Tech Trends: What’s On the Horizon for Higher Ed IT Leaders in 2024?

EDTECH: A little more than one year after the release of ChatGPT, what are conversations around AI like on your campus today?

MCINTOSH: AI is here to stay. We need to think about how we can proactively engage with it beyond just generative AI, and what the practical applications are for it, whether that’s on the academic side of the house or the administrative side. I’m a fan of it; I’m trying to dabble in it myself. I want to make sure that IT is using it and using it effectively to improve our efficiency and our capability and effectiveness. But I also think it’s hard for higher ed to grow its human resources. We can work smarter and better, and I think AI gives us that capability. What I’m trying to get folks to do is to just understand AI in general, and my definition is that this is another automated capability to help human beings work more effectively. It’s a tool that comes in and augments what you do. I keep it at broad terms, so we don’t have to be stuck in the generative AI lane. There’s much more to that.

ANDRIOLA: You can’t have a conversation today in higher education without the AI word coming up. I interact with audiences where it can go both ways: The conversation is about the potential, and then another conversation is about people, where there’s high levels of fear and anxiety about how do we manage to control and keep this thing at arm’s length. I deal with both sides of the conversation. At an institutional level, as we’ve talked about it, we’re going to lean in and lean in hard to figure out how to use this new tool to rethink everything we do. In the classroom, there’s worry about so much pedagogical change in a short period of time, so there’s going to be a lot of debate, but there’s a lot of campus operations and administrative things and student support activities where a chatbot could answer 90 percent of the repetitive questions.

EDTECH: Where do you anticipate AI tools to be practically applied on your campus in the next year?

MCINTOSH: I’ve recently tasked one of our team members to download the OpenAI version of the large language model and put it inside the Richmond ecosystem, and then we’re putting together our own data based on our content over the years. It’s a small start, but we have a prototype up, so in the new year I’m going to be asking some of the vice presidents to think about some use cases where they could query this. This could help us use the new framework of how we want to market our institution using our core content.

ANDRIOLA: There’s going to be a battle between pedagogical comfort when having these things introduced and then what the students can do on their own, outside of what the university can control, to use these tools. That tension’s going to be there for a while. Longtime faculty say that’s the way the calculator actually looked, kind of same thing: “That’s cheating if you use that calculator to work on your calculus homework.” So, I think we’re going to have that.

In terms of our students going out into the world, we have to think about what we want to see in the classrooms. Because, when they go out there, they’re going to be expected to use these tools, and using them could be a competitive advantage. One of my favorite phrases these days is, “AI is not taking your job. The person who knows how to use AI is going to be the one to take your job.” Because they’re going to be 10 times more productive and deliver higher quality, or do something three times as fast because they’re using a better tool. If I’m digging a foundation with a shovel, and you bring in a backhoe, guess who’s getting the contract? We can throw all the buzzwords around we want, but it’s a better tool for me to use to be a more productive and more valuable employee.

RELATED: Generative AI gets dangerously smart for education.

EDTECH: Cybersecurity is always a major priority for higher ed IT leaders. Where are you on the adoption of zero trust? Can it be implemented effectively in a university setting?

ANDRIOLA: Zero trust has tremendous promise for us, but I think the implementation is going to take time for the products to mature and for the implementation methodologies to really be figured out by organizations before we’ll realize some of those benefits. I also think that the horizon is long: If I can compare it to the AI journey, the headwinds you’re up against are somewhat technical and then also in mindsets. Mindsets have to change before you can start to change toolsets. With zero trust, the technologies will come. We’ll figure out implementation. But there’s a really different headwind in this situation: It’s called the bad actor community. We’re talking about a set of people who get up every day like, “I want to extract something from you that’s going to hurt you.” And that headwind is going to be really strong. So, every step we make forward with zero trust, you’ve got this community out there that’s finding the weak spots in whatever you deploy that you think is better. And they have these AI tools and are using them at a much faster pace than you and me. So, I like the philosophy, but I think the horizon is going to be longer because we have a different headwind here than we traditionally do.

MCINTOSH: My outstanding director of information security has wooed me over to zero trust. I don’t know if I want to lead with zero trust as the language around the campus community, but the concepts behind it, the principles behind it, are guiding our steps now. I think we have some more rudimentary intermediate steps that we need to do to bolster our security posture, but I would say, long-term, I see the benefits of it. Anything that can help protect our data from the adversaries and bad actors that are out there, I’m all for it. We’re at the very beginning of that conversation, but zero trust is definitely part of our vernacular, and we’re planning for it.

Click the banner below to find out how identity and access management paves the way to zero trust.

I would also say is this: I’m very fortunate here. I don’t have infinite resources, but I have a decent amount of resources with cyber liability insurance, and part of our move to zero trust is both internally focused — we believe it’s the right thing to do, it’s in line with the security model that we have in place — and external pressures are going to be put on us. So, having been privileged to bring cyber liability insurance into the University of Richmond ecosystem, and we’re now on our third iteration of having a relationship with an insurer, the insurers are ratcheting up what they expect of us. Zero trust is one of the ways to keep our premiums at a low cost, which really resonates.

EDTECH: Remote work seems like something that’s here to stay, even in higher education. How are you managing your own remote employees and how are you managing all of the devices on your network?

ANDRIOLA: We have an initiative that was led by our HR team called Work Reimagined, where we worked on the policies and the procedures and the training around allowing people to have hybrid work arrangements, because there were different competencies at the employee level and at the manager level. You have to have policies and procedures in place that you can have the manager stand behind: If you want to work from home, here are the things that you have to do.

One of our greatest challenges in accommodating remote work is access to systems. You’re now a lot more reliant on your VPN. How do you use dual authentication? The second is keeping these devices up to date on all of their security patches. Do we feel comfortable allowing people to do their own upgrades, or are we going to use technology and push a lot more? How do you do that technically, but also how do you do that logistically? I have to model being a good employee. I have a laptop and I can do a lot of things with it because I have a technical background. But I follow the book, because if I create an exception for myself, why do they have to follow it? So, I get a reboot every Thursday night that upgrades all of the things that need to be patched on my computer.

MCINTOSH: The pandemic forced a lot of investments into things we needed, so we enhanced our VPN capability to allow folks to do the work they needed to do. That investment is still in place today. It allows folks to be able to log on from wherever they are and work, and it gives us another level of assurance that we’re doing it securely. The second thing we did is going the two-factor route. Our two-factor capability is through Cisco Duo. We started with the most basic and most immediate needs, and now we’re branching out to our secondary and tertiary needs of what needs to be two-factored.

I remember, when we first introduced two-factor authentication, you would have thought we were shutting down the world. I would often remind folks that your debit card has a PIN. We went small, and we’ve grown, and now I think the pushback has lessened. There’s hardly any argument against two-factor authentication. But when we talk about mobile device management, that’s all going to be resurrected, and we’re going to deal with pushback and questions when that happens.

UP NEXT: Implementing campuswide cybersecurity training that educates and entertains.