Security, always a work
in progress"> eWeek: Michael Skaff, what are you looking at as the 800-pound gorilla at AdSpace? Skaff: I think its something that has always been and probably always will be a work in progress--security. As our networks grow--and they are growing pretty much daily at this point, as we add customers both internally and externally--Im increasingly concerned about managing enterprise security and making sure that all of our doors are closed and locked in the right way.eWeek: The external customers that youre adding--are those supply chain partners or general public?Skaff: General public, in general. Were actually looking at supply chain partners and adding them as well, but that will probably be more of a tertiary step. Initially, its more the pure internal and external customers that Im concerned with. eWeek: The external customers you have pretty much no control over--things like client configuration. You just have to be open to all comers? Skaff: Exactly. We are trying to find ways to lock that down via different methods. Its the age-old balance of security versus usability. eWeek: How do you feel about your securitys state at this time? Do you feel that youre where you need to be, or are you way behind what youd like to be? Skaff: I feel were moving in the right direction. I dont think Ill ever be satisfied with where we are--its the nature of the beast. We have work to do, but weve also done a lot of work in that direction, as well. Were starting to see more vendors pay attention to security as a top priority, but theres still a long way to go. Were still playing catch-up with the black-hat researchers, if you will. eWeek: Kevin, whats happening up at the S.C. Johnson School of Management? Baradet: Were going to be doing pervasive wireless very shortly. Were looking at a system from a company called Chantry Networks [Inc.], which is using something they call BeaconPoint, where the radio is separate from the actual LAN switch and you can do policies and authentication and class of service, quality of service. eWeek: This would let you administer a different set of access policies for wireless users than for wired users? Baradet: No. Right now, its strictly for the wireless system, but it lets you discriminate among the wireless users. So if youre unauthenticated, anything you try to do gets diverted to a captive portal. You can put Web page links there so that [users] can access internal information or general information and also go and register themselves. eWeek: This would make it easier for you to have multiple classes of wireless service for different degrees of trust? Baradet: Correct. We very often have executives who come in to give presentations. We dont always know about it; it happens at night. Theres not always a good way to make sure that the people can get on. Starting with the next fiscal year, were going to be mandated to have every device on our network registered back to a person for accountability purposes. eWeek: I know youve been a wireless adopter from pretty early on in the emergence of 802.11 technology. When you say "pervasive wireless," what change does that imply from what youve been doing for the last few years? Baradet: Were going to basically put it down to an access point in every classroom and take it throughout the building from top to bottom. The primary driver for that is Tablet PCs, of which my boss is a fan. She wants to be able to use [her Tablet PC] anywhere in the building as she goes from meeting to meeting, and were seeing great demand from our students. They have their laptops, but they dont always use them in class and dont want to carry them around. So they would like to use a Pocket PC device or something of that nature to schedule meetings, check e-mail and so on while they are in class and as they roam about the building. eWeek: What about outdoor areas, general campuswide wireless? Baradet: There is a general campuswide wireless system thats called Red Rover. It was primarily installed in the libraries and common areas [whose wiring was] too expensive to retrofit, primarily because some of these buildings date back to the late 1800s. That system is run by the central IT group. Its been completed, and now they are looking at putting wireless in other areas.