Making the cloud work for you:institutional risk and governance          Dr Richard Hall, De Montfort University          ...
context: organisation and risk
Cloud(s) or hosted or in-house?  Amplified issues around the following [risks].1. Curriculum control/change-management: ad...
See: http://bit.ly/VXKGTQ
Value and institutional risk:   a competitive cloud
Education markets are one facet of the neoliberalstrategy to manage the structural crisis ofcapitalism by opening the publ...
See: http://bit.ly/WqABKq
The UK Treasury position, on shared services: 2.191 VAT: cost sharing – Following the announcement at Autumn Statement 201...
See: http://bit.ly/GI2nP4
See: http://bit.ly/MNPOpn
See: http://bit.ly/11NUoLR
Technology deployed inside hegemonic, fiscal “realities”.1. Public-private partnerships: services; re-engineering;   appli...
Governance and institutional risk
See: http://zd.net/oE0oq3
See: http://bit.ly/yqsrps
See: http://bit.ly/QvjavY
1. Twitter: EFF/American Civil Liberties Union; Birgitta Jonsdottir; U.S.   Department of Justice; Wikileaks.2. LinkedIn: ...
See: http://bit.ly/SmGgoz
See: http://ars.to/RY2NXC
See: http://bit.ly/WeQmGx
the legal standard for production of information by a third party, including cloudcomputing services under US civil (http:...
• We have a Governance Unit, a set of IT regulations and  an IT Governance Group: http://infogov.our.dmu.ac.uk/  “The clou...
• Risk-management at a range of scales: does it matter if  someone accesses your stuff? [Dropbox; subject to FoI]• What ab...
The University and the Cloud: a health warning is licensed under aCreative Commons Attribution-NonCommercial-ShareAlike 3....
Upcoming SlideShare
Loading in …5
×

Making the cloud work for you: institutional risk and governance

674 views

Published on

My presentation at BETT13 on cloud computing and HE institutions. See also: http://www.richard-hall.org/2012/06/13/the-university-and-the-cloud-a-health-warning/

Published in: Education
0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total views
674
On SlideShare
0
From Embeds
0
Number of Embeds
3
Actions
Shares
0
Downloads
4
Comments
0
Likes
0
Embeds 0
No embeds

No notes for slide

Making the cloud work for you: institutional risk and governance

  1. 1. Making the cloud work for you:institutional risk and governance Dr Richard Hall, De Montfort University slideshare.net/richardhall @hallymk1 rhall1@dmu.ac.uk
  2. 2. context: organisation and risk
  3. 3. Cloud(s) or hosted or in-house? Amplified issues around the following [risks].1. Curriculum control/change-management: ad hoc vs strategic control vs staff digital/technical literacy.2. Support and skills in-house: quality/distinctive or interesting vs boring.3. Elasticity of demand and service-provision: developing technologies that will enable emerging and future web applications.
  4. 4. See: http://bit.ly/VXKGTQ
  5. 5. Value and institutional risk: a competitive cloud
  6. 6. Education markets are one facet of the neoliberalstrategy to manage the structural crisis ofcapitalism by opening the public sector to capitalaccumulation. The roughly $2.5 trillion globalmarket in education is a rich new arena forcapital investment. (Lipman, P. 2009: http://bit.ly/qDl6sV)
  7. 7. See: http://bit.ly/WqABKq
  8. 8. The UK Treasury position, on shared services: 2.191 VAT: cost sharing – Following the announcement at Autumn Statement 2011 the Government will introduce a VAT exemption for services shared between VAT exempt bodies including charities and universities. HM Treasury (2012) http://bit.ly/GCRYCy
  9. 9. See: http://bit.ly/GI2nP4
  10. 10. See: http://bit.ly/MNPOpn
  11. 11. See: http://bit.ly/11NUoLR
  12. 12. Technology deployed inside hegemonic, fiscal “realities”.1. Public-private partnerships: services; re-engineering; applications; outsourcing; consultancy.2. Discourses of efficiency/productivity to be rooted: analytics; big data; reduced circulation time; changes in production; workload monitoring.3. Legitimation of R&D: value-for-money; commercial efficiency; business process re-engineering (c.f. European Vision 2020; HEFCE 2012).4. Moral depreciation and constant innovation/value-creation.
  13. 13. Governance and institutional risk
  14. 14. See: http://zd.net/oE0oq3
  15. 15. See: http://bit.ly/yqsrps
  16. 16. See: http://bit.ly/QvjavY
  17. 17. 1. Twitter: EFF/American Civil Liberties Union; Birgitta Jonsdottir; U.S. Department of Justice; Wikileaks.2. LinkedIn: cracking a service; aggregating data for future cracking; confirming guesses about passwords; comparing hacked data against pre- computed versions; broadening "guessable” data.3. Facebook, Google and Twitter: new obligation to identify “trolls” ; internet companies will have to surrender the details of those posting libellous messages.4. Leveson: Hunt’s private Gmail account; role of the information commissioner; use of private (email) accounts to conduct official business is subject to FoI. Service resilience; confidentiality/privacy; copyright/copyleft/content distribution; data security/back-ups; control/deletion
  18. 18. See: http://bit.ly/SmGgoz
  19. 19. See: http://ars.to/RY2NXC
  20. 20. See: http://bit.ly/WeQmGx
  21. 21. the legal standard for production of information by a third party, including cloudcomputing services under US civil (http://www.law.cornell.edu/rules/frcp/rule_45)and criminal (http://www.law.cornell.edu/rules/frcrmp/rule_16) law is whether theinformation is under the "possession, custody or control" of a party that is subjectto US jurisdiction.It doesn’t matter where the information is physically stored, where the company isheadquartered or, importantly, where the person whose information is sought islocated.The issue for users is whether the US has jurisdiction over the cloud computingservice they use, and whether the cloud computing service has “possession,custody or control” of their data, wherever it rests physically. EFF (2012): http://bit.ly/yqsrps
  22. 22. • We have a Governance Unit, a set of IT regulations and an IT Governance Group: http://infogov.our.dmu.ac.uk/ “The cloud has its own challenges, not least of which is the fact that the name can lead non-tech savvy folks to imagine that their data is bits of magic floating about in the ether rather than sitting on a server subject to the laws of the land in which it is located. There are concerns about ensuring safety of information.” “Additionally, potentially big problems with offshoring corporate assets outside of corporate governance.”
  23. 23. • Risk-management at a range of scales: does it matter if someone accesses your stuff? [Dropbox; subject to FoI]• What about corporate governance, including access to services that are marketised? [Google-Verizon and a two- speed internet; costs of accessing data in marketised HE?]• Does it matter if the responsible academic gets hit by a bus? [assessment; what should be managed in-house or hosted via a contract?]• Do we understand that data is being transferred into a service and that we have responsibilities? [T&Cs; IP; protected characteristics; indemnities for libel]• How do we work-up the digital literacies of our staff/students in this space? [staff guidelines http://bit.ly/LnazH5 ]
  24. 24. The University and the Cloud: a health warning is licensed under aCreative Commons Attribution-NonCommercial-ShareAlike 3.0 UnportedLicense.

×