Re: What Every President Needs To Know

[Kevin Shalla <Kevin.Shalla () IIT EDU>]

While these are not new issues, they're on my mind:
There's no such thing as a useful and completely secure computer system;
all systems make tradeoffs to reach a point somewhere between very useful
and very secure.  Security is like insurance - it's possible that there may
never be any noticeable benefits, but without it, you leave yourself open
to devastation.  Once we have an effective way to measure and benchmark
security practices, insurance companies will help guide us (through premium
price) on how to get the biggest value on our security dollar.  Security
system sellers are looking to solve their own problem (sales / profits) not
your problem (security), and no product or service you can buy will reduce
your need to implement policies and procedures - and that is the harder
problem.

At 06:32 PM 2/10/2003 -0500, Rodney Petersen wrote:
> As the Security Task Force prepares its remarks and refines its messages
> for college and university presidents, we would welcome your advice, in
> general, and especially your response to the following phrase:
>
> What Every President Needs To Know About Computer and Network Security
>
> Please share your ideas, case studies, anecdotes, experiences, and other
> words of wisdom that the Security Task Force should consider as we make
> the case before college and university presidents of the need for and
> importance of improved computer and network security for higher education.
>
> Please share your responses with the entire Discussion Group.  Any input
> received this week will be useful as we finalize our presentation.


Kevin Shalla
Manager, Student Information Systems
Illinois Institute of Technology
<mailto:Kevin.Shalla () iit edu>

**********
Participation and subscription information for this EDUCAUSE Discussion Group discussion list can be found at 
http://www.educause.edu/memdir/cg/.