The director of IT at an Oregon community college discusses how the forthcoming Midsize Enterprise Summit: IT Security event will give attendees a chance to hear security solutions, not scare tactics.

Michael McClure is the director of IT, network services, at Rogue Community College in Grants Pass, Oregon. He’s also a charter member of the Midsize Enterprise Summit IT Security Advisory Board, where he’s helping drive content for our forthcoming Midsize Enterprise Summit: IT Security event, which takes place May 22-23 in Jacksonville, FL.

The MES: IT Security event will give attendees peer advice, plenty of networking opportunities, face time with award-winning vendors, the chance to hear about the latest products and solutions to protect your data from constantly evolving threats, and more.

We chatted with Michael recently about the security problems his organization has faced, how organizations can fight data breaches, and what to expect from the MES: IT Security event. Here are highlights from that conversation:

Michael, what can you tell us about your organization and your role in your organization?

Our institution was established 47 years ago. We currently have around 1,400 employees, including a large cadre of part-time instructors and 5,000 to 6,000 students per term. We cover Jackson and Josephine counties in southern Oregon along with a large contingent of online students. I am an alum of the institution and worked here as a student. I came back as a full-time employee in 1995 and have held multiple titles mostly in IT. I moved into management a decade ago and am currently the director of IT over network services which encompasses LAN/WAN network and server infrastructure, Wireless/NAC, Active Directory, backup/DR, Firewall, O365 management, and of course IT security.

What interested you in being on the MES IT Security Advisory Board?

To get a better insight into the issues that my fellow IT professionals are facing. To help shape the direction of IT security content and get an insight into trends that vendors are seeing within this sphere.

Have you had any problems with security in your company?

The standard SPAM/phishing clickers and one theft of an isolated database.

What takeaways and/or lessons learned did you learn from those problems?

Implementing continued training for our staff on what to look for and avoid with incoming e-mails. And better screening for staff and student workers along with taking over management of the database in question.

How can organizations do a better job of protecting themselves against data breaches?

Make the staff part of the solution with positive reinforcement of good practices. Encapsulate sensitive data on isolated VLANs with no direct user contact to the databases. Implement safeguards such as NAC solutions to safeguard data access by Wireless/IOT devices.

How can the MES IT Security conference help attendees improve their data security?

Deliver relevant content without the tired scare tactics/statistics pitch. Focus on mitigating the threat vectors coming onto the landscape. Give some vendor-agnostic solutions to common IT security problems.