TAG Meeting Notes 2014-02-12

14 02 2014

TAG Meeting February 12, 2014 12:00pm-1:00pm

Attendees:
Jeremy Brees, Tim Cannon, Paul Cutrufello, Kim Daniloski, Dave Dzurec, Eugeniu Grigorescu, Katie Iacocca, Andrew LaZella, Lori Nidoh, Kristen Yarmey

1. Brief Reports

Acceptable Use Policy

CIO Jerry DeSanto announced on February 6 that the new Acceptable Use of Information Technology Resources Policy had been approved by the President’s Cabinet. The new policy is an update to the old Code of Responsible Computing. Many thanks to Jim Franceschelli and Dave Dzurec for co-chairing the committee charged with revision.

PR Department/Program Website initiative

Back in late November, Dave, Kim, and Kristen (along with Hal Baillie, Darla Germeroth, and Ray Schwenk) met with Gerry Zaboski and Lori Nidoh in PR to discuss department and program websites. Also in on the meeting (phoning in from Cedar Rapids) were representatives from Converge, a vendor that PR has hired to help us with initial planning and updates for departmental websites and academic program pages (note: *not* course catalog content/program descriptions, which require formal review).

The main goal from a faculty perspective is to develop content for department/program pages that is consistent across the University website and does a better job of communicating what it is that we do — reflecting the quality of our programs/departments, “telling the story” of the student educational experience, etc. (In 2012-2013 TAG had prepared a proposal for improving and maintaining department/program websites that advocated for additional support for this task.)

Briefly, Converge plans to 1) outline/inventory needed content, 2) do some search engine optimization research (e.g., what terms do users type in to Google when they’re looking for nursing programs?), 3) develop a draft template for page content, 4) get faculty feedback via a campus visit and questionnaire, 5) draft some copy, and 6) help us prepare a long term strategy. Their main output would be a consistent template for department/program pages, and they will create content for up to 50 department/program pages (though the institution has the final say on content). Gerry explained that this way we can get a lot of updates done quickly.

PR and Academic Affairs would like to bring together a steering committee or task force to coordinate this project, with work beginning in March. Gerry has broached this topic with the Committee on University Image and Promotion (CUIP), which includes faculty representatives.  After the November meeting, Kristen and Dave had asked TAG members to identify faculty who might be interested in serving on such a steering committee. Teresa, Sandy, and Dave then volunteered.  However, Lori noted that it has not yet been decided which program/department pages will be selected as the focus of the project, and she was not sure who will make that decision. We agreed that once these programs/departments have been selected, TAG will support the faculty representatives on CUIP in trying to recruit faculty volunteers to participate.

Desire2Learn

Desire2Learn went live in January, and so far the transition seems to be going smoothly (see the LMS transition page for details). About 30 faculty members opted to begin teaching in Desire2Learn in Spring 2014. Courses that are being taught in Desire2Learn have been disabled in ANGEL so that students don’t see them in both places.  Workshops and video tutorials are available for faculty.

Eugeniu reported that there was an issue with merging courses that CTLE wasn’t able to resolve in time for this semester, but it will be resolved in time for summer and fall courses. Another issue has been reported with links – Firefox and Chrome are problematic when trying to display unsecure pages within secure frames.

Mobile Apps

IR’s Mobile Apps feedback group met in December (pptx). Sandy attended as a faculty representative. The group reviewed the University’s current apps — ANGEL Mobile, eAccounts (for RoyalCard), the Straxis app, Student Services app, RoyalSync, and Desire2Learn (which also has two special purpose apps – Binder and Grader) — and discussed what additional features should be mobile accessible.  The Straxis app will be retired at the end of the year and replaced by a locally developed web app for the fall 2014 semester.

Royal Card

Faculty are reminded to visit the TSC to get a new RoyalCard. Take your old RoyalCard or a driver’s license, and you will be photographed.

Windows XP to 7 Conversions

(Jim was unable to attend the meeting but sent an update on this via email.) IT Services is continuing to work on converting all remaining Windows XP machines to Windows 7. Faculty machines are the current priority, with a goal of finishing all faculty conversions by the end of May.  IT Services will contact users to schedule a time and date for conversion — the process takes about two hours.  Dave noted that the history department was almost entirely converted and had no issues.

II. Items for Discussion

Specialized Software/Computer Lab Survey Results

Kristen is still working on putting together the survey results and apologized to TAG members for the delay.

WordPress Network

Kristen reported that at least one additional faculty request for a site on the campus WordPress network (sites.scranton.edu) had been turned down. There seems to be a continuing need among faculty and students for academic web space, particularly since the academic server (academic.scranton.edu) was decommissioned.

At our September 2013 meeting, TAG had requested that IR draft language on service levels for WordPress. Kristen asked Jim for an update on this issue. Jim was unable to attend this meeting but sent an update via email, excerpted here:

We met this past fall and have consulted with the CTLE on various support issues.  Unfortunately at this time, we cannot extend the wordpress offerings.  Looking at the current issues at hand – especially with the CTLE and the conversion to D2L – extending support won’t happen until January 2015 at the earliest. I know there is growing demand and many faculty want to use wordpress as an alternative web site.  Unfortunately the supported options are within the CMS.  D2L does have options for blogging and discussion boards.  I think TAG had offered to look at it from a faculty perspective – any news back on that?

Eugeniu explained that CTLE was unable to provide assistance to IR on support for WordPress at the same time as they are supporting faculty and students during the transition to Desire2Learn.

Kristen asked TAG members for their reactions. The majority agreed that we would like to keep advocating for WordPress but acknowledge that Desire2Learn should take priority at this time. Dave suggested that we revisit the question again in January 2015 as Jim indicated.

III. New Business

Vice President for Planning/CIO

Fr. Quinn announced in December 2013 that Jerry DeSanto would be stepping down as Vice President for Planning/CIO. Associate Vice President Robyn Dickinson will serve as Interim. While the search for a new Provost is taking priority, Dave and Kristen noted that they planned to volunteer TAG’s input (either formal or informal) in any upcoming search for the CIO position.

TAG Leadership for 2014-2015

Kristen will be rotating off as TAG co-chair at the end of Spring 2014. Dave will continue as co-chair for 2014-2015, but will be on sabbatical in Spring 2015.  They asked for one or two volunteers (preferably but not necessarily including a Senator) to serve a two-year term as co-chair. Andrew volunteered to serve in Spring 2015 while Dave is away. We are still in need of another volunteer to serve the full year.

IV. Demonstrations

Adam Edwards and Scott Finlon from Information Security came to the second half of the TAG meeting for two demonstrations.

Firstly, they demonstrated the administrative side of Identity Finder. TAG members have been piloting automated Identity Finder scans, which are running each Friday at noon. Identify Finder scans the user’s computer for any personally identifiable information (PII) in unprotected files. The Information Security Office receives reports that indicate the level of risk for that machine. Anticipating concerns about privacy and confidentiality, Adam and Scott showed a sample report. The report shows the number of hits and the location of each file with hits, but the actual information is obscured. Based off of these reports, Adam then works one-on-one with users to either delete the files or move them to a more secure location. Adam said that he is working with staff with the most risk first (e.g., people with 1,000 hits or more).

Secondly, Adam and Scott demonstrated using TrueCrypt (free open-source disk encryption software) to encrypt files or folders that contain confidential information (such as human subject research data). They have already shown this tool (along with another encryption tool in Identity Finder) to the IRB and would like to make it a recommended standard for campus use. [Update 2014-07-02: Support for TrueCrypt has been discontinued, so Information Security now recommends using 7Zip for encrypting sensitive or confidential data.] TAG members did not bring up any concerns, so we will move forward on this. Adam will share brief written instructions, and we will share them with the faculty as a recommended practice for confidential data.

Adam and Scott would like to start automated Identity Finder scans on faculty computers beginning with departments that would *not* have any confidential subject data stored no faculty desktops. We were not sure that such a distinction could be easily made, but TAG will try to work with department chairs to determine which departments might be willing to begin scans. Scott will send Kristen a list of departments as they appear in Identity Finder (based on Active Directory groups) as a starting point.

Adjournment

The meeting adjourned at 1:10pm. TAG’s next meeting will be Wednesday, March 12 from 12pm-1pm in WML305.


Comments : Leave a Comment »
Tags: , , , , , , , , , , , , , , ,
Categories : Angel and Desire2Learn, Announcements, Minutes, Mobile, Security, TAG Administrative, Website Proposal

Adobe Breach – Info for Users

18 11 2013

TAG got a question from a faculty member about the recent Adobe data breach and whether or not it affects campus users. Scott Finlon in Information Security shared a REN-ISAC alert that addresses higher ed implications and recommended that if anyone used the same email address and password on Adobe’s site as any other site, they should change their password immediately.

Quick take-home from the REN-ISAC alert:

“If the same password used for Adobe System accounts was used for work, school, banking, or other accounts, those accounts may be at risk. Repercussions could range from simple to severe, such as account hijacks to send spam, theft of bank deposits, or hackers gaining a foothold in a place of employment to conduct widespread damaging attacks.”

Full alert:

November 12, 2013

ALERT: Threat to computer accounts due to Adobe security breach

BACKGROUND: In October 2013, Adobe suffered a data breach. Their database of 38 million usernames and passwords was stolen and subsequently posted online [1][2]. Adobe did not protect user passwords to industry standards, and attackers were able to exploit that. Also stored with the passwords were the users’ password hints in clear text. Many of the hints are weak and easily exploited by third parties. Security experts agree that it will be trivial for miscreants to discover the passwords.

Of the estimated 38 million Adobe customers affected, analysis indicates that there were over 2 million education-related accounts. We don’t know how many of the email addresses are attached to active institutional accounts.

Adobe reached out to individual affected users via email. The notification thoughtfully included “[we] recommend that you also change your password on any website where you use the same user ID or password”. However, there are reports of non-delivery (it might have been filtered as spam) and users disregarding the e-mail (it might have been thought to be a phishing message).

IMPACT: If the same password used for Adobe System accounts was used for work, school, banking, or other accounts, those accounts may be at risk. Repercussions could range from simple to severe, such as account hijacks to send spam, theft of bank deposits, or hackers gaining a foothold in a place of employment to conduct widespread damaging attacks.

RECOMMENDATIONS: We recommend that you take the following actions:

1. CHANGE PASSWORDS IMMEDIATELY. Persons who used the same password for Adobe and other accounts should immediately change their passwords at the other locations and monitor for unusual activity.

2. ADOBE PASSWORDS SHOULD BE RESET only by manually visiting the Adobe website, and not by clicking on links arriving via email, as there is now a concern that there will be a rise in phishing related to this event.

3. NEVER REUSE YOUR INSTITUTIONAL PASSWORD for external web sites or Internet services. If you reuse a password at multiple locations when the password is compromised at one site the miscreants then can gain access to all sites where you’ve used that password. The best policy is to always use different passwords for different accounts.

4. CREATE STRONG PASSWORDS OR PASSPHRASES [3]. The Wikipedia Guidelines for Strong Passwords [4] is a good starting point.

5. CONSIDER THE USE OF A PASSWORD “WALLET” such as KeePass and LastPass. These tools make it very easy to have a unique password for every web site or service, and to have strong passwords.

6. BE ON THE LOOKOUT FOR PHISHING. Miscreants will be using the Adobe breach as a pretext for phishing.

7. USE INFORMATION THAT IS NOT EASILY GUESSED. When providing password hints use information that is not easily guessed or discovered. For example, if your hint is “dog’s name” and you mention your dog on social networking sites miscreants can discover that information.

REFERENCES:

[1] http://helpx.adobe.com/x-productkb/policy-pricing/ecc.html

[2] http://krebsonsecurity.com/2013/10/adobe-breach-impacted-at-least-38-million-users/

[3] http://xkcd.com/936/

[4]


Comments : Leave a Comment »
Tags: ,
Categories : Announcements, Security

TAG Meeting Notes 2013-11-06

11 11 2013

TAG Meeting November 6, 2013 2:00pm-2:50pm

Attendees:
Paul Cutrufello, Kim Daniloski, Dave Dzurec, Jim Franceschelli, Eugeniu Grigorescu, Andrew LaZella, Kristen Yarmey

1. Brief Reports

Desire2Learn (Eugeniu)

Eugeniu (CTLE) and Connie Wisdo (ITDA) sent an email to all-faculty detailing the schedule and plan for our LMS conversion from Angel to Desire2Learn.  CIO Jerry DeSanto would be joining Eugeniu and Connie for a presentation to Faculty Senate scheduled for November 8. CTLE will host Desire2Learn showcases for faculty on Monday, November 11 (3:00 – 4:00pm) and November 12 (4:00 – 5:00pm) in Brennan 228.  CTLE has also scheduled several Desire2Learn training workshops for faculty.

Identity Finder (Kristen)

Adam Edwards (Information Security) and Joe Dreisbach went to a recent IRB meeting to discuss options for encrypting research data to better ensure subject confidentiality. Adam proposed two tools (TrueCrypt and Identity Finder’s built-in Audit Vault) as options, though if possible he would like to settle on one as a campus standard. Adam asked Bryan Burnham to try both tools and report back with any issues or concerns. [Update 2014-07-03: Support for TrueCrypt has been discontinued, so Information Security no recommends using 7Zip for encrypting sensitive or confidential data.]

TAG members have been piloting automated Identity Finder scans, which are running each Friday at noon. No TAG members had experienced any performance issues. However, Kristen is concerned that the scans are essentially invisible to the user – that is, there is neither notification prior to the scan beginning nor confirmation with report results at the conclusion of the scan. She would like users to be able to see a log of the scans and results from their computers (even if only on an opt-in basis). Adam is looking into this. Ordinarily, users do not know their scan results – Adam meets one-on-one with users, based on how high the risk is (e.g., large number of hits for PII – personally identifiable information – especially if stored in unsecured folders or applications like Dropbox = higher risk).

Adam has offered to give a demonstration of Identity Finder so that faculty can better understand what Information Security sees in the reports and how they work. TAG members present decided to ask for a small TAG demo first, after which we will determine whether or not a demonstration should be given to the full Faculty Senate. Kristen will contact Adam to schedule a TAG demo in December.

2. Items for Discussion

Budget Priorities – Specialized Software and Labs

At our October meeting, we talked about gathering faculty feedback relating to specialized software an computer labs, to better prepare for future discussions about budgeting priorities. We decided in October to compose a survey for faculty members. We spent much of the November meeting working on a draft of the survey, which will ideally be disseminated to all faculty on or around November 13 (such that results can be shared with Information Resources by early December). Kristen will send the revised survey draft to all TAG members for further comment and review.

Jeremy Brees (in absentia) had suggested that TAG give the academic deans a heads-up about the survey, since it may prompt questions from faculty. Jeremy, Paul, Dave, and Kristen will talk to their respective deans prior to the survey being sent out.

Adjournment

The meeting adjourned at 3:00pm. This was our final scheduled meeting for Fall 2013. Kristen and Dave will coordinate scheduling for Spring 2014 meetings.


Comments : Leave a Comment »
Tags: , , , , , , , ,
Categories : Angel and Desire2Learn, Announcements, Minutes, Security

Royal Drive – Off Campus Access

31 07 2013

Update as of August 16th: Fixed!

 

———————————————————-

Notification from the TSC, sent out via email yesterday at 4:20pm:

Access to RoyalDrive from off-campus, via both the portal and the Xythos client, has been disabled as of 4:30 p.m. on Tuesday, July 30, 2013 due to a vulnerability.  Alternative methods for off-campus access are being developed and tested and will be made available as soon as possible.  If you are currently working off campus and need access to files on RoyalDrive, the server, via both the portal and the Xythos client will be made available to you from 9:00 a.m. to 11:00 a.m. on Wednesday, July 31, 2013.

More information will be provided via my.scranton portal announcements.   If you have further questions, you may contact the Technology Support Center at 570.941.4357 or techsupport@scranton.edu.

[Update as of August 1: ]

Off-campus access to Royal Drive will continue to be restricted until the vendor releases a patch for the vulnerability. Employees having a critical business need to access Royal Drive from off-campus through the end of next week may request alternative access by submitting an email message to techsupport@scranton.edu with a valid business justification. If you have questions, please contact the Technology Support Center at (570) 941-4357.


Comments : Leave a Comment »
Tags: , , ,
Categories : Network and Infrastructure, Outages, Royal Drive, Security

Identity Finder and confidential data

14 04 2013

At our last TAG meeting, IT Services Director Jim Franceschelli and Information Security Director Adam Edwards invited faculty feedback on their Identity Finder Proposal on Automated Scans. For those just joining us, Identity Finder software scans your (Windows) computer for sensitive, unsecured Personally Identifiable Information (PII). The Information Security Office and IT Client Services are jointly proposing implementation of weekly, automated, required Identity Finder scans (see the proposal for details). During the meeting, TAG members shared some concerns about scheduling and performance effects. After the meeting, we received additional concerns from Bryan Burnham (Psychology), a member of the Institutional Review Board, that Identity Finder scans of machines storing human research subject data or client files (from a counseling practice, for example) would breach subject confidentiality. Concerns are paraphrased here:

There are privacy issues related to data collected on human research subjects that must be considered before automated Identity Finder scans of machines can occur. Specifically, we (IRBs, DRBs, PIs – primary investigators) ensure complete and total privacy of our human research subjects’ data, especially sensitive information (names, emails, Royal IDs, social security numbers), some of which is undoubtedly stored on computer hard drives. [The same is true for client files maintained by counselors or clinicians.]

“Subject confidentiality” means that knowledge of a person’s participation in a research study is between the human subject and only the PI. That is, a subject is guaranteed by the PI that knowledge of their participation as well as their personal and sensitive data will not be open or available to any third party – meaning anyone not associated with the research project. The automated Identity Finder scans would, in effect, view confidential human research subject data and client information that, by definition, cannot be viewed by others.

It should be noted that the Identity Finder reports that the Information Security office receives are redacted, showing a masked version of a potentially problematic file and the location where it was found, and are only accessible to the Information Security Director (Adam) and the Information Security Engineer (Scott Finlon). However, Bryan noted that the scan itself is the issue: third parties (including other University divisions/employees and University-owned software) are not allowed to access or see confidential subject information.

Bryan, Jeremy, Kristen, Adam, and Scott got together on Friday to get a better understanding of this issue and what options there might be for general campus implementation of automated Identity Finder scans without violating subject confidentiality.

We discussed a few options that IR and TAG  could consider for Identity Finder, each with varying advantages/disadvantages. A significant complication, however, is that at this point we don’t know how many researchers on campus have this kind of data, where it’s stored (faculty, staff, student, and/or lab machines? cloud storage?), and whether it’s encrypted or otherwise protected against security breaches (malicious or inadvertent). Bryan stressed that researchers are responsible for their own data and for ensuring subject confidentiality, and neither the IRB nor the University can impose or require specific data management practices, at least under current IRB policies.

Scott noted that the Identity Finder question is only the top layer of broader issues of privacy, security, and digital records management on campus, and that research data stored on a researcher’s hard drive or in cloud storage could be vulnerable to external attack. Both Adam and Scott mentioned that Identity Finder, used appropriately, could help researchers protect subject confidentiality by locating vulnerable information and prompting the researcher to take further steps towards securing it. We agreed, though, that educating researchers about data security and encouraging more secure data management practices (encryption, password protection, etc) will be a longer, more involved, and more inclusive conversation – but a conversation that needs to happen nonetheless.

Next steps: Bryan will bring this discussion to the IRB at their April 16th meeting for additional input and will share any relevant guidelines from grant agencies (e.g., Department of Health & Human Services), and his and others’ own digital data management practices. Adam and Scott will reach out to Identity Finder and other university security offices re: how others have handled this issue. They are willing to continue discussing accommodations for researchers storing sensitive data, if we can find all of them or somehow get them to self-identify. TAG might be able to help survey the faculty on this question (yes/no/unsure) – multiple outlets should be used to try to catch everyone’s attention. The IRB, ORSP, and TAG may want to coordinate a faculty forum on this topic.

We’re still early on in this discussion, so please contact TAG if you have any insight, concerns, or questions that we might not have considered yet.

 


Comments : Leave a Comment »
Tags: , , , , ,
Categories : Announcements, Network and Infrastructure, Security

Revision of The University of Scranton Acceptable Use Policy

4 03 2013

As we continue the revisions to the University’s acceptable use policy (formerly the code of responsible computing) we welcome feedback from members of the University community.  Please contact Dave Dzurec (david.dzurec@scranton.edu) with any comments or questions.

University of Scranton Acceptable Use Policy DRAFT 02-21-2013


Comments : Leave a Comment »

Categories : Announcements, Network and Infrastructure, Security

Viewfinity roll out with Windows 7

21 11 2012

IT Services is going to start rolling out Windows 7 to faculty on *new systems* (that is, you’ll get it when you get a new computer or rebuild). That means it’s time to spread the word about Viewfinity and standard user accounts.

Here’s the official statement from Jim Franceschelli, director of IT Services:

Viewfinity Privilege Management is currently being installed on all University office computers in an effort to better secure endpoints and reduce vulnerabilities to hackers, malware and embarrassing security breaches that could prove costly to The University of Scranton’s reputation. Viewfinity allows all Windows 7 users to run as standard users further reducing computer vulnerability to viruses and other malicious attacks.

Please be aware that attempting to install applications or printers or attempting to change some settings will require administrative privileges. Viewfinity will elevate your privileges and allow you to install applications or change settings as necessary. When you receive a Viewfinity prompt requesting your justification for an installation or system change, simply enter the information requested and click OK. Your installation will proceed immediately.

Just to repeat from a faculty member perspective: when you get a new computer, you’ll get Windows 7, and your account on your desktop/laptop will change from being an administrator account to a standard user account. By default, standard users can’t install or delete applications, as administrators can. That’s where Viewfinity comes in — when you try to install software, it will automatically and temporarily elevate you to administrator status. In other words, we can install whatever software we need when we need it. (Note – this only applies to faculty members. Staff have to go through an approval process when requesting new software.)

I’ve been piloting Viewfinity as a faculty user since the middle of the summer, with excellent results and no disruption to my work or research. To give you an idea of what it looks like —  let’s say I want to play around with some visualization software, like Edraw Mind Map. I download the .exe file for Edraw as usual. When I try to run the .exe to install the software, I get a small popup window from Viewfinity that asks for a “business justification”:

 

IT Services isn’t monitoring business justifications for faculty members, so you can simply say you are using the program for teaching, research, incidental use, etc – no lengthy explanation required:

When you click OK, you are automatically bumped up to administrator. I get a little notification at the bottom of my screen:

 

The software installation begins right away, and I can go through the installation steps like I normally would. Once the installation is complete, I’m automatically bumped back down to a standard user account.

Overall, the process is smooth and seamless – it adds maybe 5-10 seconds to my normal installation time. Commonly used software (Skype, iTunes, Spotify, etc) has been whitelisted to speed things up, so you don’t even need to click through the business justification step for things like that. I’m running all the software I had on my old Windows XP machine (Dropbox, Google Calendar Sync, Tweetdeck, Google Earth, etc etc etc) on my new Windows 7 machine with no issues or disruptions.

While I know some of us would prefer to still be admins, I think this solution is a good balance between freedom and security. Jim and the IT Services staff put in a lot of work to figure out a way to accommodate faculty needs, which I truly appreciate. Any issues with Viewfinity can be reported to the Technology Support Center by phone (x4357), email, or Footprints.

Last couple of points:

  • Viewfinity is not supported on Mac or Linux, so faculty using Mac or Linux machines are not affected by any of these changes.
  • Viewfinity has another big feature – Remote Desktop assistance! When you call the Technology Support Center, you’ll be able to share your desktop with the support staff so that they can help you easily from a distance. This service is in development and will be available soon. It will always have a prompt – your desktop won’t be shared without your approval.
  • Faculty members with XP machines will get Viewfinity via KBOX, so you’ll have Remote Desktop capability, but you will still maintain an administrator account (and XP) until you get a new computer.
  • Classroom and lab computers are all Windows 7 now, but they do *not* run Viewfinity — they have Deep Freeze instead. So you can install programs on classroom and lab computers, but those installations will disappear each time the machine shuts down. If you need to install software in a classroom or lab that you need to use frequently, submit a request to the Technology Support Center via Footprints.

Comments : Leave a Comment »
Tags: , ,
Categories : Announcements, Security

TAG Meeting 2012-11-07

8 11 2012

On November 7, TAG held its third and final Fall 2012 meeting.

1. Code of Responsible Computing Committee update

Dave Dzurec (History) and Jim Franceschelli (IT Services) are co-chairing a committee charged with drafting an update to the Code of Responsible Computing. The goal of the committee is to create a single policy for faculty, staff, and students that will define responsible use of information technology at the University.

Dave and Jim have been reviewing acceptable use policies from other universities  and have almost finished a draft for the rest of the committee to review.  After review by the committee, the policy will go to VP/CIO Jerry DeSanto, and then it will enter the University governance system for full approval (probably in 2013-2014).

Faculty representatives on the committee (as appointed by the Faculty Senate) are Dave, Wesley Wang (Economics/Finance), and Bob Spinelli (Health Administration and Human Resources). The Staff and Student Senates also have two representatives each.

We discussed briefly how the new policy should be disseminated and shared with students and faculty after it is approved. Sandy asked whether new students/faculty/staff will need to sign off on the policy when they begin using University services to make sure they are aware of it. Kristen suggested incorporating a mention of the policy into the New Faculty Orientation. She will also suggest to the Associate Dean of the Library, Bonnie Strohl, that public patrons using Library computers would be informed of the policy in some way.

2. CTLE Technology Liaison

The Center for Teaching and Learning has two faculty liaisons (currently Anthony Ferzola and Marian Farrell) who provide an interface between faculty teaching and the CTLE’s resources. Faculty can reach out to the liaisons for support (e.g., teaching observations), and the CTLE can reach out to the liaisons for input on needed resources. The liaisons also run the faculty mentor/mentee program.

The CTLE wants to establish a similar faculty liaison who would specifically address academic technology questions and needs. They did a pilot project last year, with Sandy Pesavento (Education) serving as the faculty technology liaison, to see what role(s) a liaison should fill. Eugeniu asked TAG (including Sandy) for feedback on what a technology liaison’s “job description” should look like.

During the pilot year, Sandy did some technology trainings (higher order thinking, student response systems, smartboards, etc) and teaching observations (e.g., coming to a class to suggest technology tools that might be helpful to the instructor). One of the difficulties during the pilot year was that few faculty members outside of PCPS were aware that Sandy was available for consultation on technology issues, though, so a challenge for the future will be finding ways to promote the services the liaison provides.

We discussed other needs that a liaison could address. Several TAG members suggested a repository or database of some kind that would identify 1) educationally relevant technologies and 2) if/how faculty at Scranton and other universities have implemented them.  Katie noted that sometimes faculty don’t necessarily know what tools are available to them. Jeremy and Dave expressed interest in hearing from faculty members who have been doing pedagogical research with technology in the classroom – e.g., via Friday presentations like the Office of Research Services seminar series.

We also discussed the difficulty of knowing who to call for help – that is, CTLE supports faculty use of technology for pedagogy, but IT Services supports the actual hardware and software that faculty use in the classroom. Teresa suggested a flow chart to indicate who to call and when.

3. Windows 7 and Viewfinity

As Windows 7 is rolled out with new University computers, your account on your desktop/laptop will change from being an administrator account to a standard user account. This is a security measure to try to prevent users from downloading and installing malicious software. By default, standard users can’t install or delete applications, as administrators can.

We were concerned about this limitation when TAG first learned about it, but IT Services has put in a lot of work to figure out a good solution for faculty members so that this change doesn’t affect our work. Using Viewfinity privilege management software, faculty users can be automatically and temporarily elevated to administrators so we can install whatever software we need when we need it.

Kristen has been piloting Viewfinity as a faculty user since the middle of the summer, with excellent results.  There’s a small popup window that comes up each time you begin to install a program that asks for a “business justification,” but you can simply say you are using the program for teaching, research, etc – no lengthy explanation required. When you click OK, you are automatically bumped up to administrator while the program installs, and you are automatically bumped back down to standard user once the installation is complete. Commonly used software (Skype, iTunes, etc) is whitelisted to speed things up. Overall, the process is smooth and seamless — many thanks to Jim and the IT Services staff for finding a way to accommodate faculty needs.

Viewfinity has another big feature – Remote Desktop assistance! When you call the Technology Support Center, you’ll be able to share your desktop with the support staff so that they can help you easily from a distance. This service is in development and will be available soon. It will always have a prompt – your desktop won’t be shared without your approval.

Faculty members with XP machines will get Viewfinity via KBOX, so you’ll have Remote Desktop capability, but you will still maintain an administrator account (and XP) until you get a new computer.  Faculty members receiving new machines will have Windows 7 and a standard user account, with Viewfinity.

Viewfinity is not supported on Mac or Linux, so faculty using Mac or Linux machines are not affected by any of these changes.

Classroom and lab computers are all Windows 7 now, but they do *not* run Viewfinity — they have Deep Freeze instead. So you can install programs on classroom and lab computers, but those installations will disappear each time the machine shuts down. If you need to install software in a classroom or lab that you need to use frequently, submit a request to the TSC via Footprints.

4. Infrastructure for Computerized Testing

We were running out of time, so we didn’t get to discuss this agenda item. Jim suggested that a work group form to work on some possible solutions, since we haven’t made much progress on this issue. Jim, Teresa, Sandy, and Eugeniu will start to work on this.

5. & 6. WordPress Site Organization & Luminis Tab

No time for these agenda items either – Kristen will be in touch with TAG members via email.

TAG will not be meeting in December, so our next formal meeting will be in Spring 2013. TAG members will still be communicating and working throughout December and January, though, so as always please feel free to contact us with questions, concerns, or suggestions.


Comments : Leave a Comment »
Tags: , , , , , , , , , , ,
Categories : Announcements, Minutes, Network and Infrastructure, Security

TAG Meeting 10/3/2012

8 11 2012

On October 3, TAG held its second Fall 2012 meeting.  [Yes, that was more than a month ago — many apologies for taking so long to post the meeting notes!]

1. Departmental Websites and the CMS

We’ve been discussing departmental websites for quite a while.  Lori Nidoh (PR) brought us some analytics from the University website (June 2012 – September 2012, all excluding internal traffic) to give us a better idea of how these pages are being used:

  • The Undergraduate Programs page is the 5th most visited page on the University website – after the home page, HR vacancy list, HR home page, and Admissions home page. (report)
  • From the Admissions home page, the Undergraduate Programs page is #5 on the list of what pages users visit next – indicating that prospective students are indeed looking at departmental web pages. (report)
  • This spreadsheet shows the most heavily visited scranton.edu/academics/ pages.
  • Lori broke out additional analytics on a few department and program pages to give us a sense of how they are used: Biology, OT, PT, and Pre-Med.

We continued to discuss options for how to keep departmental pages up-to-date. Eugeniu noted that the CTLE TechCons help faculty members with their personal websites, but that access and permissions in the CMS (content management system) are an issue for departmental pages – a department wouldn’t necessarily want to grant publishing rights to a student who is editing their page, but it’s hard to catch quirks and mistakes if you can’t publish and review your recent edits. Lori asked that any observed CMS quirks be reported to PR.

Jeremy will be convening a group of interested faculty to discuss this concern in more detail offline. The group will outline a proposal for how departmental websites could best be maintained,  in collaboration with staff from Public Relations and Academic Affairs. Teresa Conte (Nursing), Katie Iacocca (OIM), Kevin Wilkerson (CHS), and Sandy Pesavento (Education) volunteered to participate, but any interested faculty (especially those with experience using the CMS) can join the discussion.

2. FERPA Considerations for Cloud Computing

Kristen asked for input on what cloud computing tools faculty are currently using and how those tools are being used for instruction. She noted the distinction between “internal cloud” services (e.g., Royal Drive, Angel) versus “external cloud” services (Gmail, Dropbox, etc).

Kristen will meet with IR staff from the Information Security office to nail down specifics on what faculty can and can’t do with these cloud tools in order to comply with FERPA regulations (see previous FERPA post for details).

3. Faculty Input on the IT Tactical Plan

Over the summer, TAG was asked by IR to respond to a number of technology questions posed by Jerry DeSanto, VP/CIO. Planning and Information Resources is in the process of creating their 3-5 year IT Tactical Plan, and the questions were targeted at the expected needs of the faculty in the coming years:

  • How can IT better support faculty research?
  • Given the influx of new, younger faculty what kinds of technology needs/support do you anticipate they are going to need?
  • How do you see the classroom experience changing over the next several years, and how can IT assist in this evolution?
  • What new academic programs do you see developing over the next five years, and how can IT help?
  • With the President’s stated intentions about the University and globalization, how do you see this playing out with web-based education, study abroad, and perhaps the development of satellite campuses in other parts of the globe?

Jerry asked for feedback by November 1 such that faculty input could be incorporated into IR planning. Jeremy asked the group how TAG would like to gather faculty input. We decided on a two-pronged approach – a brief survey sent to all faculty, and a more detailed response from TAG members. [Update – see the results in Jeremy’s 2012-11-05 post, Feedback Regarding the IT Tactical Plan.]


Comments : Leave a Comment »
Tags: , , , , , , ,
Categories : CMS and University Website, Minutes, Security, TAG Administrative

FERPA considerations for cloud services

11 09 2012

I sat in on today’s meeting of IMAC (the Information Management Advisory Committee) on behalf of TAG. There were two major items discussed – a revision to the Records Management & Retention Policy (which I don’t think will have much direct impact on faculty) and a set of Guidelines for the Use of Cloud Computing Services.

The Guidelines are not policy – the document just list some of the concerns and considerations faculty and staff should be aware of when signing up for cloud services like Gmail, Google Docs, Dropbox, Facebook, Twitter, Pinterest, PayPal, etc.

The Guidelines are currently in draft format, so I’ve been asked not to distribute them outside of TAG. Non-TAG members, the new Guidelines will be sent out in 3-4 weeks, but in the meantime take a look at former Information Security Officer Tony Maszeroski’s Guidance on the Use of Cloud Applications by Individuals – the new Guidelines are similar in content.

One of the major concerns with using cloud services for University-related work (like teaching) is that it introduces all sorts of privacy and security issues. Almost all student information, like grades, transcripts, class lists, etc, is classified as restricted or confidential (see the Information Classification Policy) due to FERPA.

Classified or restricted information should not be stored or transferred on non-University systems, so faculty need to be very aware of what information we’re sharing with what third parties. If you’re using cloud tools or social media as part of your class or lab, you need to be very conscious of any potential privacy violations, and be upfront with students about the terms of service.

(See EDUCAUSE’s 2010 report on Privacy Considerations in Cloud-Based Teaching and Learning Environments. Colorado Community Colleges Online has posted some scenarios relating to respecting FERPA in an online classroom.)

I don’t think this is an issue that most faculty are very aware of, and I’d like to get a sense of how TAG can help faculty sort out these considerations in their classes. So let me know what you think – What questions do you have? What resources or references would be useful?


Comments : 5 Comments »
Tags: , , , , , , , ,
Categories : Announcements, Online courses, Security

« Previous Entries Next Entries »