Provisioning: Q&A with Ben Ruset, Princeton University PART 2

Posted: June 17, 2010 in Industry Commentary

Ben Ruset is systems administrator at Princeton University. He speaks to VPN Haus about how graduation and new school seasons can disrupt provisioning. See Part 1 of the Q&A here.

VPN Haus: Does the size of the university matters in how to deal with provisioning?

Ruset: I think that the size of the university may present some logistical challenges, but this is where having set policies and well-documented workflows are crucial. Basically, it boils down to managing expectations. You have the expectations of the students (that they will get an account), the expectations of the people in IT (that they will have the information they need to create the account), and the expectations of the registrar’s office (that the students will be taken care of.) The only way that this will happen is with clear communication.

So to turn this back into the corporate world, when a new employee is hired it’s important to make a good impression. So things like having an account provisioned for them, a PC on their desk, etc. is absolutely crucial. If they walk in and they don’t have a place to sit, don’t have a way to receive emails, etc. it doesn’t paint the organization as a whole in any good light. By having a policy in place that says “when a new employee is hired, IT should be notified at least X days prior to the employee start date, and IT should confirm with HR that the account has been created”–  it sets the level of expectation. Now, if the workflow isn’t followed, it becomes a human problem (oversight, laziness, being overworked, etc.) and not a technological problem. Ideally then the organization can then address the issue with the person and prevent the issue from happening again.

You can essentially reverse all of that for account de-provisioning.

VPN Haus: Are the influx of mobile devices on campus impacting network connectivity issues (bandwidth, provisioning, network access, security)?

Ruset: I’d say that wireless networking is probably the biggest thorn in the network group’s side right now, but is also the area where the campus really has to invest in. I think that now there’s an expectation that WiFi will be ubiquitous throughout campus, and that involves a heck of a lot of infrastructure to make that happen. Just by walking through Frist Campus Center at lunch (if you watch House MD, it’s the building they use to show Princeton Plainsboro Hospital), you’ll see dozens of students with their laptops open, working or relaxing. Add phones that have WiFi built in (eg: iPhone, Android, etc.), and things like iPads it’s not going to be uncommon for students to have two or three wireless devices on the network at any one time.

One of the really big challenges is IP space. Princeton uses routable IPs for all of their devices, and they’re in short supply. That’s one of the reasons why the network team is so proactive at looking at traffic and blocking devices that misbehave.

Ben Ruset is systems administrator at Princeton University

Related Reading:

Q&A with Ben Ruset, Princeton University PART 1

De-provisioning is Just for Former Employees, Right? Wrong!

IT departments should make the case for corporate resources

Combating Data Breaches with Provisioning


[tweetmeme source=”vpnhaus” only_single=false]

Comments
  1. […] de-provisioning, employee security, HR, human resources, IT, provisioning, security VPN Haus contributor Ben Ruset posted some food for thought on his blog about employee provisioning. Some people assume […]

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s