TIER Contributor Profile - Helen Patton
(Left) Helen Patton, CISO, the Ohio State University
Helen Patton’s career in IT has spanned the private sector and academia. Before entering academia Helen worked as the Information Technology Risk Manager for JP Morgan Chase bank. “I got to travel the world and work globally with different teams, including the IdM operations of the bank. It was a tremendous learning experience that’s very different than higher ed,” said Helen. “The main difference I’ve found is that there is a focus on independent thought in higher ed. Unlike the private sector—especially industries as heavily regulated as banking, when you have something that is required by law—there’s still a lot of discussion on how to meet requirements. You have to convince people that there’s a good reason that’s important to them personally.”
As the Chief Information Security Officer for The Ohio State University Helen and her team are responsible for 45,000 employee and 65,000 student identities, covering everything from incident response, governance, project management, and endpoint management. OSU recently began a pilot of Grouper as a solution for gaps in access control capabilities that her team has found with cloud vendors used by their campus.
Ohio State is a member of Internet2 and one of 49 TIER investor campuses and several members of Helen’s team are participating in the various TIER working groups. In addition to this, Helen chairs the TIER Security and Audit working group, which focuses on advising TIER’s developers on recommendations and best practices for their components. Her work as the group’s chair is very much in line with one of the central duties as CISO: “I spend a lot of my time talking to people about security so they can make good security decisions.”
“Being part of TIER has been really useful,” said Helen. “Obviously there are benefits of access to toolsets that address our school’s immediate needs like Shibboleth, Grouper, and so on. But being part of the community gives us access to thought leaders in the identity space that we would otherwise not get to know. What I find when I talk to identity people in the private sector is that they don’t understand how we do identity in higher education. Our needs are simply different from the government and private sectors. The TIER community is integral to what we do.”