2020-2024 Information Technology Strategic Plan for Auburn University
Contained herein is Auburn’s 2020-2024 Information Technology (IT) Strategic Plan. The plan is designed to align with the Auburn University 2019-2024 Strategic Plan to the greatest degree possible. However, there are unique challenges readers must understand about Auburn’s technological environment. First, major service delivery systems are adequate, but are aging and need to be refreshed to facilitate efficiency and leverage innovation in the marketplace. Highest priority will be assigned to those projects that improve student experience/success and achieve research goals. Second, changes in national policy impact strategy in areas such as technology supply chain and cybersecurity. Auburn’s technology strategy must be aligned with national policy and directives. Finally, refreshment projects must be prioritized. All requirements for modernization and business process improvement cannot be done at the same time. The mix and priority of projects will be developed in conjunction with executive plans for implementing the Auburn University Strategic Plan, staffing levels, availability of funding, and Auburn’s business cycle. Auburn is a complex enterprise.
A few facts to consider in reading this plan:
Auburn’s Information Technology (IT) Strategic Plan is designed to serve three purposes. First, it communicates the university’s strategic goals to IT professionals and offers IT providers a guidepost for deploying technology services that support the accomplishment of the university’s goals. Second, it provides flexibility for IT units campus-wide to develop their unit’s plan while aligning with the CIO’s strategic philosophy and technical direction. Third, the plan offers strategies that recognize the challenges of supporting today’s technology environment. The plan offers units the flexibility in deploying technology that supports their unique missions while leveraging centrally provided services. Among those central services that units leverage are cybersecurity risk mitigation, supply chain compliance, and infrastructure modernization.
Complicating planning is the staggering pace of change in the consumer technology marketplace. For example, consider the evolution of video production. The first camera was built in 1816. The first black and white “movie” with coordinated sound/dialog was produced in 1938. It took 122 years after the invention of the camera to produce a modern theatrical film in black and white. Nokia produced the first camera-enabled phone in 2001. By 2015, Apple iPhones were streaming high definition video, with the capability of producing over 16 million colors – a period of only 14 years from Nokia’s introduction of mobile phone cameras. Technology change continues to accelerate. As stated above, while major manufacturers’ smartphones have an average life expectancy of 4.7 years, major upgrades in new models actually hit the marketplace approximately every two years. The speed of change brings with it some additional risks particularly in protecting devices from intrusion and data theft.
To illustrate the particularly strong need for an effective cybersecurity strategy in a rapidly changing landscape, consider:
- In 2018, 603 students and 37 faculty/staff at Auburn University were victims of Phishing and/or Social Engineering. Had these credentials been exploited, intellectual property could have been stolen, payments redirected, or paychecks misappropriated. While the numbers may seem low in comparison to the total university population (30K students and over 8400 faculty/staff) a single person with access to critical data could compromise hundreds of thousands of sensitive records.
- Fireeye’s M-Trends 2019 Report2 notes that on average, the time between when an intrusion occurs and when that intrusion is recognized is 78 days. What harm could be done in 78 days? This IT Strategic Plan is 12 pages long and approximately 200 kilobytes of data. It can be transmitted over the network in less than a second. All the intellectual property in a decade long research project could easily be stolen in those 78 days.
To facilitate the strongest cybersecurity, comply with national cybersecurity policy, and offer efficient infrastructure, all while managing change, Auburn manages the technology environment as a single, complex enterprise, not as a confederation of individual units. Enterprise solutions offer the most efficient service delivery for the entire campus. While those solutions may not be perfect, every effort must be made to use those solutions and avoid one-off, unit-unique systems, tools, and services.
This IT plan supports Auburn University’s 2019-2024 Strategic Plan by providing a direction for the campus technology environment. IT professionals in both central and distributed units will build sub-plans consisting of Action Items, Resources, and Timelines. These plans will be coordinated with the senior leader in the support team’s home unit as well as the Office of the Vice President for Information Technology/Chief Information Officer.
Following each major goal is a set of sub-goals that support each major goal. These sub-goals will further be refined into Action Items, Resource Requirements, and Timelines.
Finally, The IT Strategic Plan is designed to follow the format of the Auburn University Strategic Plan. Underneath the sub-goals is a reference to any corresponding goals from the Auburn University Strategic Plan.
Last Updated: February 25, 2020