TAG feedback on draft BYOD Strategy

21 05 2014

At our May TAG meeting, Calvin Krzywiec (Assistant Director of Network Security & Engineering) presented a draft version of a BYOD Strategy (Bring Your Own Device).  We promised Cal a written compilation of feedback to inform the next draft of the report.  Since the TAG meeting, I’ve also been discussing the draft Strategy with several other interested faculty members, and I’ve done my best to compile all of these conversations in an annotated copy of the draft. These notes represent a sampling of individual faculty members’ reactions and should not be considered an authoritative response from the faculty as a whole.

I believe the draft Strategy bears significant implications for teaching, learning, research, and the faculty work environment, and I’ve recommended that the document undergo careful review by the full Faculty Senate. (As the current Senate Liaison, Dave will share our feedback in a report to the Senate Executive Committee.)

I’d also like to invite additional comments and concerns from all faculty. If your exam week/senior week schedule permits, please take a look at TAG’s written response (annotated PDF) and let us know your thoughts.

[Update: Here’s a summarized comments view of the same annotated PDF.]

TAG Meeting Notes 2014-05-07

7 05 2014

TAG Meeting May 7, 2014 12:00pm-1:00pm

Jeremy Brees, Tim Cannon, Teresa Conte, Kim Daniloski, Dave Dzurec, Tara Fay, Jim Franceschelli, Eugeniu Grigorescu, Calvin Krzywiec (guest), Andrew LaZella, Kristen Yarmey

TAG thanks Library Dean Charles Kratz for sponsoring lunch for our meeting today.

1. BYOD Strategy Draft

Calvin Krzywiec joined us as a guest to present and discuss a draft version of IR’s strategy for accommodating the BYOD (Bring Your Own Device) trend. Cal is Assistant Director of Network Security & Engineering and served as chair for the IR Strategy Group tasked with studying BYOD. The group is currently seeking feedback from campus stakeholders to incorporate into a final strategy.

Cal explained that the group’s objectives were driven by increasing demand among students and faculty for access to institutional services from personal mobile devices. The group’s top priority is supporting BYOD for teaching and learning, while a secondary priority is protecting the security of institutional data.

For teaching and learning (see p. 2-4 in the draft), IR’s BYOD objectives include:

  • Investigate and implement untethered teaching/learning solutions
  • Focus classroom upgrades on providing collaborative, flexible workspaces
  • Leverage virtual desktop/application technologies and client devices to reduce reliance on physical lab infrastructure
  • Leverage virtual desktop/application technologies to provide ubiquitous access to lab software resources
  • Investigate and implement secure electronic assessment solutions
  • Expand lecture capture to additional locations

The draft identifies several barriers to BYOD implementation that were also raised by faculty members in TAG’s informal survey on specialized software and computer labs.  These include:

  • Expensive licensing fees for specialized software
  • Potential disparities in student computer ownership
  • Inaccessible and/or limited power sources
  • Security for electronic assessment/computerized testing
  • High demand on wireless network

The draft strategy recommends partnership with CTLE to support faculty needs as well as engagement with faculty during the implementation of BYOD-related strategies. Jim said that IR will work with TAG to recruit faculty volunteers to test out tools and services. While the precise timeline for rolling out these changes isn’t yet determined, there are some pilot projects already in motion. Faculty members in KSOM are piloting software for securing a browser (for computerized testing) using lab computers running thin clients. Teresa noted that the Nursing department would be very interested in piloting computerized testing tools in McGurrin. IR also plans to pilot test untethered teaching/learning options in the fall – TAG will get more information on this in the summer. Tim volunteered to participate in this pilot. IR has already been piloting Panopto lecture capture and will be looking to add this capability to additional classrooms for Fall 2014. Mobile printing is also in process.

Regarding network and authentication issues: Cal said that IR will be replacing the Cisco NAC client with encrypted SSID authentication, so that users will be able to log in to the University network from their device without downloading and installing CNAC. Once a device has been logged in,  it will stay logged in – users won’t have to reauthenticate multiple times during the day to stay on the network.

The second half of the draft (p. 4-9) addresses faculty and staff devices. One issue addressed is primary computing devices (for most faculty, our desktop computer). While currently primary devices are purchased and provided by the University, alternative models such as reimbursement or stipends for equipment and software purchases could be discussed.

Secondly, in order to protect institutional data, the draft proposes a three-tiered mobile device management (MDM) system:

  • Mandatory: This tier applies to all University issued devices and requires an enrollment in a MDM system that enforces the implementation of technical controls on the device, such as lock code, lock when idle, remote wipe capabilities, device encryption, and potentially even location tracking for locating a lost device.
  • Optional: This tier applies to all non-­‐corporate owned staff, faculty, and affiliate devices connecting to University systems, including email. Enrollment in the MDM solution is optional but the expectations of minimal technical controls and the requirement to notify PIR of a lost/stolen device are defined in institutional policy. Employees must agree to allow the University to wipe the device when it is lost/stolen or the employee separates from the institution.
  • Exempt: This tier applies to student devices. This tier has no requirements but offers guidance to students on how to secure their devices.

The draft proposes that a remote wipe could be partial rather than complete, “removing only corporate data.”

Kristen raised concerns about the Optional tier, which would apply to many faculty-owned mobile devices. Firstly, the exact definition of “corporate data” may need to be clarified. According to Appendix VIII (“Copyright”) of the Faculty Handbook, in most (but not all) circumstances, faculty retain copyright over works created as part of their normal teaching, research, and service duties – including research data, lecture notes, videos of lectures, syllabi, etc.  Kristen will look into existing University policies and documents to better understand what types of records (email?) would fall under this policy. Kristen also raised concerns about references to wiping data (including email) upon “employee separation,” which for faculty may take different forms (emeritus, phased retirement, terminal sabbatical, etc).

The BYOD Strategy Group will be compiling feedback into the next draft of the report. Kristen will write up summarized feedback from TAG’s discussion as a formal response to the draft document.

2. Brief Updates 

(The BYOD discussion took up most of the meeting, so updates were rushed.)

Identity Finder automated scans (Kristen)

Kristen has been working with Adam Edwards and Scott Finlon in Information Security to answer faculty questions about Identity Finder automated scans. Kristen has updated the Identity Finder FAQ with clarifications from Information Security.  There are still some faculty concerns about the scanning and reporting process (which was approved by the President’s cabinet back in June 2013); however, we have addressed as many as possible.

Information Security would like to begin the automated scans. TAG members present at the meeting felt ready to move forward with scanning faculty machines. Dave will report at this Friday’s Senate meetings that scans will begin. Kristen will work with Adam to coordinate a schedule and an all-faculty email notification.

Test Scanning Services (Jim)

Jim reported that IR will be changing the hours of Test Scanning Services effective Monday, May 12, 2014.  The service will continue to be provided from Alumni Memorial Hall, Room 001. Tests may be dropped off and results picked up Monday through Friday, from 8:30 am to 4:30 pm.  Based upon demand and operational requirements, immediate service while you wait may not be available.  IR will continue to strive to meet the needs of our customers and will provide a 24 hour turnaround of test scanning results.  Jim asked that faculty please plan accordingly as we approach the end of the Spring term.  Jim will contact regular users of the test scanning service with more details.

Desire2Learn (Eugeniu)

Additional Desire2Learn workshops are being planned for the summer – see CTLE’s workshop calendar for the updated schedule. Eugeniu also reminded TAG members that faculty should back up any student data (including grades, discussion forms, and dropbox submissions) in Angel that they wish to keep. Step by step instructions have been emailed out, but CTLE staff will also hold workshops on this during Senior Week for anyone who needs assistance (see ). Student access to Angel will be turned off as of May 30, but faculty will have access until July 31. After that, data stored in Angel will no longer be available.

PR Department/Program Website Initiative (Dave/Teresa)

We ran out of time for in-person updates on this project. Lori had sent Kristen updates via email. Kristen will post these notes to the TAG site in a separate update.

4. Adjournment

The meeting adjourned at 1:05pm. TAG will not meet again as a full group until Fall 2014, but projects and communication (via email) will continue during the summer.

[Updated immediately after posting with correction to Cal’s title]