Data Privacy Month (with a painful story about a phone)

messages

Data Privacy Month continues, and this week I have a story that is told to all young system administrators. It’s about what happened when a phone was lost.  Read it, weep… and then go make your phone secure.

Junior system administrators go through many rites of passage. One of them is when, early in their training, they get to spend a whole night in the data center.  This is a way of preparing them for those all  night system upgrades, when they have to  perform at their peak at a time when they are normally asleep. This story is often told during that special training night.

A good data center is cold. You should picture the junior sys admins huddled in their parkas around the back of a server, hoping to get some heat from the exhaust.  Some of them are nodding off.  The hoary senior system admin, noting this, decides it is time to tell the phone story, and fill it with detail, to spark their interest.  System admins are by nature fascinated with details, good at reading and, as a bonus, following, meticulously detailed instructions.  And so the hoary one begins…

“Once upon a time, in a far away College, there was a senior member of the administration, let’s call him VP Terry.  VP Terry had lots of responsibilities and was always on the move.  He had a very expensive and very sophisticated smart phone to help with his work. He used it all the time, for emails, for calendar, for reading documents and even for accessing many of the College databases.”

“VP Terry, just like Marissa Mayer, didn’t have a pin, or any other security, on his phone. It saved him (and her) time every day”.

The hoary senior sys admin paused for effect and noted with satisfaction that the eyes of her audience had grown large.  This bunch would be security conscious!

“And then, one dark day, it happened.  VP Terry mislaid his phone. Possibly at the airport. He didn’t notice it was gone until the end of the 11 hour flight and by then he could not contact the IT folk at his College to see what they could do.  Truth be told, he didn’t even think to do that”.  The eyes got wider.

“Someone sent messages from the phone and it was not returned. So do you know what happened?  Are you ready? Here’s the detail:

  • The cell phone contained a direct link to the college’s database, where confidential information on 40,000 students was stored. The College was obliged by law to notify each and every one of them.  Direct cost: $150,000.  Indirect reputation cost: ???
  • The cell phone provided unauthorized access to educational records (grades were accessible from the phone).  Student’s privacy rights were so compromised that it warranted a self-report to the Family Policy Compliance Office (FPCO) of the Department of Education, placing future funding for the College at risk.
  • A document containing a job offer was viewable on the phone and ended up on the internet.  The candidate turned the College down and was gravely embarrassed at her home institution.
  • VP Terry’s personal credit card information was compromised.
  • He lost all the photos of his family vacations, since he was no better at backups than he was at security.”

As she listed these  details, the hoary sys admin’s voice reached a crescendo.  The junior sys admins were now fully awake and several pulled out their smart phones, sheepishly looking for the settings…

Thanks for reading. Please have a look at this Intel site on mobile security:

http://www.intel.com/content/www/us/en/security/mobile-security.html

Then go forth and put some security on your phones!

Call for Papers in Digital Humanities

From the digital humanist listserv….
Eiffel Tower by Damien Vassart
Second Call For Papers Human-Computer Interaction, HCI, is a symposium in the 18th International Conference Information Visualisation, 15, 16, 17 and 18 July 2014, University of Paris Descartes, Paris, France. http://www.graphicslink.co.uk/IV2014/ Click on Symposia hypertext

Important Dates: 01 March 2014: Submission of papers 25 April 2014: Notification of Peer Review Result 10 May 2014: Submission of camera-ready 15 May 2014: Early registration closes Paper Format Guide: (Not more than 6 pages – excess pages at 30 GBP per page.) http://www.graphicslink.co.uk/IV2014/INSTRUCTION.htm

The Humanities has enjoyed a renaissance in the last two decades. This has been largely facilitated by the acceptance of digital media as a tool for the critical analysis of scholarly works. This new field, the Digital Humanities, includes applied and theoretical use of digital media. Increasingly, large collections of data are being investigated using digital tools. These tools assist in visualising the information contained in ways that expose new meanings and interpretations of scholarly knowledge. Our host, the International Information Visualisation Conference, provides a uniquely propitious environment for a Digital Humanities symposium. With other symposia spanning Information Visualisation Theory & Practice to Visualisation in Software Engineering, attendees of the Digital Humanities Knowledge Visualisation symposium are well placed to make serendipitous connections with technologists in relevant fields. This symposium seeks short and long papers on original and unpublished work addressing, but not limited to, the following topics: * Culture and Heritage Knowledge Visualisation * Art and Design * Visualization techniques for text corpora * Cartographics * Virtual and built environments * Interactive systems * Infographic design and its associated process * Data mining in the humanities * Information design and modelling * Social Networks * Network graph visualisation of historical precedents * Digital media enabled humanities research * Digital media assisted linguistics research * The digital arts, architecture, music, film, theatre, new media, digital games, and related areas Symposium Digital Humanities Knowledge Visualisation

Liaison: Theodor G Wyeld, Flinders University, Australia Symposium Committee Theodor G Wyeld, Flinders University, Australia (Chair) Sarah Kenderdine, City University of Hong Kong (co-Chair) Francis T. Marchese, Pace University, NY, USA (co-Chair) Advisory, Programme and reviewing committee: Theodor G Wyeld (Flinders University, Aust) Sarah Kenderdine (Museum Victoria, Aust) Francis T. Marchese (Pace University, NY, USA) Ekaterina Prasolova-Førland (NTNU, Trondheim, Norg) Teng-Wen Chang (NYUST, Taiwan) Brett Leavy (CyberDreaming, Aust) Malcolm Pumpa (QUT, Aust) Marinos Ioannides (HTI, Cyprus) Giovanni Issini (DFI, Italy) Special Journal Edition for selected papers: TBA. Supporting Bodies: Flinders Institute for Research in the Humanities, Flinders University, Australia Museum Victoria, Melbourne, Australia City University of Hong Kong Pace University, NY, USA

HOST: http://www.graphicslink.co.uk/IV2014/ All enquiries about Digital Humanities Knowledge Visualization should be addressed to: Theodor Wyeld Screen and Media Flinders University GPO Box 2100 Adelaide 5001 South Australia ph: +06 8 8201 3508 fx: +06 8 8201 3635 em: theodor.wyeld@flinders.edu.au wb: www.flinders.edu.au/people/theodor.wyeld URL: http://www.graphicslink.co.uk/IV2014/DHKV.htm

Data Privacy Month (with a painful story about file permissions)

January 28th kicked off Data Privacy Month.  CIS is marking the month by reminding you that data privacy is everyone’s responsibility. Here is a second true story culled from the vaults of HMC server administrator lore. Some details have been changed. Read it, weep… and then check your folder and file permissions.

Agnes and students-l are not involved.

So there once was a professor, let’s call him Dr. Linus Windonmax. He was a professor of linguistics in the Humanities Division of a large state university. (Not all of the HMC server administrator lore is actually about HMC.  Server admins sometimes talk to other server admins around water coolers or campfires).  LWM, as his students called him, was a careful and detail oriented person who always read every word of every email sent to him by his local IT unit.  This in itself marked him as a rare bird, since not even the IT folk read every word of every email, especially not the ones they wrote.  But I digress.

LWM had read and carefully followed instructions about how to store files on the file server.  He wanted to keep his work for posterity and he knew that files on the file server were backed up and stored off site, unlike things he stored on his local hard drive. So he had gotten into the habit of stashing his stuff on “charlie”, as the file server was affectionately called.  Only hoary server admins knew why, and no one wanted to be considered hoary.

One day, as LWM ambled to class, his colleague Wilma waved and smiled.  ”LWM, congratulations on selling the house”.  Linus politely smiled back; in fact he bared his newly polished teeth to hide his mortification.  For he hadn’t told anyone on campus about the house. In class, a few of his students made arch mention of pajamas and champagne. More mortification: it seemed they knew about his little soiree to celebrate the house sale. Hmm. not good, not good.

Later that afternoon, as the still agitated professor sat in front of his widescreen monitor, it suddenly struck LWM  that someone must have been looking at his files. He’d stored copies of all of the house sale documents and the “pajamas and champagne” party photos on Charlie, as was his wont. He sprinted over to the IT Help Desk to demand an explanation.

The friendly folk at the Help Desk had to work hard to explain the situation to LWM, especially since the server admins were still deep in the long dark teatime of the soul, dealing with students-l problems. In a nutshell, it went like this. No one could actually see LWM’s files, except LWM himself and two server admins of high integrity (definitely not hoary).  But everyone who had an account on Charlie could see the names of his files and browse through his folders looking at how they were organized. That, said the helpful help desk staffer, was a result of the “file permissions”, which determine who has access to a file or folder and what kind of access they have (see file names, open files, edit files, delete…). Most users can change their own file permissions, and over time, the result of choices by users and server admins had resulted in the mortification of LWM.

Coming back now to HMC, the file permissions on Charlie and Alice are not very consistent, and we have had situations in which file names were visible in ways that people did not intend.  This is the result of myriad choices over the years by both users and server admins. And the only really safe way for us to be sure that permissions are correct is to ask you to check them.  So, during data privacy month, perhaps you can take a few minutes to do so?  You can double check your file permissions easily enough.from a Windows computer.  Here are instructions (requires HMC Credentials).

It’s everyone’s responsibility to ensure data privacy. During Data Privacy Month, please make protecting privacy and data a greater priority. Thanks for reading. Now go forth and check your file permissions.

Room reservation software upgrade to EMS Campus

Guest author, Isabel Jordan, wrote for us about a recent upgrade to the Event Management System….

HMC’s reservation software, Event Management System (EMS), has been upgraded to the Campus 3.0 version. Virtual EMS was only changed in appearance but not use. There has been some feedback from Mac users who say they are having difficulty viewing Virtual EMS. The solution has been to use Google Chrome
as the browser rather than Mozilla Firefox.

Currently, CIS and the Facilities & Maintenance team are working together to
get the Integrated Authentication module up and running. This module will
integrate EMS with the directory server so that one can log in to EMS with
the same account log in/password that is used to log in to one’s computer
(HMC credentials).  There are over 600 users who have accounts in EMS so we
are trying to figure out the most efficient way to make this happen.

Moving forward the plan is to install an Academic Planning Module that will
assist the Registrar’s office to connect the academic schedule from CX to
EMS. Currently the 5C registrars are being trained to learn the
collaboration between CX and EMS.

ACLS Digital Innovation Fellowships

Another interesting post from a listserv:

The American Council of Learned Societies invites application for the
sixth annual competition of the Digital Innovation Fellowships.

This program supports digitally based research projects in all
disciplines of the humanities and humanities-related social sciences.
It is hoped that projects of successful applicants will help advance
digital humanistic scholarship by broadening understanding of its nature
and exemplifying the robust infrastructure necessary for creating such
works.

ACLS will award up to six ACLS Digital Innovation Fellowships in this
competition year, including one project on which two scholars are
collaborating.

Stipends up to $60,000
Project costs up to $25,000

Deadline: September 29, 2010.

For more information visit: http://www.acls.org/programs/digital/

During the 2009-10 cycle, ACLS awarded over $15 million to more than 380
scholars based in the US and abroad working in the humanities and
related social sciences.  Visit the Fellows & Research section to view
recent awardee http://www.acls.org/research/digital.aspx?id=798
listings and profiles.

American Council of Learned Societies
633 Third Avenue
New York, NY 10017
fellowships@acls.org<mailto:fellowships@acls.org>
__________________________________
Steven C. Wheatley
Vice President
American Council of Learned Societies
633 Third Avenue
New York, New York 10017-6795
tel:  212 697 1505, ext. 128  fax: 212 949 8058
swheatley@acls.org<mailto:swheatley@acls.org>
www.acls.org http://www.acls.org

Grid computing with gridMathematica

From Jeho Park:

Are you a Mathematica user wishing for more computing power for your long-running number crunching jobs? Then this may be good news for you. In our continuing efforts to deliver cutting-edge computing technologies and innovations to you, CIS has installed gridMathematica server engineson the CIS lab computers. The lab computers will provide you with more parallel computation kernels that can be launched on demand to help your Mathematica computations using parallel computing tools in Mathematica 7.

Currently gridMathematica servers are iMac computers featuring 2.7 GHz Intel Core 2 Duo processors in the CIS Parsons lab. Due to security concerns, your computer needs to be on the wired or wireless HMC network to get connections to those servers. When you are not on campus, you may be able to use the gridMathematica kernels via VPN. But we don’t recommend VPN for critical computations as network communications may be delayed by unexpected circumstances. To use the new feature, Lightweight Grid Manager must be enabled within your local Mathematica 7. Once your computer is connected to the school network, please follow our step-by-step instructions on Sakai (https://sakai.claremont.edu:8443/access/wiki/site/a0df75e1-0de9-4e40-bbac-a197643606c9/home.html) to enable the Lightweight Grid Manager.

Here’s some general information directly from Wolfram: General information about gridMathematica: http://www.wolfram.com/products/gridmathematica/ Q&A on gridMathematica: http://www.wolfram.com/products/gridmathematica/faq/ Parallel computing with Mathematica. Parallel Tools Tutorials: http://reference.wolfram.com/mathematica/ParallelTools/tutorial/Overview.html We will present a demo of gridMathematica use in a session of A Bite of Learning in April. You are welcome to try the new feature and come to the presentation for more discussion. If you have any questions about gridMathematica and parallel computing tools in Mathematica 7, please feel free to contact Jeho Park. Thank you!

Sakai Fellows Program 2010

From the Sakai listserv….
Nominations for the Sakai Fellows Program for 2010 are now open.  Up to six fellows will be chosen by the selection committee.  We are seeking nominees who have advanced the goals of the Sakai Community by their innovative work, leadership and/or advocacy.  The nomination form is attached and eligibility requirements are listed below.  You are encouraged to submit more than one nomination and you are free to nominate yourself.
PURPOSE
The Sakai Fellows program seeks to foster community leadership and contributions by recognizing and supporting active contributors. Fellows enrich the community in a variety of ways, including technical expertise, teaching and research practices and community organization, support and leadership.  Fellowship awards recognize such contributions and support the efforts of the Fellows with a modest stipend.
AWARD AT A GLANCE
Total: up to six Fellowships will be awarded
Term: 1 year from date of award
Stipend: $2500.00 (USD); Sakai 2010 Denver conference registration fees will also be waived.
ELIGIBILITY
All members of the Sakai Community are eligible for nomination subject to the following limitations:
1. A nominee must not have held a fellowship awarded in the previous year.
2. A nominee cannot be a member of the Sakai Board, Sakai Foundation staff or Sakai Fellows Selection Committee
DUE DATE
Friday, 7 May 2009, Midnight EDT
Please return completed forms to Anthony Whyte at arwhyte@sakaifoundation.org
MORE INFORMATION
PREVIOUS WINNERS