Identity Finder Scans Begin Aug 1 – Reminder

3 07 2014

Information Security Officer Adam Edwards sent out a reminder email to all faculty this week about Identity Finder automated scans, which are set to begin for University-provided faculty desktop machines (Windows only) on August 1. Here’s his reminder:

Starting on Aug 1, 2014 the Information Security Office will begin conducting weekly scans of faculty PCs to locate restricted data. These scans will only be conducted on University provided machines. This is an effort to protect University data and prevent data loss as described in the email notice below.  If you have Human Research data, please ensure it is encrypted prior to Aug 1 2014. These weekly scans have already been rolled out to staff and TAG members.

If you have any questions please email security@scranton.edu

Thanks

Adam Edwards

You can take a look at TAG’s Identity Finder FAQ for Faculty to help prepare, and definitely refer to Adam’s instructions for encryption with 7Zip if you have sensitive or confidential data to protect!


Comments : Leave a Comment »
Tags: , , , ,
Categories : Announcements, Security

Encryption with 7-Zip – Instructions

3 07 2014

So there was a bit of internet shock earlier this summer when a surprise announcement came out that the widely used encryption utility TrueCrypt was no longer being developed. Previously, our Information Security Office had recommended TrueCrypt as a tool for encrypting personal and confidential information, like human subject data. Now that TrueCrypt has been discontinued, Security Officer Adam Edwards passed along some instructions (.docx) for using an alternative (also free and open source) encryption tool, 7-Zip.

Adam warns:

**One caveat with this option is that there is no central management.  This is important because if a user loses their password the data will be lost. Manual recovery procedures will need to be put in place to ensure there is alternative access in the event of an emergency.  If no manual recovery procedures are put in place and the password is lost the data will be lost.**

Please contact Information Security with questions or concerns. Thanks to Adam (and Information Security Engineer Scott Finlon) for watching out for us!


Comments : Leave a Comment »
Tags: , , , , , , ,
Categories : Announcements, Security

Identity Finder FAQ for Faculty

25 03 2014

[Note: Significant updates made on 2014-05-13, 2014-05-07, and 2014-04-24. Updates on scheduling and encryption on 2014-07-02.]

Back in April 2013, IT Services Director Jim Franceschelli and Information Security Director Adam Edwards came to TAG with a proposal to automate Identity Finder scans on faculty desktop computers. In June 2013, the President’s Cabinet approved the use of automated scans with Identity Finder on University-owned desktops as part of an overall Information Security Data Loss Prevention program. Then-CIO Jerry DeSanto sent an email announcement about the program to all faculty and staff on June 21, 2013, projecting implementation in December 2013.

Since then, Information Security has been working with TAG to pilot test the scans and try to smooth the process as much as possible for faculty. Automated scans have already started for staff, and Information Security would like to move forward with implementation for faculty machines. Currently, automated scans are scheduled to begin on August 1, 2014. Here’s what faculty need to know:

Why is the University doing this?

  • Data security is serious business for higher ed — we have ethical, legal, and financial obligations to protect the personally identifiable information that we have collected from students, faculty, staff, human subjects, etc.
  • If your computer or external media contracts a computer virus, is lost, stolen, or broken into over the network, files containing restricted information are at risk for theft. This information can be used to steal not only your money and identity, but also the money and identities of anyone else who either shares your computer or whose restricted information you store.
  • If you store restricted information for University work, the University would be obligated under state law to notify everyone affected by the breach and could potentially be legally liable.

Does this benefit me at all?

  • Identity Finder can help you protect yourself — use it to search for sensitive, unprotected information on your computer and then take an action (Shred, Scrub, Secure, Quarantine, etc) to secure that information. (Personally, an Identity Finder scan I ran on my machine found old documents containing my SSN that I had stored unencrypted in Google Drive… not smart.)
  • If your computer gets a virus, IT Services can clean and return it to you much more quickly and easily if they have a recent Identity Finder report for your machine.

What is Identity Finder?

  • Identity Finder is security software that scans your (Windows) computer for sensitive, unsecured Personally Identifiable Information (PII) stored in unprotected files.
  • If you run a scan on your machine, Identity Finder will give you a report showing what it found and where. It then gives you options to take action – you can shred the file, scrub (redact) information, secure the file, or move it to a quarantined location. You can also ignore false positives.
  • It works by looking for patterns – for example, a nine-digit number in the pattern ###-##-#### would be picked up as a possible Social Security number. If it picks up something that looks like a Social Security number but isn’t (a false positive), you can tell it to Ignore that result.
  • Identity Finder has been installed on all University Windows machines (via KBOX) since about 2009.

What kind of sensitive/restricted information are we talking about?

  • Restricted information is any piece of information which can potentially be used to uniquely identify, contact, or locate a single person. Restricted information is generally regulated by law or contract and often used for financial, medical, or research identification. (See the Information Classification Policy for additional info.)
  • Identity Finder looks for most types of Personal Identifying Information:
    • Bank Account Numbers
    • Credit Card Numbers
    • Dates of Birth
    • Driver’s Licenses
    • Passwords
    • Passport numbers
    • Social Security Numbers
  • Identity Finder is NOT looking for:
    • Email addresses
    • Mother’s maiden name
    • Personal addresses
    • Phone numbers
    • United Kingdom National Heath Service Numbers, United Kingdom National Insurance Numbers, Canada Social Insurance Numbers, Australia Tax File Numbers
  • If you’d like to get a better understanding of what kind of information Identity Finder picks up, you can run a non-scheduled Identity Finder scan on your machine whenever you’d like.

What are automated scans? 

  • Right now, Identity Finder only scans your machine when you tell it to.
  • Information Security and IT Services plans to run weekly, automated Identity Finder scans (see the proposal for details) on all University (Windows) computers. The idea is that every Friday at noon, all University computers will automatically initiate an Identity Finder scan.

Where is Identity Finder looking? What folders/locations are scanned?

  • Automated scans include:
    • Local filesystems (like your C: drive) and local registry
    • Browsers
    • Attached devices
    • Email —  If you use a local email client (e.g. Outlook or Thunderbird), Identity Finder will scan through your mailboxes that are cached on your computer, however, if you mainly use OWA or other method through a browser, you don’t have a local cached copy, and Identity Finder won’t be able to scan it.
  • Scans do not include the R: drive or most other remote connections.
  • If you’d like to get a better understanding of what the automated scans will include, you can run a non-scheduled Identity Finder scan on your machine whenever you’d like.

What if I have sensitive/restricted/confidential information saved on my computer?  Like confidential human subject research data or client files?

  • ANY sensitive/restricted/confidential information that you are storing ANYWHERE should be encrypted! Without encryption, your data is vulnerable to attack, misuse, and all sorts of other bad things.
  • Information Security recommends using TrueCrypt (which is free and open source) to encrypt your data. Scott Finlon in Information Security wrote up some brief  instructions (PDF) for encrypting a folder of files using TrueCrypt. Update 2014-07-02: Support for TrueCrypt was discontinued in 2014-05, so Information Security now recommends using 7Zip – see instructions (.docx).
  • Information Security has been in ongoing conversations with the IRB about ensuring confidentiality of human subject research data and client files. Members of the IRB had expressed concerns that Identity Finder scans would violate the confidentiality of human subject data. The good news is that data encryption resolves this concern — encryption protects sensitive data from Identity Finder scans as well as from external malicious attacks.
  • Please contact Information Security if you have any questions about protecting confidential data.

How long do the scans take? Will this affect my computer or my work?

  • Identity Finder scans can take several hours if you have a large number of documents.
  • Thankfully, Identity Finder uses a search history to keep track of what files do and do not have matches. Because of this, the initial scan is much slower than subsequent scans, as it has to scan your entire hard drive. Each subsequent scan will only look at new files, changed files, and files that previously reported matches.
  • TAG members have been piloting automated scans since September 19, 2013. We ran our own scans first, and these often took quite a while. After the initial scan, however, subsequent automated scans have been speedy. So far, none of us have experienced any performance issues – the scans are essentially invisible to the user.

My computer went to sleep during the scan. What happens now? Can Identity Finder wake my computer up to scan?

  • Identity Finder scheduled scans are set locally, so they will only be invoked while the computer is on and running — they can’t wake up your computer.

What if I’m not on campus on Fridays and my desktop machine is turned off? What if I’m not on campus on Fridays but am using my laptop? 

  • Automated scans are currently scheduled in batch for Fridays at noon. They will run as long as your computer is turned on – whether or not you’re on campus (or on the University network).
  • If you are offline, the scan will run as scheduled. The report will be sent to Information Security once you reconnect to a network.
  • If your computer is turned off at 12pm on Friday (that is, if the scheduled scan is missed), it will begin with a randomized start time between 30 minutes and 120 minutes after the computer is back up and running.

What happens after the scan is done?

  • When the scan is done, Information Security will get a report from Identity Finder indicating the level of risk for that machine. The report includes the number of hits, but NOT the actual information that was marked as potentially sensitive – that is redacted. The reports show only a masked version of a potentially problematic file and the location where it was found. Reports are only viewable by the Information Security Director (Adam Edwards) and the Information Security Engineer (Scott Finlon).
  • Based off of these reports, Information Security then works one-on-one with users, recommending that users delete the files (if they’re no longer needed) or move them to a more secure, encrypted location. (Adam said that he is working with staff with the most risk first — e.g., people with 1,000 hits or more.)

What if I have a Mac or Linux machine? 

  • Automated Identity Finder scans will only run on Windows machines.

When is this happening?

  • Automated scans are scheduled to begin on University-provided faculty desktop machines on August 1, 2014. (Information Security Officer Adam Edwards sent out a notification to all faculty on May 28, 2014 and a reminder on June 30, 2014).
  • Automated Identity Finder scans are already running on staff machines (and on TAG members’ machines).

What should I do to prepare?

Questions or concerns?

 


Comments : Leave a Comment »
Tags: , , , , ,
Categories : Announcements, Security

TAG Meeting Notes 2014-03-12

12 03 2014

TAG Meeting March 12, 2014 12:00pm-1:00pm

Attendees:
Tim Cannon, Paul Cutrufello, Kim Daniloski, Dave Dzurec, Tara Fay, Jim Franceschelli, Eugeniu Grigorescu, Katie Iacocca, Charles Kratz (guest), Sandy Pesavento, Kristen Yarmey

1. Lunch

TAG members thanked CAS Dean Brian Conniff for sponsoring lunch for our meeting. Dave thanked Mary Ann Maslar in the CAS Dean’s office for making the arrangements. Charles noted that he is willing to sponsor lunch at one of TAG’s remaining Spring 2014 meetings.

2. Items for Discussion

WordPress

Dean of the Library and Information Fluency Charles Kratz asked to come to a TAG meeting to speak about the campus WordPress network (sites.scranton.edu), which has been a topic of TAG discussion since 2011. (In preparation for today’s meeting, Kristen emailed TAG members notes summarizing the history of the campus WordPress network as well as a justification for the academic use of WordPress that former TAG co-chair Jeremy Sepinsky had composed for IR in Spring 2013.)

At our last meeting in February 2014, we received word from Jim that IR would not be expanding support for sites on the campus WordPress network until at least 2015. Subsequently, at the February 14 Faculty Senate meeting, Senator Terry Sweeney expressed concerns about access to the campus WordPress network. There was seemingly some confusion at the Senate meeting about CTLE’s role in the WordPress network and a misunderstanding that CTLE staff were responsible for determining which requests for WordPress sites would be approved, when this decision actually rests with IR staff.

Charles (who oversees both the Library and CTLE) has since met with IR and CTLE staff in order to seek clarification on the criteria and process for WordPress site requests, as well as to ascertain whether there might be a middle ground for supporting faculty use of the campus WordPress network. Charles noted that the CTLE, while currently very busy with the Desire2Learn transition, is interested in supporting faculty use of WordPress and would be willing to support a few pilot sites in fall 2014. He suggested that TAG might identify faculty who would be interested in a WordPress pilot in the near future, and advocated for transparency for faculty regarding the criteria and process for site requests.

Prior to today’s meeting, Kristen had asked Jim for IR’s criteria for reviewing requests for WordPress sites, which she then emailed to TAG members. These are as follows:

Blogs are available to the University community to provide an area for discussion and collaboration. The following criteria will be applied to these requests:

  • Blogs can augment University web sites on www.scranton.edu which are built in the Web Content Management System (CMS). They cannot be used as a replacement for a department or organization’s www.scranton.edu site.
  • Blogs are only for University-related purposes, not personal interests.
  • Only faculty & staff members of the University community can be given access to post to the blog site.
  • All blogs will be accessible for public view access.
  • The URL for the blogs will be in the form of http://sites.scranton.edu/blogname/
  • No redirects of the form www.scranton.edu/xxxx will be set up for blogs so they are not confused with University web site(s).

Related information:

  • Desire 2 Learn (D2L), the University’s Learning Management System, has blogging functionality that can be used as part of a course offering.
  • Faculty & staff desiring to use wordpress.com for other blogging services should refer to our policy website (www.scranton.edu/pir/policies.shtml) for the Guidelines for the Use of Cloud Computing Services.

Jim noted that IR has limited resources and has to weigh what services they can support. He also explained that since this is a new service, it has taken some time to develop the criteria for what requests could or could not be accommodated. For example, individual student blogs (as one faculty member requested) could not be accommodated due to the difficulty of maintaining an accurate user list for that class within WordPress – while the campus network is integrated with Active Directory authentication, it is not integrated with Angel or Desire2Learn, so class lists must be manually added and maintained for WordPress sites. (As a side note, Charles mentioned that CTLE is working with a few faculty members to test Desire2Learn’s blogging function for student blogs. Results have not been encouraging so far, but testing continues.)

Charles and Kristen asked for clarification on the site request and decision-making process. Jim said that WordPress site requests could be submitted via Footprints (tsc.scranton.edu) and promised to add a request to the service menu within Footprints. He said that Connie Wisdo, director of IT Development & Applications (ITDA), will review the requests and make a decision based on the above criteria. If the decision is clear-cut, the response will be immediate, but if a request falls along the edge of the criteria, there might be some delay to allow IT staff members to discuss it first. Charles asked if there would be an appeal process for a faculty member whose request was denied. Jim answered that appeals could be directed to him.

Sandy asked if faculty could use third-party (external) blogging or web development sites (e.g., Blogger or WordPress.com). Jim said that faculty were free to use whatever tools they liked, on the condition that they review IR’s Guidelines for the Use of Cloud Computing Services and consider potential threats to privacy or security of students or other participants. Kristen said that as a librarian she had significant concerns about the privacy implications of requiring students to use third-party cloud services for class projects. An advantage to the on-campus WordPress network is that site data remains on campus and under University administration rather than entering the commercial data tracking and aggregation marketplace.

Tangentially, IR now offers server space to faculty and academic departments, with roles and support responsibilities enumerated in a service-level agreement. IR provides the server environment, while the faculty member/department is responsible for installing/maintaining the applications they wish to use on the server. There is a one-time licensing fee charge for this service. Kristen asked Jim for more information about this service, as TAG had been previously unaware of it.

Discussions about WordPress and related service offerings will continue. Kristen and Dave will meet with Jim and Robyn Dickinson (Interim VP for Planning and Information Resources) on Monday, March 17, and separately will meet with Interim Provost Pat Harrington and the academic Deans (date TBD). Charles suggested that, in addition to working with Jim and IR directly and reporting to the Faculty Senate,  TAG should also communicate with the Deans and Provost to keep them informed of technology needs on campus.

To further facilitate communication among all stakeholders, Katie suggested that TAG remind the Faculty Senate and the rest of the faculty to share their concerns about academic technology with TAG, such that TAG members can continue to work constructively with IR staff. Dave will include this reminder (as well as an update and clarification on WordPress) in his report to the Faculty Senate this week.

Faculty Specialized Software/Computer Lab Questionnaire

Back in November, TAG sent out a questionnaire to all faculty to ask for input on their use of specialized software, computer labs, lecture capture, and learning management systems (Angel/Desire2Learn).

Kristen apologized for the delay in sharing results, but has finally finished a qualitative summary of faculty responses, shared here for preliminary review by TAG members. Only 52 responses were received, and respondents tended to be faculty interested in software/lab issues, so the sample did not seem representative. The summary is almost entirely qualitative, so anyone interested in performing a quantitative analysis should contact Kristen for access to the full data set.

Kristen asked that TAG members review the results and identify any action steps or areas for further research. 

3. Brief Updates

Identity Finder Automated Scans

Back in April 2013, Information Security Officer Adam Edwards brought a proposal for automated Identity Finder scans to TAG for consideration. At our February meeting, Adam Edwards and Scott Finlon from Information Security came to the second half of the TAG meeting to demonstrate the administrative side of Identity Finder automated scans, which non-Mac-using TAG members have been piloting since September. They also demonstrated TrueCrypt as their recommended tool for encrypting sensitive data (including confidential human subject research data, as Adam has discussed with the IRB).  Scott has since shared step-by-step instructions for TrueCrypt, which Kristen posted to the TAG site. Update 2014-07-02: Support for TrueCrypt has been discontinued, so Information Security now recommends using 7Zip for encrypting sensitive or confidential data.

Adam and Scott would like to begin the roll-out of automated Identity Finder scans for faculty desktops, starting with departments that would be unlikely to have confidential subject data stored on their computers. Scott sent Kristen a list of departments as they appear in Identity Finder (based on Active Directory groups) as a starting point. Kristen asked at today’s meeting for TAG member volunteers who were willing to confirm their department’s readiness to begin automated scans. Dave has already spoken to the History Department, and Kristen will speak with Library faculty at their next department meeting. Kim and Paul were willing to speak with their departments (Management/Marketing and Exercise Science) but asked for some additional information that they could refer colleagues to. Kristen will write up a summary/FAQ on Identity Finder for faculty and post to the TAG site for reference.

Kristen suggested that faculty members run their own Identity Finder scans  to understand the software and results (the software is already on all faculty PCs, via KBOX). Any sensitive data can and should be encrypted with TrueCrypt. Jim reminded the group that Identity Finder also helps IT Services deal with faculty computers that have been infected by malware — a recent scan confirming the absence of confidential data makes it much easier and faster for them to clean and return the machine.

There were a few remaining questions about the automated scan process, which Kristen and Jim will review with Adam:

  • Who exactly is included in a department group? Full time faculty, adjuncts, department staff (e.g., departmental administrative assistants)? Jim believes that the groups include *only* faculty members (including part time/adjuncts), but we will confirm this with Adam.
  • Automated scans are currently scheduled in batch for Fridays at noon. What happens for faculty members who are never/rarely on campus, with their laptop, at that time? (Katie noted that this is common among KSOM faculty.) Could an alternative scan time be scheduled? Or do scans begin the next time you turn on your computer?
  • What happens if you turn off your computer during a scheduled scan? Does it pick up where it left off when you turn your computer back on?

Departments that are ready to begin automated scans should contact Kristen and/or Adam. Adam and Scott are also available to answer questions about Identity Finder, TrueCrypt, or other information security issues.

Lecture Capture – Panopto Pilot

On Wednesday, March 5, Dave and Kristen attended a meeting with Jason Wimmer, Jason Oakey, Jim and Eugeniu for an update on lecture capture and the pilots taking place in PCPS this semester with Panopto. (Full notes from that meeting, summarized here, are on the TAG site.) 

IT Services began piloting lecture capture back in Fall 2012 with two installations of MediaSite (LSC334 and LSC433). TAG members Jeremy Sepinsky and Tara Fay tested out the technology in their classes. While there were some good things about MediaSite, IT Services discovered lots of complications that would make it difficult to scale and expand across campus (see Jason’s article in the Winter 2013-2014 IT Matters for more details).

As of Fall 2013, IT Services has been working with faculty in PCPS (Counseling, Nursing, and Education – including TAG member Sandy Pesavento) to pilot a different lecture capture technology – Panopto.  Panopto is a hosted service, which makes installation faster and easier in comparison to MediaSite. IT Services set up 13 rooms in McGurrin, and already over 790 sessions/interviews/classroom scenarios/nursing simulations have been recorded. Feedback to date from faculty and students has been very positive – even enthusiastic. Sandy has been using Panopto in her education classes to record students teaching sample lessons. She invited interested faculty to visit one of her class if they would like to see it in action. (As a reminder, on last spring’s ECAR survey on undergraduate students and information technology, 63% of our student respondents said they wanted their professors to use lecture capture.)

Our current license for Panopto only covers PCPS (where the pilots were taking place), but IT Services has put in a request to the FMC for a full campus license. IT Services plans to expand access to lecture capture across campus (potentially enabling 5-6 additional classrooms next year) and to integrate Panopto with Desire2Learn. Jason Wimmer will be giving a presentation on Panopto at an IT Forum on March 27 at 11:30am – all faculty and staff are welcome to attend (please register).

PR Department/Program Website Initiative

This project is on the agenda for the next meeting of the Committee on University Image and Promotion (CUIP), scheduled for Monday, March 17 from 2pm-3pm. In addition to regular CUIP faculty representatives Terry Sweeney, Abi Roy, Jack Beidler, and George Gomez, PR has also invited TAG to send representatives — Dave, Teresa, and Sandy will be there (and maybe Kristen).

It is not yet clear which department/program pages will be in the first wave of updates, nor is it clear who will make that decision. Katie noted that from KSOM, OIM department chair Nabil Tamimi was interested in participating in a department website update, particularly since OIM is a growing program and the home of the E-Commerce major.

TAG Leadership for 2014-2015

Kristen will be rotating off as TAG co-chair at the end of Spring 2014. Dave will continue as co-chair for 2014-2015, but will be on a Fulbright sabbatical in Slovakia (congratulations!) in Spring 2015. Andrew LaZella has volunteered to serve in Spring 2015 while Dave is away, but we are still looking for someone to begin a full two-year term as co-chair. Please contact Kristen or Dave if you are interested/willing. Dave noted that, pending the results of the Faculty Senate election, we should make sure that we have a Senate liaison for 2014-2015 as well.

Adjournment

The meeting adjourned at 1:10pm. TAG’s next meeting will be Wednesday, April 9 from 12pm-1pm, location TBA.


Comments : Leave a Comment »
Tags: , , , , , , , , , , , ,
Categories : Angel and Desire2Learn, Announcements, CMS and University Website, Minutes, Security

Encryption with TrueCrypt

8 03 2014

Update 2014-07-02: Support for TrueCrypt has been discontinued! Information Security recommends using 7Zip instead – see instructions (.docx).

——————————————————————————-

At our last TAG meeting, Adam Edwards and Scott Finlon from Information Security demonstrated automated Identity Finder scans as well as encrypting files with TrueCrypt (which is free and open source :). At our next TAG meeting, we’ll be starting to identify which departments can move forward with automated scans — so as a reminder, you’ll all want to make sure that any confidential or sensitive information stored on your desktop is safely encrypted.

Scott has sent along some brief  instructions (PDF) for encrypting a folder of files using TrueCrypt — the first page is set up and the second is everyday usage.  Please contact Information Security if you have any questions about encryption.

You can also run your own Identity Finder scan in the meantime – see IR’s Quick Guide if you need help getting started.

Many thanks to Adam and Scott for their guidance on this issue!

 


Comments : Leave a Comment »
Tags: , , , , ,
Categories : Announcements, Security, Technology Training, Tutorials

TAG Meeting Notes 2014-02-12

14 02 2014

TAG Meeting February 12, 2014 12:00pm-1:00pm

Attendees:
Jeremy Brees, Tim Cannon, Paul Cutrufello, Kim Daniloski, Dave Dzurec, Eugeniu Grigorescu, Katie Iacocca, Andrew LaZella, Lori Nidoh, Kristen Yarmey

1. Brief Reports

Acceptable Use Policy

CIO Jerry DeSanto announced on February 6 that the new Acceptable Use of Information Technology Resources Policy had been approved by the President’s Cabinet. The new policy is an update to the old Code of Responsible Computing. Many thanks to Jim Franceschelli and Dave Dzurec for co-chairing the committee charged with revision.

PR Department/Program Website initiative

Back in late November, Dave, Kim, and Kristen (along with Hal Baillie, Darla Germeroth, and Ray Schwenk) met with Gerry Zaboski and Lori Nidoh in PR to discuss department and program websites. Also in on the meeting (phoning in from Cedar Rapids) were representatives from Converge, a vendor that PR has hired to help us with initial planning and updates for departmental websites and academic program pages (note: *not* course catalog content/program descriptions, which require formal review).

The main goal from a faculty perspective is to develop content for department/program pages that is consistent across the University website and does a better job of communicating what it is that we do — reflecting the quality of our programs/departments, “telling the story” of the student educational experience, etc. (In 2012-2013 TAG had prepared a proposal for improving and maintaining department/program websites that advocated for additional support for this task.)

Briefly, Converge plans to 1) outline/inventory needed content, 2) do some search engine optimization research (e.g., what terms do users type in to Google when they’re looking for nursing programs?), 3) develop a draft template for page content, 4) get faculty feedback via a campus visit and questionnaire, 5) draft some copy, and 6) help us prepare a long term strategy. Their main output would be a consistent template for department/program pages, and they will create content for up to 50 department/program pages (though the institution has the final say on content). Gerry explained that this way we can get a lot of updates done quickly.

PR and Academic Affairs would like to bring together a steering committee or task force to coordinate this project, with work beginning in March. Gerry has broached this topic with the Committee on University Image and Promotion (CUIP), which includes faculty representatives.  After the November meeting, Kristen and Dave had asked TAG members to identify faculty who might be interested in serving on such a steering committee. Teresa, Sandy, and Dave then volunteered.  However, Lori noted that it has not yet been decided which program/department pages will be selected as the focus of the project, and she was not sure who will make that decision. We agreed that once these programs/departments have been selected, TAG will support the faculty representatives on CUIP in trying to recruit faculty volunteers to participate.

Desire2Learn

Desire2Learn went live in January, and so far the transition seems to be going smoothly (see the LMS transition page for details). About 30 faculty members opted to begin teaching in Desire2Learn in Spring 2014. Courses that are being taught in Desire2Learn have been disabled in ANGEL so that students don’t see them in both places.  Workshops and video tutorials are available for faculty.

Eugeniu reported that there was an issue with merging courses that CTLE wasn’t able to resolve in time for this semester, but it will be resolved in time for summer and fall courses. Another issue has been reported with links – Firefox and Chrome are problematic when trying to display unsecure pages within secure frames.

Mobile Apps

IR’s Mobile Apps feedback group met in December (pptx). Sandy attended as a faculty representative. The group reviewed the University’s current apps — ANGEL Mobile, eAccounts (for RoyalCard), the Straxis app, Student Services app, RoyalSync, and Desire2Learn (which also has two special purpose apps – Binder and Grader) — and discussed what additional features should be mobile accessible.  The Straxis app will be retired at the end of the year and replaced by a locally developed web app for the fall 2014 semester.

Royal Card

Faculty are reminded to visit the TSC to get a new RoyalCard. Take your old RoyalCard or a driver’s license, and you will be photographed.

Windows XP to 7 Conversions

(Jim was unable to attend the meeting but sent an update on this via email.) IT Services is continuing to work on converting all remaining Windows XP machines to Windows 7. Faculty machines are the current priority, with a goal of finishing all faculty conversions by the end of May.  IT Services will contact users to schedule a time and date for conversion — the process takes about two hours.  Dave noted that the history department was almost entirely converted and had no issues.

II. Items for Discussion

Specialized Software/Computer Lab Survey Results

Kristen is still working on putting together the survey results and apologized to TAG members for the delay.

WordPress Network

Kristen reported that at least one additional faculty request for a site on the campus WordPress network (sites.scranton.edu) had been turned down. There seems to be a continuing need among faculty and students for academic web space, particularly since the academic server (academic.scranton.edu) was decommissioned.

At our September 2013 meeting, TAG had requested that IR draft language on service levels for WordPress. Kristen asked Jim for an update on this issue. Jim was unable to attend this meeting but sent an update via email, excerpted here:

We met this past fall and have consulted with the CTLE on various support issues.  Unfortunately at this time, we cannot extend the wordpress offerings.  Looking at the current issues at hand – especially with the CTLE and the conversion to D2L – extending support won’t happen until January 2015 at the earliest. I know there is growing demand and many faculty want to use wordpress as an alternative web site.  Unfortunately the supported options are within the CMS.  D2L does have options for blogging and discussion boards.  I think TAG had offered to look at it from a faculty perspective – any news back on that?

Eugeniu explained that CTLE was unable to provide assistance to IR on support for WordPress at the same time as they are supporting faculty and students during the transition to Desire2Learn.

Kristen asked TAG members for their reactions. The majority agreed that we would like to keep advocating for WordPress but acknowledge that Desire2Learn should take priority at this time. Dave suggested that we revisit the question again in January 2015 as Jim indicated.

III. New Business

Vice President for Planning/CIO

Fr. Quinn announced in December 2013 that Jerry DeSanto would be stepping down as Vice President for Planning/CIO. Associate Vice President Robyn Dickinson will serve as Interim. While the search for a new Provost is taking priority, Dave and Kristen noted that they planned to volunteer TAG’s input (either formal or informal) in any upcoming search for the CIO position.

TAG Leadership for 2014-2015

Kristen will be rotating off as TAG co-chair at the end of Spring 2014. Dave will continue as co-chair for 2014-2015, but will be on sabbatical in Spring 2015.  They asked for one or two volunteers (preferably but not necessarily including a Senator) to serve a two-year term as co-chair. Andrew volunteered to serve in Spring 2015 while Dave is away. We are still in need of another volunteer to serve the full year.

IV. Demonstrations

Adam Edwards and Scott Finlon from Information Security came to the second half of the TAG meeting for two demonstrations.

Firstly, they demonstrated the administrative side of Identity Finder. TAG members have been piloting automated Identity Finder scans, which are running each Friday at noon. Identify Finder scans the user’s computer for any personally identifiable information (PII) in unprotected files. The Information Security Office receives reports that indicate the level of risk for that machine. Anticipating concerns about privacy and confidentiality, Adam and Scott showed a sample report. The report shows the number of hits and the location of each file with hits, but the actual information is obscured. Based off of these reports, Adam then works one-on-one with users to either delete the files or move them to a more secure location. Adam said that he is working with staff with the most risk first (e.g., people with 1,000 hits or more).

Secondly, Adam and Scott demonstrated using TrueCrypt (free open-source disk encryption software) to encrypt files or folders that contain confidential information (such as human subject research data). They have already shown this tool (along with another encryption tool in Identity Finder) to the IRB and would like to make it a recommended standard for campus use. [Update 2014-07-02: Support for TrueCrypt has been discontinued, so Information Security now recommends using 7Zip for encrypting sensitive or confidential data.] TAG members did not bring up any concerns, so we will move forward on this. Adam will share brief written instructions, and we will share them with the faculty as a recommended practice for confidential data.

Adam and Scott would like to start automated Identity Finder scans on faculty computers beginning with departments that would *not* have any confidential subject data stored no faculty desktops. We were not sure that such a distinction could be easily made, but TAG will try to work with department chairs to determine which departments might be willing to begin scans. Scott will send Kristen a list of departments as they appear in Identity Finder (based on Active Directory groups) as a starting point.

Adjournment

The meeting adjourned at 1:10pm. TAG’s next meeting will be Wednesday, March 12 from 12pm-1pm in WML305.


Comments : Leave a Comment »
Tags: , , , , , , , , , , , , , , ,
Categories : Angel and Desire2Learn, Announcements, Minutes, Mobile, Security, TAG Administrative, Website Proposal