Richard Mendola, Ph.D. is the Vice President of Information Technology and CIO for Emory University. In this role since 2007, Dr. Mendola and his team are responsible for creating and sustaining a seamless, agile, innovative and efficient information technology environment that advances the educational, clinical and research activities and aspirations of Emory.
As you read over the highlights from the Office of Information Technology's annual report, I wanted to draw your attention to a few of the initiatives for FY12, as they were compelling, not simply for what they represent in terms of deliverables, but for what they portend for our future.
This past spring, we transitioned Emory's student residence halls to a default configuration that was wireless only. This means that if a student wants a wired port, it is now an additional cost option. This change reflected an acknowledgment of existing usage patterns and allowed the institution to save hundreds of thousands of dollars in costs associated with maintaining the wired infrastructure. Some of these savings were reinvested in better coverage and throughput for the wireless service, while other savings were returned to housing. We believe this pattern of migrating from fixed to wireless connections isn't going to stop with our student population. Our plans are to begin pilot tests this year of wireless-only academic and administrative spaces. Beyond the technology shift, this transition also reflects the need to find the best value proposition for the services we deliver - a key objective in a time of constrained resources.
Another major initiative that took place last year was the migration of our student community to Office 365 for email, calendaring and messaging. Office 365 is a "cloud-based" offering that is hosted by Microsoft. This is one of the rare cases where we receive additional features at far lower costs. Although this wasn't our first foray into the cloud, it was certainly our largest and most visible. We have plans to migrate some of our on-premise email accounts to Office 365 in the coming year, and expect to garner additional savings there as well. Since the email clients won't change, this will be transparent to our users. We anticipate we will be able to take advantage of our membership in Internet2 to leverage aggregated cloud offerings from their Net+ service in the coming year, further taking advantage of the efficiencies in this paradigm shift in computing.
Internally, this past year saw the beginnings of some custom application development work that will make it easier for faculty and their delegates to manage the research administration process. Much of the work that took place is still behind the scenes, but the patterns we have documented for building applications will bear fruit for years to come.
On the security front, we continued to strengthen our defenses for protecting Emory's information assets. Given the continued proliferation of mobile devices, one of the more significant changes was the installation of a default security profile on all the "smart" mobile devices that connect to Emory's core information services. Having this profile in place, which requires users to utilize a device password that includes local encryption, has already resulted in dozens of cases where sensitive information was protected when devices were lost.
In addition to technical changes like the mobile device policy, we also sought to address one of the most challenging security risks of all - social engineering. By now, nearly everyone is familiar with "phishing" attacks. These are attempts by bad actors to convince Emory faculty and staff to click on links that ask for user names and passwords, or that install malware. Despite our best efforts at raising the awareness of how to detect such attacks, it wasn't until we took on the role of faux phisher, that we were able to provide individualized feedback. This directed feedback allowed us to decrease the rate of successful phishing by over 40%. As information security threats continue to increase, we are going to have to continue to find creative methods such as this to reduce threats to the Emory community.
On the Emory Healthcare (EHC) front, we transitioned Emory Johns Creek Hospital over to the core EHC-provided clinical and financial systems, running on our enterprise IT infrastructure. We won't have to wait long to extrapolate from this trend, since the same migration will be occurring for St. Joseph's hospital in the coming year. Although the future of healthcare reform may be unclear, the one certainty is that it will involve change, and information technology is certain to be a key component of that change.
Our initiatives demonstrate how much change is all around us. Looking forward, I expect that our ability to embrace such change will be a key factor in our ability to deliver cost-effective and secure services that advance Emory’s mission.
Rich Mendola
Vice President for Information Technology and Chief Information Officer
"Our initiatives demonstrate how much change is all around us. Looking forward, I expect that our ability to embrace such change will be a key factor in our ability to deliver cost-effective and secure services that advance Emory’s mission."
Dr. Rich Mendola,
Vice President of Information Technology and CIO for Emory University