Educause Security Discussion mailing list archives

Re: Centralized vs. Decentralized IT

From: Russell Fulton <r.fulton () AUCKLAND AC NZ>
Date: Fri, 8 Aug 2008 14:13:21 +1200

We operate under a federated governance model and this applies to IT
as well.  By and large it works well but there are problems with our
set up but these are not inherent in the model, just the way we have
implemented it.

Basically we have a fairly strong central IT group that provides
services to business and faculty groups on campus.  We have a
oversight committee (IT Strategy and Planning) who set high level
direction an have the power to move resources if necessary.

ITS provides:

networking services to everyone.
a central email system (all 'administration' dept use this and some
faculties as well).
student email (outsourced to google)
AFS file store for students
CIFS based file store for the staff in business units
'support' for Peoplesoft system for business units (hardware,
software, development, etc)
other IT support for business units
Desktops for business units
a number of large student 'labs'
a web content management system and related servers
Security services for everyone.
purchasing
and so on.

Faculties generally support

Their own desktops and specialist student labs.
some do their own email
most do their own web sites
any specialist services that are needed by their disciplines
etc.

Generally it is up to faculties whether they use central facilities or
do it themselves.  As central IT has improved the support for services
we are getting more custom from the faculty.  In the case of email new
legal requirements to do with retention of public records (and some
emails will be affected by this) will make running an email server
much more expensive and we expect that most faculties will move over
to the central system rather than try and meet the legal requirements
themselves.

Russell


On 8/08/2008, at 7:27 AM, Sarazen, Daniel wrote:

Hi All,

Do you have any leanings between Centralized IT networks (Main IT
group responsible for IT services); vs. decentralized IT networks
(Each department is responsible for their own apps, servers and
security (Intrusion detection/prevention) with their own IT staff?
Has anyone looked at their campus and formed an opinion on the IT
governance configuration?

Any feedback you can provide is appreciated.

Thanks,

[cid:image001.gif@01C8F8A2.1AF9AD60]

:: Daniel Sarazen, CISA, Information Technology Auditor
:: University Internal Audit
:: University of Massachusetts President's Office

:: 508-856-2443
:: 781-724-3377 Cell
:: 508-856-8824 Fax
:: Dsarazen () umassp edu<mailto:Dsarazen () umassp edu>

University of Massachusetts : 333 South St. : Suite 450 :
Shrewsbury, MA 01545 : www.massachusetts.edu<http://www.massachusetts.edu/
>

Current thread:

Centralized vs. Decentralized IT Sarazen, Daniel (Aug 07)
- <Possible follow-ups>
- Re: Centralized vs. Decentralized IT Greg Schaffer (Aug 07)
- Re: Centralized vs. Decentralized IT Stephen John Smoogen (Aug 07)
- Re: Centralized vs. Decentralized IT Megan Carney (Aug 07)
- Re: Centralized vs. Decentralized IT Georgios Mousouros (Aug 07)
- Re: Centralized vs. Decentralized IT Adam Stone (Aug 07)
- Re: Centralized vs. Decentralized IT Stephen John Smoogen (Aug 07)
- Re: Centralized vs. Decentralized IT Russell Fulton (Aug 07)
- Re: Centralized vs. Decentralized IT Jim Dillon (Aug 08)
- Re: Centralized vs. Decentralized IT Sarazen, Daniel (Aug 08)
- Re: Centralized vs. Decentralized IT Christopher Jones (Aug 08)
- Re: Centralized vs. Decentralized IT Bob Bayn (Aug 08)
- Re: Centralized vs. Decentralized IT Jim Dillon (Aug 08)
- Re: Centralized vs. Decentralized IT Cal Frye (Aug 10)
- Re: Centralized vs. Decentralized IT Basgen, Brian (Aug 11)
- Re: Centralized vs. Decentralized IT Stublefield, Matthew (Aug 19)