Update on Department/Program Websites

2 04 2014

TAG member Teresa Conte attended the March 17 meeting of the Committee on University Image and Promotion (CUIP) for a discussion of PR’s Department and Program Website initiative (introduced in the notes from TAG’s February meeting). Here are some notes from Teresa about the project:

University of Scranton Website – Project Information and Update:

  • The University updated its general website in 2012-2013
  • The Committee on University Image and Promotion (CUIP) is overseeing the next phase of updating which is focusing on Department and Program webpages.
  • Because TAG had identified the older Department webpages as an issue that affects enrollment and program images, we have partnered with CUIP on this project and have been represented at CUIP meetings.
  • CUIP has secured a company (Converge) to write the updated web content.
  • CUIP met in March and the first 50 Programs were identified to be revised and updated. Eventually, every Department/Program will have their webpages updated. The goal for completion for the first part of the project (first 50 programs) is the Fall of 2014.
  • Once the content is written and approved, another company (search being conducted) will format and publish the content to the web.
  • Converge has developed a survey that departments will complete that will assist them in using the most updated information for this project. Departments/Programs are able to individualize their web content and select what they would like highlighted, and suggest media content and other pertinent information to be included in the update.
  • This project is of vital importance to the members of the University as there is a wealth of research that shows that more and more prospective students visit websites before committing to a campus visit. This makes the website the first impression for thousands of prospective students.

———————————————————-

Update 2014-04-03: Dave Dzurec (who also attended the CUIP meeting) provided some notes to answer questions about the project:

Departments and programs still have ultimate control of the content. The hiring of the consulting firm came in part from a larger TAG discussion about the maintenance of department and program pages–and a request for greater support from the administration in maintaining these sites.  The consulting firm is aiding in the redesign of a number of program pages (initially 50 different programs selected by a joint TAG/CUIP committee). The redesign will be done in consultation with the program faculty (TAG has already reviewed a draft of the questionnaire that will be sent to the program directors/chairs) and then overseen by each department. At this point once the update is complete the program/department site update process will continue to function as it does now–that is individual staff and faculty members in each department will be responsible for updating the sites. The longer term hope is that the administration will hire someone to more actively assist department faculty and staff in keeping the sites up to date and navigating the joy that is the CMS.

 

 


Comments : 2 Comments »
Tags: , ,
Categories : CMS and University Website, Website Proposal

Identity Finder FAQ for Faculty

25 03 2014

[Note: Significant updates made on 2014-05-13, 2014-05-07, and 2014-04-24. Updates on scheduling and encryption on 2014-07-02.]

Back in April 2013, IT Services Director Jim Franceschelli and Information Security Director Adam Edwards came to TAG with a proposal to automate Identity Finder scans on faculty desktop computers. In June 2013, the President’s Cabinet approved the use of automated scans with Identity Finder on University-owned desktops as part of an overall Information Security Data Loss Prevention program. Then-CIO Jerry DeSanto sent an email announcement about the program to all faculty and staff on June 21, 2013, projecting implementation in December 2013.

Since then, Information Security has been working with TAG to pilot test the scans and try to smooth the process as much as possible for faculty. Automated scans have already started for staff, and Information Security would like to move forward with implementation for faculty machines. Currently, automated scans are scheduled to begin on August 1, 2014. Here’s what faculty need to know:

Why is the University doing this?

  • Data security is serious business for higher ed — we have ethical, legal, and financial obligations to protect the personally identifiable information that we have collected from students, faculty, staff, human subjects, etc.
  • If your computer or external media contracts a computer virus, is lost, stolen, or broken into over the network, files containing restricted information are at risk for theft. This information can be used to steal not only your money and identity, but also the money and identities of anyone else who either shares your computer or whose restricted information you store.
  • If you store restricted information for University work, the University would be obligated under state law to notify everyone affected by the breach and could potentially be legally liable.

Does this benefit me at all?

  • Identity Finder can help you protect yourself — use it to search for sensitive, unprotected information on your computer and then take an action (Shred, Scrub, Secure, Quarantine, etc) to secure that information. (Personally, an Identity Finder scan I ran on my machine found old documents containing my SSN that I had stored unencrypted in Google Drive… not smart.)
  • If your computer gets a virus, IT Services can clean and return it to you much more quickly and easily if they have a recent Identity Finder report for your machine.

What is Identity Finder?

  • Identity Finder is security software that scans your (Windows) computer for sensitive, unsecured Personally Identifiable Information (PII) stored in unprotected files.
  • If you run a scan on your machine, Identity Finder will give you a report showing what it found and where. It then gives you options to take action – you can shred the file, scrub (redact) information, secure the file, or move it to a quarantined location. You can also ignore false positives.
  • It works by looking for patterns – for example, a nine-digit number in the pattern ###-##-#### would be picked up as a possible Social Security number. If it picks up something that looks like a Social Security number but isn’t (a false positive), you can tell it to Ignore that result.
  • Identity Finder has been installed on all University Windows machines (via KBOX) since about 2009.

What kind of sensitive/restricted information are we talking about?

  • Restricted information is any piece of information which can potentially be used to uniquely identify, contact, or locate a single person. Restricted information is generally regulated by law or contract and often used for financial, medical, or research identification. (See the Information Classification Policy for additional info.)
  • Identity Finder looks for most types of Personal Identifying Information:
    • Bank Account Numbers
    • Credit Card Numbers
    • Dates of Birth
    • Driver’s Licenses
    • Passwords
    • Passport numbers
    • Social Security Numbers
  • Identity Finder is NOT looking for:
    • Email addresses
    • Mother’s maiden name
    • Personal addresses
    • Phone numbers
    • United Kingdom National Heath Service Numbers, United Kingdom National Insurance Numbers, Canada Social Insurance Numbers, Australia Tax File Numbers
  • If you’d like to get a better understanding of what kind of information Identity Finder picks up, you can run a non-scheduled Identity Finder scan on your machine whenever you’d like.

What are automated scans? 

  • Right now, Identity Finder only scans your machine when you tell it to.
  • Information Security and IT Services plans to run weekly, automated Identity Finder scans (see the proposal for details) on all University (Windows) computers. The idea is that every Friday at noon, all University computers will automatically initiate an Identity Finder scan.

Where is Identity Finder looking? What folders/locations are scanned?

  • Automated scans include:
    • Local filesystems (like your C: drive) and local registry
    • Browsers
    • Attached devices
    • Email —  If you use a local email client (e.g. Outlook or Thunderbird), Identity Finder will scan through your mailboxes that are cached on your computer, however, if you mainly use OWA or other method through a browser, you don’t have a local cached copy, and Identity Finder won’t be able to scan it.
  • Scans do not include the R: drive or most other remote connections.
  • If you’d like to get a better understanding of what the automated scans will include, you can run a non-scheduled Identity Finder scan on your machine whenever you’d like.

What if I have sensitive/restricted/confidential information saved on my computer?  Like confidential human subject research data or client files?

  • ANY sensitive/restricted/confidential information that you are storing ANYWHERE should be encrypted! Without encryption, your data is vulnerable to attack, misuse, and all sorts of other bad things.
  • Information Security recommends using TrueCrypt (which is free and open source) to encrypt your data. Scott Finlon in Information Security wrote up some brief  instructions (PDF) for encrypting a folder of files using TrueCrypt. Update 2014-07-02: Support for TrueCrypt was discontinued in 2014-05, so Information Security now recommends using 7Zip – see instructions (.docx).
  • Information Security has been in ongoing conversations with the IRB about ensuring confidentiality of human subject research data and client files. Members of the IRB had expressed concerns that Identity Finder scans would violate the confidentiality of human subject data. The good news is that data encryption resolves this concern — encryption protects sensitive data from Identity Finder scans as well as from external malicious attacks.
  • Please contact Information Security if you have any questions about protecting confidential data.

How long do the scans take? Will this affect my computer or my work?

  • Identity Finder scans can take several hours if you have a large number of documents.
  • Thankfully, Identity Finder uses a search history to keep track of what files do and do not have matches. Because of this, the initial scan is much slower than subsequent scans, as it has to scan your entire hard drive. Each subsequent scan will only look at new files, changed files, and files that previously reported matches.
  • TAG members have been piloting automated scans since September 19, 2013. We ran our own scans first, and these often took quite a while. After the initial scan, however, subsequent automated scans have been speedy. So far, none of us have experienced any performance issues – the scans are essentially invisible to the user.

My computer went to sleep during the scan. What happens now? Can Identity Finder wake my computer up to scan?

  • Identity Finder scheduled scans are set locally, so they will only be invoked while the computer is on and running — they can’t wake up your computer.

What if I’m not on campus on Fridays and my desktop machine is turned off? What if I’m not on campus on Fridays but am using my laptop? 

  • Automated scans are currently scheduled in batch for Fridays at noon. They will run as long as your computer is turned on – whether or not you’re on campus (or on the University network).
  • If you are offline, the scan will run as scheduled. The report will be sent to Information Security once you reconnect to a network.
  • If your computer is turned off at 12pm on Friday (that is, if the scheduled scan is missed), it will begin with a randomized start time between 30 minutes and 120 minutes after the computer is back up and running.

What happens after the scan is done?

  • When the scan is done, Information Security will get a report from Identity Finder indicating the level of risk for that machine. The report includes the number of hits, but NOT the actual information that was marked as potentially sensitive – that is redacted. The reports show only a masked version of a potentially problematic file and the location where it was found. Reports are only viewable by the Information Security Director (Adam Edwards) and the Information Security Engineer (Scott Finlon).
  • Based off of these reports, Information Security then works one-on-one with users, recommending that users delete the files (if they’re no longer needed) or move them to a more secure, encrypted location. (Adam said that he is working with staff with the most risk first — e.g., people with 1,000 hits or more.)

What if I have a Mac or Linux machine? 

  • Automated Identity Finder scans will only run on Windows machines.

When is this happening?

  • Automated scans are scheduled to begin on University-provided faculty desktop machines on August 1, 2014. (Information Security Officer Adam Edwards sent out a notification to all faculty on May 28, 2014 and a reminder on June 30, 2014).
  • Automated Identity Finder scans are already running on staff machines (and on TAG members’ machines).

What should I do to prepare?

Questions or concerns?

 


Comments : Leave a Comment »
Tags: , , , , ,
Categories : Announcements, Security

TAG Meeting Notes 2014-03-12

12 03 2014

TAG Meeting March 12, 2014 12:00pm-1:00pm

Attendees:
Tim Cannon, Paul Cutrufello, Kim Daniloski, Dave Dzurec, Tara Fay, Jim Franceschelli, Eugeniu Grigorescu, Katie Iacocca, Charles Kratz (guest), Sandy Pesavento, Kristen Yarmey

1. Lunch

TAG members thanked CAS Dean Brian Conniff for sponsoring lunch for our meeting. Dave thanked Mary Ann Maslar in the CAS Dean’s office for making the arrangements. Charles noted that he is willing to sponsor lunch at one of TAG’s remaining Spring 2014 meetings.

2. Items for Discussion

WordPress

Dean of the Library and Information Fluency Charles Kratz asked to come to a TAG meeting to speak about the campus WordPress network (sites.scranton.edu), which has been a topic of TAG discussion since 2011. (In preparation for today’s meeting, Kristen emailed TAG members notes summarizing the history of the campus WordPress network as well as a justification for the academic use of WordPress that former TAG co-chair Jeremy Sepinsky had composed for IR in Spring 2013.)

At our last meeting in February 2014, we received word from Jim that IR would not be expanding support for sites on the campus WordPress network until at least 2015. Subsequently, at the February 14 Faculty Senate meeting, Senator Terry Sweeney expressed concerns about access to the campus WordPress network. There was seemingly some confusion at the Senate meeting about CTLE’s role in the WordPress network and a misunderstanding that CTLE staff were responsible for determining which requests for WordPress sites would be approved, when this decision actually rests with IR staff.

Charles (who oversees both the Library and CTLE) has since met with IR and CTLE staff in order to seek clarification on the criteria and process for WordPress site requests, as well as to ascertain whether there might be a middle ground for supporting faculty use of the campus WordPress network. Charles noted that the CTLE, while currently very busy with the Desire2Learn transition, is interested in supporting faculty use of WordPress and would be willing to support a few pilot sites in fall 2014. He suggested that TAG might identify faculty who would be interested in a WordPress pilot in the near future, and advocated for transparency for faculty regarding the criteria and process for site requests.

Prior to today’s meeting, Kristen had asked Jim for IR’s criteria for reviewing requests for WordPress sites, which she then emailed to TAG members. These are as follows:

Blogs are available to the University community to provide an area for discussion and collaboration. The following criteria will be applied to these requests:

  • Blogs can augment University web sites on www.scranton.edu which are built in the Web Content Management System (CMS). They cannot be used as a replacement for a department or organization’s www.scranton.edu site.
  • Blogs are only for University-related purposes, not personal interests.
  • Only faculty & staff members of the University community can be given access to post to the blog site.
  • All blogs will be accessible for public view access.
  • The URL for the blogs will be in the form of http://sites.scranton.edu/blogname/
  • No redirects of the form www.scranton.edu/xxxx will be set up for blogs so they are not confused with University web site(s).

Related information:

  • Desire 2 Learn (D2L), the University’s Learning Management System, has blogging functionality that can be used as part of a course offering.
  • Faculty & staff desiring to use wordpress.com for other blogging services should refer to our policy website (www.scranton.edu/pir/policies.shtml) for the Guidelines for the Use of Cloud Computing Services.

Jim noted that IR has limited resources and has to weigh what services they can support. He also explained that since this is a new service, it has taken some time to develop the criteria for what requests could or could not be accommodated. For example, individual student blogs (as one faculty member requested) could not be accommodated due to the difficulty of maintaining an accurate user list for that class within WordPress – while the campus network is integrated with Active Directory authentication, it is not integrated with Angel or Desire2Learn, so class lists must be manually added and maintained for WordPress sites. (As a side note, Charles mentioned that CTLE is working with a few faculty members to test Desire2Learn’s blogging function for student blogs. Results have not been encouraging so far, but testing continues.)

Charles and Kristen asked for clarification on the site request and decision-making process. Jim said that WordPress site requests could be submitted via Footprints (tsc.scranton.edu) and promised to add a request to the service menu within Footprints. He said that Connie Wisdo, director of IT Development & Applications (ITDA), will review the requests and make a decision based on the above criteria. If the decision is clear-cut, the response will be immediate, but if a request falls along the edge of the criteria, there might be some delay to allow IT staff members to discuss it first. Charles asked if there would be an appeal process for a faculty member whose request was denied. Jim answered that appeals could be directed to him.

Sandy asked if faculty could use third-party (external) blogging or web development sites (e.g., Blogger or WordPress.com). Jim said that faculty were free to use whatever tools they liked, on the condition that they review IR’s Guidelines for the Use of Cloud Computing Services and consider potential threats to privacy or security of students or other participants. Kristen said that as a librarian she had significant concerns about the privacy implications of requiring students to use third-party cloud services for class projects. An advantage to the on-campus WordPress network is that site data remains on campus and under University administration rather than entering the commercial data tracking and aggregation marketplace.

Tangentially, IR now offers server space to faculty and academic departments, with roles and support responsibilities enumerated in a service-level agreement. IR provides the server environment, while the faculty member/department is responsible for installing/maintaining the applications they wish to use on the server. There is a one-time licensing fee charge for this service. Kristen asked Jim for more information about this service, as TAG had been previously unaware of it.

Discussions about WordPress and related service offerings will continue. Kristen and Dave will meet with Jim and Robyn Dickinson (Interim VP for Planning and Information Resources) on Monday, March 17, and separately will meet with Interim Provost Pat Harrington and the academic Deans (date TBD). Charles suggested that, in addition to working with Jim and IR directly and reporting to the Faculty Senate,  TAG should also communicate with the Deans and Provost to keep them informed of technology needs on campus.

To further facilitate communication among all stakeholders, Katie suggested that TAG remind the Faculty Senate and the rest of the faculty to share their concerns about academic technology with TAG, such that TAG members can continue to work constructively with IR staff. Dave will include this reminder (as well as an update and clarification on WordPress) in his report to the Faculty Senate this week.

Faculty Specialized Software/Computer Lab Questionnaire

Back in November, TAG sent out a questionnaire to all faculty to ask for input on their use of specialized software, computer labs, lecture capture, and learning management systems (Angel/Desire2Learn).

Kristen apologized for the delay in sharing results, but has finally finished a qualitative summary of faculty responses, shared here for preliminary review by TAG members. Only 52 responses were received, and respondents tended to be faculty interested in software/lab issues, so the sample did not seem representative. The summary is almost entirely qualitative, so anyone interested in performing a quantitative analysis should contact Kristen for access to the full data set.

Kristen asked that TAG members review the results and identify any action steps or areas for further research. 

3. Brief Updates

Identity Finder Automated Scans

Back in April 2013, Information Security Officer Adam Edwards brought a proposal for automated Identity Finder scans to TAG for consideration. At our February meeting, Adam Edwards and Scott Finlon from Information Security came to the second half of the TAG meeting to demonstrate the administrative side of Identity Finder automated scans, which non-Mac-using TAG members have been piloting since September. They also demonstrated TrueCrypt as their recommended tool for encrypting sensitive data (including confidential human subject research data, as Adam has discussed with the IRB).  Scott has since shared step-by-step instructions for TrueCrypt, which Kristen posted to the TAG site. Update 2014-07-02: Support for TrueCrypt has been discontinued, so Information Security now recommends using 7Zip for encrypting sensitive or confidential data.

Adam and Scott would like to begin the roll-out of automated Identity Finder scans for faculty desktops, starting with departments that would be unlikely to have confidential subject data stored on their computers. Scott sent Kristen a list of departments as they appear in Identity Finder (based on Active Directory groups) as a starting point. Kristen asked at today’s meeting for TAG member volunteers who were willing to confirm their department’s readiness to begin automated scans. Dave has already spoken to the History Department, and Kristen will speak with Library faculty at their next department meeting. Kim and Paul were willing to speak with their departments (Management/Marketing and Exercise Science) but asked for some additional information that they could refer colleagues to. Kristen will write up a summary/FAQ on Identity Finder for faculty and post to the TAG site for reference.

Kristen suggested that faculty members run their own Identity Finder scans  to understand the software and results (the software is already on all faculty PCs, via KBOX). Any sensitive data can and should be encrypted with TrueCrypt. Jim reminded the group that Identity Finder also helps IT Services deal with faculty computers that have been infected by malware — a recent scan confirming the absence of confidential data makes it much easier and faster for them to clean and return the machine.

There were a few remaining questions about the automated scan process, which Kristen and Jim will review with Adam:

  • Who exactly is included in a department group? Full time faculty, adjuncts, department staff (e.g., departmental administrative assistants)? Jim believes that the groups include *only* faculty members (including part time/adjuncts), but we will confirm this with Adam.
  • Automated scans are currently scheduled in batch for Fridays at noon. What happens for faculty members who are never/rarely on campus, with their laptop, at that time? (Katie noted that this is common among KSOM faculty.) Could an alternative scan time be scheduled? Or do scans begin the next time you turn on your computer?
  • What happens if you turn off your computer during a scheduled scan? Does it pick up where it left off when you turn your computer back on?

Departments that are ready to begin automated scans should contact Kristen and/or Adam. Adam and Scott are also available to answer questions about Identity Finder, TrueCrypt, or other information security issues.

Lecture Capture – Panopto Pilot

On Wednesday, March 5, Dave and Kristen attended a meeting with Jason Wimmer, Jason Oakey, Jim and Eugeniu for an update on lecture capture and the pilots taking place in PCPS this semester with Panopto. (Full notes from that meeting, summarized here, are on the TAG site.) 

IT Services began piloting lecture capture back in Fall 2012 with two installations of MediaSite (LSC334 and LSC433). TAG members Jeremy Sepinsky and Tara Fay tested out the technology in their classes. While there were some good things about MediaSite, IT Services discovered lots of complications that would make it difficult to scale and expand across campus (see Jason’s article in the Winter 2013-2014 IT Matters for more details).

As of Fall 2013, IT Services has been working with faculty in PCPS (Counseling, Nursing, and Education – including TAG member Sandy Pesavento) to pilot a different lecture capture technology – Panopto.  Panopto is a hosted service, which makes installation faster and easier in comparison to MediaSite. IT Services set up 13 rooms in McGurrin, and already over 790 sessions/interviews/classroom scenarios/nursing simulations have been recorded. Feedback to date from faculty and students has been very positive – even enthusiastic. Sandy has been using Panopto in her education classes to record students teaching sample lessons. She invited interested faculty to visit one of her class if they would like to see it in action. (As a reminder, on last spring’s ECAR survey on undergraduate students and information technology, 63% of our student respondents said they wanted their professors to use lecture capture.)

Our current license for Panopto only covers PCPS (where the pilots were taking place), but IT Services has put in a request to the FMC for a full campus license. IT Services plans to expand access to lecture capture across campus (potentially enabling 5-6 additional classrooms next year) and to integrate Panopto with Desire2Learn. Jason Wimmer will be giving a presentation on Panopto at an IT Forum on March 27 at 11:30am – all faculty and staff are welcome to attend (please register).

PR Department/Program Website Initiative

This project is on the agenda for the next meeting of the Committee on University Image and Promotion (CUIP), scheduled for Monday, March 17 from 2pm-3pm. In addition to regular CUIP faculty representatives Terry Sweeney, Abi Roy, Jack Beidler, and George Gomez, PR has also invited TAG to send representatives — Dave, Teresa, and Sandy will be there (and maybe Kristen).

It is not yet clear which department/program pages will be in the first wave of updates, nor is it clear who will make that decision. Katie noted that from KSOM, OIM department chair Nabil Tamimi was interested in participating in a department website update, particularly since OIM is a growing program and the home of the E-Commerce major.

TAG Leadership for 2014-2015

Kristen will be rotating off as TAG co-chair at the end of Spring 2014. Dave will continue as co-chair for 2014-2015, but will be on a Fulbright sabbatical in Slovakia (congratulations!) in Spring 2015. Andrew LaZella has volunteered to serve in Spring 2015 while Dave is away, but we are still looking for someone to begin a full two-year term as co-chair. Please contact Kristen or Dave if you are interested/willing. Dave noted that, pending the results of the Faculty Senate election, we should make sure that we have a Senate liaison for 2014-2015 as well.

Adjournment

The meeting adjourned at 1:10pm. TAG’s next meeting will be Wednesday, April 9 from 12pm-1pm, location TBA.


Comments : Leave a Comment »
Tags: , , , , , , , , , , , ,
Categories : Angel and Desire2Learn, Announcements, CMS and University Website, Minutes, Security

Encryption with TrueCrypt

8 03 2014

Update 2014-07-02: Support for TrueCrypt has been discontinued! Information Security recommends using 7Zip instead – see instructions (.docx).

——————————————————————————-

At our last TAG meeting, Adam Edwards and Scott Finlon from Information Security demonstrated automated Identity Finder scans as well as encrypting files with TrueCrypt (which is free and open source :). At our next TAG meeting, we’ll be starting to identify which departments can move forward with automated scans — so as a reminder, you’ll all want to make sure that any confidential or sensitive information stored on your desktop is safely encrypted.

Scott has sent along some brief  instructions (PDF) for encrypting a folder of files using TrueCrypt — the first page is set up and the second is everyday usage.  Please contact Information Security if you have any questions about encryption.

You can also run your own Identity Finder scan in the meantime – see IR’s Quick Guide if you need help getting started.

Many thanks to Adam and Scott for their guidance on this issue!

 


Comments : Leave a Comment »
Tags: , , , , ,
Categories : Announcements, Security, Technology Training, Tutorials

Panopto Lecture Capture Pilot

8 03 2014

On Wednesday, March 5, Dave and Kristen met with Jason Wimmer, Jason Oakey, Jim and Eugeniu for an update on lecture capture and the pilots taking place in PCPS this semester with Panopto.

IT Services began piloting lecture capture back in Fall 2012 with two installations of MediaSite (LSC334 and LSC433). TAG members Jeremy Sepinsky and Tara Fay tested out the technology in their classes. While there were some good things about MediaSite, IT Services discovered lots of complications that would make it difficult to scale and expand across campus (see Jason’s article in the Winter 2013-2014 IT Matters for more details).

As of Fall 2013, IT Services has been working with faculty in PCPS (Counseling, Nursing, and Education – including TAG member Sandy Pesavento) to pilot a different lecture capture technology – Panopto.  Panopto is a hosted service, which makes installation faster and easier in comparison to MediaSite.

IT Services set up 13 rooms in McGurrin, and already over 790 sessions/interviews/classroom scenarios/nursing simulations have been recorded. Feedback to date from faculty and students has been very positive – even enthusiastic. Gerianne Barber from Counseling noted that faculty and students both found Panopto easy to use, especially for real-time monitoring and grading of counseling sessions. IT Services staff also praised Panopto’s customer support and documentation. Other features of interest were email notifications, ease of sharing videos, video and powerpoint searchviewing analytics, and a mobile app for recording from a smartphone or tablet.

As a hosted service, Panopto has an annual licensing fee. Our current license only covers PCPS (where the pilots were taking place), but IT Services has put in a request to the FMC for a full campus license. Should funding be received, IT Services plans to expand access to lecture capture across campus and to integrate Panopto with Desire2Learn for authentication and file management. TAG and CTLE would then work with IT Services to promote the service, identify the highest interest/need among faculty, and provide training or guidance.

Jason will be giving a presentation on Panopto at an upcoming IT Forum, for any interested faculty and staff. Non-PCPS faculty can also try Panopto with a free trial.

(As a reminder, on last spring’s ECAR survey on undergraduate students and information technology, 63% of our student respondents said they wanted their professors to use lecture capture.)


Comments : Leave a Comment »
Tags: , , ,
Categories : Angel and Desire2Learn, Announcements

TAG Meeting Notes 2014-02-12

14 02 2014

TAG Meeting February 12, 2014 12:00pm-1:00pm

Attendees:
Jeremy Brees, Tim Cannon, Paul Cutrufello, Kim Daniloski, Dave Dzurec, Eugeniu Grigorescu, Katie Iacocca, Andrew LaZella, Lori Nidoh, Kristen Yarmey

1. Brief Reports

Acceptable Use Policy

CIO Jerry DeSanto announced on February 6 that the new Acceptable Use of Information Technology Resources Policy had been approved by the President’s Cabinet. The new policy is an update to the old Code of Responsible Computing. Many thanks to Jim Franceschelli and Dave Dzurec for co-chairing the committee charged with revision.

PR Department/Program Website initiative

Back in late November, Dave, Kim, and Kristen (along with Hal Baillie, Darla Germeroth, and Ray Schwenk) met with Gerry Zaboski and Lori Nidoh in PR to discuss department and program websites. Also in on the meeting (phoning in from Cedar Rapids) were representatives from Converge, a vendor that PR has hired to help us with initial planning and updates for departmental websites and academic program pages (note: *not* course catalog content/program descriptions, which require formal review).

The main goal from a faculty perspective is to develop content for department/program pages that is consistent across the University website and does a better job of communicating what it is that we do — reflecting the quality of our programs/departments, “telling the story” of the student educational experience, etc. (In 2012-2013 TAG had prepared a proposal for improving and maintaining department/program websites that advocated for additional support for this task.)

Briefly, Converge plans to 1) outline/inventory needed content, 2) do some search engine optimization research (e.g., what terms do users type in to Google when they’re looking for nursing programs?), 3) develop a draft template for page content, 4) get faculty feedback via a campus visit and questionnaire, 5) draft some copy, and 6) help us prepare a long term strategy. Their main output would be a consistent template for department/program pages, and they will create content for up to 50 department/program pages (though the institution has the final say on content). Gerry explained that this way we can get a lot of updates done quickly.

PR and Academic Affairs would like to bring together a steering committee or task force to coordinate this project, with work beginning in March. Gerry has broached this topic with the Committee on University Image and Promotion (CUIP), which includes faculty representatives.  After the November meeting, Kristen and Dave had asked TAG members to identify faculty who might be interested in serving on such a steering committee. Teresa, Sandy, and Dave then volunteered.  However, Lori noted that it has not yet been decided which program/department pages will be selected as the focus of the project, and she was not sure who will make that decision. We agreed that once these programs/departments have been selected, TAG will support the faculty representatives on CUIP in trying to recruit faculty volunteers to participate.

Desire2Learn

Desire2Learn went live in January, and so far the transition seems to be going smoothly (see the LMS transition page for details). About 30 faculty members opted to begin teaching in Desire2Learn in Spring 2014. Courses that are being taught in Desire2Learn have been disabled in ANGEL so that students don’t see them in both places.  Workshops and video tutorials are available for faculty.

Eugeniu reported that there was an issue with merging courses that CTLE wasn’t able to resolve in time for this semester, but it will be resolved in time for summer and fall courses. Another issue has been reported with links – Firefox and Chrome are problematic when trying to display unsecure pages within secure frames.

Mobile Apps

IR’s Mobile Apps feedback group met in December (pptx). Sandy attended as a faculty representative. The group reviewed the University’s current apps — ANGEL Mobile, eAccounts (for RoyalCard), the Straxis app, Student Services app, RoyalSync, and Desire2Learn (which also has two special purpose apps – Binder and Grader) — and discussed what additional features should be mobile accessible.  The Straxis app will be retired at the end of the year and replaced by a locally developed web app for the fall 2014 semester.

Royal Card

Faculty are reminded to visit the TSC to get a new RoyalCard. Take your old RoyalCard or a driver’s license, and you will be photographed.

Windows XP to 7 Conversions

(Jim was unable to attend the meeting but sent an update on this via email.) IT Services is continuing to work on converting all remaining Windows XP machines to Windows 7. Faculty machines are the current priority, with a goal of finishing all faculty conversions by the end of May.  IT Services will contact users to schedule a time and date for conversion — the process takes about two hours.  Dave noted that the history department was almost entirely converted and had no issues.

II. Items for Discussion

Specialized Software/Computer Lab Survey Results

Kristen is still working on putting together the survey results and apologized to TAG members for the delay.

WordPress Network

Kristen reported that at least one additional faculty request for a site on the campus WordPress network (sites.scranton.edu) had been turned down. There seems to be a continuing need among faculty and students for academic web space, particularly since the academic server (academic.scranton.edu) was decommissioned.

At our September 2013 meeting, TAG had requested that IR draft language on service levels for WordPress. Kristen asked Jim for an update on this issue. Jim was unable to attend this meeting but sent an update via email, excerpted here:

We met this past fall and have consulted with the CTLE on various support issues.  Unfortunately at this time, we cannot extend the wordpress offerings.  Looking at the current issues at hand – especially with the CTLE and the conversion to D2L – extending support won’t happen until January 2015 at the earliest. I know there is growing demand and many faculty want to use wordpress as an alternative web site.  Unfortunately the supported options are within the CMS.  D2L does have options for blogging and discussion boards.  I think TAG had offered to look at it from a faculty perspective – any news back on that?

Eugeniu explained that CTLE was unable to provide assistance to IR on support for WordPress at the same time as they are supporting faculty and students during the transition to Desire2Learn.

Kristen asked TAG members for their reactions. The majority agreed that we would like to keep advocating for WordPress but acknowledge that Desire2Learn should take priority at this time. Dave suggested that we revisit the question again in January 2015 as Jim indicated.

III. New Business

Vice President for Planning/CIO

Fr. Quinn announced in December 2013 that Jerry DeSanto would be stepping down as Vice President for Planning/CIO. Associate Vice President Robyn Dickinson will serve as Interim. While the search for a new Provost is taking priority, Dave and Kristen noted that they planned to volunteer TAG’s input (either formal or informal) in any upcoming search for the CIO position.

TAG Leadership for 2014-2015

Kristen will be rotating off as TAG co-chair at the end of Spring 2014. Dave will continue as co-chair for 2014-2015, but will be on sabbatical in Spring 2015.  They asked for one or two volunteers (preferably but not necessarily including a Senator) to serve a two-year term as co-chair. Andrew volunteered to serve in Spring 2015 while Dave is away. We are still in need of another volunteer to serve the full year.

IV. Demonstrations

Adam Edwards and Scott Finlon from Information Security came to the second half of the TAG meeting for two demonstrations.

Firstly, they demonstrated the administrative side of Identity Finder. TAG members have been piloting automated Identity Finder scans, which are running each Friday at noon. Identify Finder scans the user’s computer for any personally identifiable information (PII) in unprotected files. The Information Security Office receives reports that indicate the level of risk for that machine. Anticipating concerns about privacy and confidentiality, Adam and Scott showed a sample report. The report shows the number of hits and the location of each file with hits, but the actual information is obscured. Based off of these reports, Adam then works one-on-one with users to either delete the files or move them to a more secure location. Adam said that he is working with staff with the most risk first (e.g., people with 1,000 hits or more).

Secondly, Adam and Scott demonstrated using TrueCrypt (free open-source disk encryption software) to encrypt files or folders that contain confidential information (such as human subject research data). They have already shown this tool (along with another encryption tool in Identity Finder) to the IRB and would like to make it a recommended standard for campus use. [Update 2014-07-02: Support for TrueCrypt has been discontinued, so Information Security now recommends using 7Zip for encrypting sensitive or confidential data.] TAG members did not bring up any concerns, so we will move forward on this. Adam will share brief written instructions, and we will share them with the faculty as a recommended practice for confidential data.

Adam and Scott would like to start automated Identity Finder scans on faculty computers beginning with departments that would *not* have any confidential subject data stored no faculty desktops. We were not sure that such a distinction could be easily made, but TAG will try to work with department chairs to determine which departments might be willing to begin scans. Scott will send Kristen a list of departments as they appear in Identity Finder (based on Active Directory groups) as a starting point.

Adjournment

The meeting adjourned at 1:10pm. TAG’s next meeting will be Wednesday, March 12 from 12pm-1pm in WML305.


Comments : Leave a Comment »
Tags: , , , , , , , , , , , , , , ,
Categories : Angel and Desire2Learn, Announcements, Minutes, Mobile, Security, TAG Administrative, Website Proposal

ANGEL to Desire2Learn Transition Update

29 11 2013

All-faculty email sent out by CTLE on 2013-11-26:

Dear Faculty,

The conversion of ANGEL courses to Desire2Learn (D2L) will take place in 2 stages next month.

On December 10, 2013 courses from the following semesters/terms will be converted:

  • Fall 2011
  • Special Fall 2011
  • Intersession 2012
  • Spring 2012
  • Special Spring 2012
  • Summer 2012
  • Special Summer 2012

On December 19, 2013 courses from the following semesters/terms will be converted:

  • Fall 2012
  • Special Fall 2012
  • Intersession 2013
  • Spring 2013
  • Special Spring 2013
  • Summer 2013
  • Special Summer 2013
  • Fall 2013
  • Special Fall 2013

Suggestions for Conversion
The conversion tool is robust and performs well; it transfers all course content from ANGEL to D2L. However, in order to ease the transition from ANGEL to D2L, we suggest that you perform the following steps in your ANGEL courses prior to the conversion dates:

  • Nest all content in folders under the lessons tab,
  • Save all of your original syllabus files in .doc and .pdf,
  • Eliminate any unnecessary syllabus files from syllabus files area. D2L will migrate any file in the ANGEL syllabus files area with the word syllabus in it,
  • Label all content explicitly,
  • Save subtitles in content items in a text document OR move to the Description area for each content item. Content item subtitles will not migrate over to D2L,
  • Move/copy all LOR content back to the course.

Student Data
Course content from ANGEL will copy over to D2L. However, ANGEL student data will not. We suggest that you backup all grade book, discussion, and dropbox submission data prior to May 31, 2014.

Back up student grades:

  • Navigate to the ANGEL Manage tab of each course,
  • Gradebook => Overall Report => Save as PDF or,
  • Gradebook => Export Grades to save as a comma delimited file.

Back up discussion forums:

  • Navigate to the ANGEL Communicate tab of each course,
  • Click on a forum,
  • Select Nested View in drop down menu next to New Post,
  • Click [+] in front of Post Title to turn it into [-],
  • Click the printer icon at top right,
  • Select a pdf printer to save your discussion forum in pdf format.

Back up dropbox submissions:

  • Navigate to the ANGEL Lessons tab of each course,
  • Locate a droppbox,
  • Mouse over the dropbox title and click Submissions,
  • Click on Download Submissions,
  • Select All Submissions from the drop down menu,
  • Click Download to save a zip folder to your computer.

Desire2Learn Workshops
The CTLE will offer numerous workshops in January 2014 to prepare you for the switch to D2L. There will be 2 types of offerings: training hands-on sessions and open migration workshops. The hands-on sessions will cover basic functionality of D2L as well as the grade book, discussion forums, and assessments. The open migration workshops will provide one-on-one assistance in adjusting the converted content from ANGEL into D2L. The workshop schedule is available online.

As always, the CTLE and ITDA will be available to help make this transition as smooth as possible. Please do not hesitate to call upon us at any time.

Happy Thanksgiving!
Best regards,
Connie Wisdo, ITDA
Eugeniu Grigorescu, CTLE


Comments : Leave a Comment »
Tags: , , ,
Categories : Angel and Desire2Learn, Announcements, Upgrades

Office 365 Upgrade – Dec 1

21 11 2013

Announcement from TSC, sent out in an all-faculty email on 2013-11-18:

Microsoft Office 365, our hosted email system, is scheduled to be upgraded beginning on Sunday, December 1st at 7:00 pm.  This upgrade may take up to 72 hours to complete.  Important items to note:

  • During this time, customers will continue to have access to their email.
  • We recommend customers access email via the portal (my.scranton.edu) for uninterrupted email access.
  • Customers using the Outlook client or mobile devices may experience an hour or so during the upgrade, when their account is converted, where they will be repeatedly prompted for their password.   We recommend that customers wait an hour and try accessing their email again in the client or on their mobile devices  –  or access email via the portal (my.scranton.edu).
  • This upgrade will provide additional features and functionality including Sky Drive Pro for faculty and students (25GB of free storage space).
  • To see what’s new and learn more about Office 365, please visit www.scranton.edu/pit/its/office-365/index.shtml.

Questions may be directed to the Technology Support Center at extension 4357 or by emailing techsupport@scranton.edu.


Comments : Leave a Comment »
Tags: , , , ,
Categories : Announcements, Email, Outages, Upgrades

Adobe Breach – Info for Users

18 11 2013

TAG got a question from a faculty member about the recent Adobe data breach and whether or not it affects campus users. Scott Finlon in Information Security shared a REN-ISAC alert that addresses higher ed implications and recommended that if anyone used the same email address and password on Adobe’s site as any other site, they should change their password immediately.

Quick take-home from the REN-ISAC alert:

“If the same password used for Adobe System accounts was used for work, school, banking, or other accounts, those accounts may be at risk. Repercussions could range from simple to severe, such as account hijacks to send spam, theft of bank deposits, or hackers gaining a foothold in a place of employment to conduct widespread damaging attacks.”

Full alert:

November 12, 2013

ALERT: Threat to computer accounts due to Adobe security breach

BACKGROUND: In October 2013, Adobe suffered a data breach. Their database of 38 million usernames and passwords was stolen and subsequently posted online [1][2]. Adobe did not protect user passwords to industry standards, and attackers were able to exploit that. Also stored with the passwords were the users’ password hints in clear text. Many of the hints are weak and easily exploited by third parties. Security experts agree that it will be trivial for miscreants to discover the passwords.

Of the estimated 38 million Adobe customers affected, analysis indicates that there were over 2 million education-related accounts. We don’t know how many of the email addresses are attached to active institutional accounts.

Adobe reached out to individual affected users via email. The notification thoughtfully included “[we] recommend that you also change your password on any website where you use the same user ID or password”. However, there are reports of non-delivery (it might have been filtered as spam) and users disregarding the e-mail (it might have been thought to be a phishing message).

IMPACT: If the same password used for Adobe System accounts was used for work, school, banking, or other accounts, those accounts may be at risk. Repercussions could range from simple to severe, such as account hijacks to send spam, theft of bank deposits, or hackers gaining a foothold in a place of employment to conduct widespread damaging attacks.

RECOMMENDATIONS: We recommend that you take the following actions:

1. CHANGE PASSWORDS IMMEDIATELY. Persons who used the same password for Adobe and other accounts should immediately change their passwords at the other locations and monitor for unusual activity.

2. ADOBE PASSWORDS SHOULD BE RESET only by manually visiting the Adobe website, and not by clicking on links arriving via email, as there is now a concern that there will be a rise in phishing related to this event.

3. NEVER REUSE YOUR INSTITUTIONAL PASSWORD for external web sites or Internet services. If you reuse a password at multiple locations when the password is compromised at one site the miscreants then can gain access to all sites where you’ve used that password. The best policy is to always use different passwords for different accounts.

4. CREATE STRONG PASSWORDS OR PASSPHRASES [3]. The Wikipedia Guidelines for Strong Passwords [4] is a good starting point.

5. CONSIDER THE USE OF A PASSWORD “WALLET” such as KeePass and LastPass. These tools make it very easy to have a unique password for every web site or service, and to have strong passwords.

6. BE ON THE LOOKOUT FOR PHISHING. Miscreants will be using the Adobe breach as a pretext for phishing.

7. USE INFORMATION THAT IS NOT EASILY GUESSED. When providing password hints use information that is not easily guessed or discovered. For example, if your hint is “dog’s name” and you mention your dog on social networking sites miscreants can discover that information.

REFERENCES:

[1] http://helpx.adobe.com/x-productkb/policy-pricing/ecc.html

[2] http://krebsonsecurity.com/2013/10/adobe-breach-impacted-at-least-38-million-users/

[3] http://xkcd.com/936/

[4]


Comments : Leave a Comment »
Tags: ,
Categories : Announcements, Security

2013 Faculty Technology Questionnaire

18 11 2013

This announcement went out as an all-faculty email (thanks to Eugeniu), but in case you missed it, TAG’s running another faculty survey!

————————————

Dear Colleagues,

In collaboration with Planning and Information Resources (PIR), the University of Scranton Technology Advisory Group (TAG), a subcommittee of the Faculty Senate Academic Support committee, seeks faculty input on four technology topics:

  1. Specialized software,
  2. Computer labs,
  3. Lecture capture, and
  4. Desire2Learn (our new learning management system).

Please take a few minutes to fill out this informal survey, preferably by Monday, November 25. All questions are optional.

Aggregated results will be shared with Faculty Senate and Planning and Information Resources and will posted to TAG’s website at sites.scranton.edu/tag. Please send any questions or comments to tag-members@royallists.scranton.edu.

Many thanks for your time and attention!
Dave Dzurec and Kristen Yarmey, co-chairs
Technology Advisory Group


Comments : Leave a Comment »
Tags: , , , , ,
Categories : Angel and Desire2Learn, Announcements

« Previous Entries Next Entries »