Work in 2022

I’ve had Deep Work on my long list of books to read, ever since I heard Cal Newport discuss his book on the Ezra Klein show a few years ago. At the time, it struck me as an interesting and clear approach to productivity and was worth engaging with, because I was interested in my own productivity. [Read More]
Tags: management, work

Automation and People

For as long as I’ve worked in IT at a college, my focus has been on finding ways to use technology to makes things work better and to improve existing technology investments. One presupposition is that if you can automate a process or provide an easy-to-use self-service solution, that is a positive change. Automation and self-service create efficiency, reduce the burden on IT staff, and overall make the college better. Sure, sometimes employees outside of IT may feel threatened if automation changes their job, but it allows them to focus on other higher level tasks. Like the Python book says,... [Read More]
Tags: management, higher ed

Four Lessons for Higher Ed IT from the Phoenix Project

Last time I wrote some quick, general reflections on The Phoenix Project. This time I want to get more specific and discuss ways in which The Phoenix Project applies to higher ed IT and suggests some directions for progress and improvement. [Read More]
Tags: book, project management, higher ed