The past 26 years in IT have spawned significant changes for Rusty Bruns, especially in the education arena. As CIO of Charleston Southern University in South Carolina, he has had his share of battles over budgets, security and compliance. Here he talks about what life has been like and where he sees opportunities for the future.

You've been in networking a long time. What's the biggest difference between when you first started and now?
I've noticed a couple of things. First is price. The cost of technology has decreased significantly. In 1997, a desktop would cost about $2200. That same PC today is less than $800. So, not only has the price decreased, but when you allow for inflation, the price should be about $2900. This shift has been across the board for technology. The second thing I've noticed is with security. Security used to mean that you lock the door when you leave. Today, billions of dollars are spent to safeguard data, and billions are lost due to viruses, hackers and, now, phishers.

In terms of security, how do you keep up?
Just when you plug one hole, another two have been created. The knowledge base of IT employees has to continually evolve to keep abreast of new threats, and funding has to increase to keep security hardware and software up to date. We've evolved from locking the door to locking down the network.

So has it been difficult to get budgets approved for more security?
It's hard to explain to others why funds have to be spent. I have to explain to them in terms they can understand and show how this benefits the university. But to get budgets approved, I document everything. I can show trends, uptime for servers, an increase in users for the past seven years, the increased hits on our Web site and spam server, blackboard usage and so on.

What techniques do you use to instil confidence in board members?
I show them the technology advances Charleston Southern University has made. We've had 10 national and regional press releases in the past two years; we won a Cisco award in the 2004 for innovative technology (the first school in the state to ever win the award); and we ranked 36th in the US by Intel for "Most Unwired Campus."

How do you handle the ever-expanding federal and industry regulations?
We have a good handle on compliance. The main concerns for us are the Health Information Portability and Accountability Act and the Gramm-Leach-Bliley Act. Every 18 months, I have an independent security audit done on campus. Last year, when the audit started, I requested that they also look at compliance, and we were fine.

What about acceptable-use policies? Do you believe they are necessary?
Yes, very necessary. Liability is the issue. If one of my students uses my network to break the law or do malicious damage and I did not have a policy in place to identify how the network can be used, I will bear some of the responsibility. This can be very expensive. I recommend identifying a policy that works, which means using another institution's policy with their permission. Make sure your own legal counsel reviews the policy.

What excites you about the future of technology?
We are just starting to implement on-demand videoconferencing. Web conferencing allows us to hold face-to-face classes any time, anywhere. It is fast, easy to use and only requires a broadband connection, PC or laptop, and a camera. A faculty member can now hold a class from home or while on the road, record the class, put it on the blackboard, and all students can download the class and review the information. It has the potential to solve some classroom-overcrowding issues.

Is there any accomplishment that stands out for you over the past two decades of your career?
When I started here in 1996, there was no Internet, no e-mail, no Web pages and, truly, no network. In 10 years, we have come from last place in the technology world to an environment where others ask us, "How did you do that?"