TAG Meeting Notes 2013-10-02

3 10 2013

TAG Meeting October 2, 2013 2:00pm-2:50pm

Attendees:

Jeremy Brees, Tim Cannon, Kim Daniloski, Dave Dzurec, Tara Fay, Jim Franceschelli, Eugeniu Grigorescu, Andrew LaZella, Sandy Pesavento, Kristen Yarmey

Mary Goldschmidt, newly appointed Faculty Development Specialist in CTLE, sat in on our meeting to introduce herself to TAG members and gain familiarity with TAG-related projects.

1. Brief Reports

Desire2Learn (Eugeniu)

Staff members in CTLE and ITDA continue to develop an implementation plan for our switch from Angel to Desire2Learn. More details are forthcoming, but here’s what we know so far:

  • Desire2Learn will be in place in January and available for Spring 2014 teaching
  • By default, 2 years’ worth of past courses will be converted from Angel to Desire2Learn (academic years 2011-2012, 2012-2013). Faculty will be able to request that older courses be converted (e.g., if you’ve used Angel to teach a course that only runs every three years).
  • Desire2Learn support staff will do training for on campus trainers and administrators.
  • In mid-November, there will be 2 introduction sessions for faculty.
  • CTLE will be working with a few faculty members to pilot courses. (Eugeniu will let us know who.)
  • Angel will be “turned off” in May 2014 (that is, it won’t be available for teaching), but it will still be available for content retrieval until September 2014.

Let TAG know if you have questions or requests related to the LMS transition and we’ll pass them along to CTLE and ITDA.

Identity Finder (Kristen)

At our September 2013 meeting, TAG members volunteered to serve as pilot participants for faculty implementation of automated Identity Finder scans (prior to full rollout). Automated scans were to begin at noon on Friday, September 19. TAG members reported no indication that scans had taken place, but Jim explained that users are not necessarily notified by the Identity Finder application when a scan is running and that users cannot see their own scan results. Kristen will contact Adam Edwards in Information Security for clarification on this point.

Kristen continues to work with Adam on preventing Identity Finder scans of confidential human subject research data or client files. Adam met with Joe Dreisbach and University Counsel Rob Farrell for additional discussions about managing sensitive research data. Adam reported that Joe would meet with the IRB.

Automated scans do not apply to faculty members using Mac or Linux machines.

Active Directory – R Number Log in (Jim)

On September 25, Kristen and Dave met with Jim, Jerry DeSanto (VP of Planning and CIO), Robyn Dickinson (AVP of Planning and Information Management), and Lorraine Mancuso (Director of Project Management) to discuss IR’s current and planned projects for this academic year. There were three major projects of particular interest to or impact on faculty: implementation of Active Directory log-in for faculty desktops, phasing out of Windows XP, and a new lecture capture pilot.

Jim reviewed IR’s plan for converting faculty desktop PCs to Active Directory login – which on the user side essentially means that we will log into our desktops using our R numbers, as we do for lab or classroom computers. The conversion just began and will roll out over campus through the rest of Fall 2013, scheduled by department. Users will get email notifications one week prior to their scheduled conversion, as well as an email reminder the day before conversion that will include instructions. Triage teams of IR staff members will be available to assist users.

This change will only apply to Windows PCs (XP and Windows 7). The change does not apply to Macs, laptops, or tablets. Connections to networked printers, copiers, etc will be maintained.

Faculty members in Psychology were scheduled for the first rollout (with IR staff, since they are all in AMH) on September 30, but an unexpected issue delayed the conversion. Tim reported that this was confusing for users who tried to log in with their R numbers as they had been instructed to do and were not able to access their machines.

Windows XP End of Life (Jim)

Microsoft is discontinuing support for Windows XP in April 2014. There are about 1,000 XP machines on campus at this time – about 400 of them in Academic Affairs (including faculty but also adjuncts, academic staff, etc). IR plans to update all remaining XP machines to Windows 7, though not all of them will be completed by April 2014. For faculty desktops with XP, the conversion will involve downtime. Jim said that conversions are being scheduled with the academic calendar in mind, and once the schedule is released, faculty will be able to request alternative dates for conversion if the assigned date conflicts with teaching or research. Training on Windows 7 is available from Jack Williams.

Lecture Capture (Jim)

Last year, MediaSite lecture capture systems were installed in two rooms in LSC. TAG members Jeremy Sepinsky and Tara Fay were among the faculty who piloted the technology. This year, there was increased demand for lecture capture in LSC, but it was not feasible for IR to install MediaSite in additional classrooms, since each MediaSite installation requires its own, local server.

This year, faculty in Nursing and Counseling are piloting a different, cloud-based tool for lecture capture – Panopto. Feedback so far is positive, and installation is much easier and faster. At the end of the semester, IR will seek feedback from the pilot faculty to decide how to extend lecture capture services on campus.  TAG member Sandy Pesavento will keep tabs on faculty feedback. Kristen suggested that CTLE arrange a Faculty-to-Faculty workshop or demonstration for Panopto.

Angel Support (Dave)

The Faculty Senate executive committee reported concerns from at least one faculty member about the availability of support for Angel during off hours (nights and weekends). Jim said that faculty can contact the Technology Support Center over the weekend (9am-5pm Saturday, 12pm-10pm Sunday) for support. On Saturdays, students work the TSC but can escalate a major issue to staff. On Sundays, a staff member is present.

3. Items for Discussion

Budget Priorities – Software and Labs

IR administrators are preparing contingency plans should budget cuts be required for the future. Two areas that may be at risk for cuts are specialized software licenses and computer labs. In order to minimize the impact on teaching and research, IR needs information from faculty about what is most important to us. Dave and Kristen would like TAG to gather faculty feedback in October and November that can be submitted to IR in time for discussions in December. Several points from our discussion:

  • There was general agreement that a survey would be more effective than a faculty forum. We also agreed that we would need to work through department chairs, Faculty Senate, etc to encourage responses. We could especially focus efforts on departments that we know rely heavily on specialized software and labs.
  • Jim will provide a list of specialized software and computer labs currently available. For software, Sandy asked if the list could include prices to give faculty a better understanding of which licenses are most costly. Kristen suggested that we could break the list into pricing ranges or levels if actual costs cannot be shared. Dave suggested that a financial incentive could be explored — for example, the Library’s acquisitions budget is allocated to departments, which then can use that funding for databases, journals, and books.
  • We need to understand how specialized software is used — e.g., whether a faculty member needs one license for his/her research, a handful of licenses for his/her lab, or lots of licenses since the software is a required part of a course.
  • We would also like to understand if faculty would consider alternative software options. For example, Tim suggested that we push faculty and students towards R rather than using SPSS, which is extremely expensive.
  • The Library’s Learning Commons initiative will include providing specialized software at dedicated machines (possibly reservable), so the Library may be able to cushion some of the impact of cuts. Kristen and Jim will work with Learning Commons Coordinator Sheli McHugh to coordinate and share feedback from the faculty survey, such that the Library can anticipate new faculty and student needs.

Kristen will email all TAG members to ask for volunteers (at least one from each college – either a TAG member or another interested faculty member) to assist with developing and disseminating a survey (ideally by the end of the month). Please contact her with suggestions or concerns.

Adjournment

The meeting adjourned at 3:00pm. TAG will reconvene on Wednesday, November 6 at 2:00pm in WML305 (Library instruction classroom).


Comments : Leave a Comment »
Tags: , , , , , , , , , , , , , , ,
Categories : Angel and Desire2Learn, Announcements, Minutes

TAG Meeting Notes – 2013-09-04

5 09 2013

TAG Meeting September 4, 2013 2:00pm-2:50pm

Attendees:

Jeremy Brees, Tim Cannon, Paul Cutrufello, Kim Daniloski, Dave Dzurec, Tara Fay, Jim Franceschelli, Eugeniu Grigorescu, Andrew LaZella, Sandy Pesavento, Kristen Yarmey

1. Introductions

We introduced two new TAG members for this year: Dr. Andrew LaZella (Philosophy, CAS) and Jeremy Brees (Management and Marketing, KSOM). We’re still hoping to recruit an additional faculty representative from PCPS – please let us know if you have any suggestions!

2. Brief Reports

LMS Group (Tara)

The Learning Management System Working Group recommended at the end of Spring 2013 that we switch from Angel to Desire2Learn (see full report for details). TAG members Tara Fay (Biology), Sandy Pesavento (Education), and Teresa Conte (Nursing) all served on the LMS Group, along with fellow faculty members Maureen Carroll (Math) and Julie Nastasi (OT).

The University has since signed on with Desire2Learn. As VP for Planning and CIO Jerry DeSanto announced in July, Desire2Learn will be available for use in Spring 2014, and Angel will be available until June 1, 2014 (so D2L and Angel will run in parallel in Spring 2014).

Staff members in CTLE and ITDA have been working on an implementation plan. We’ve been asked not to share details yet, since the plan hasn’t been finalized, but the LMS Group will be presenting their plans to the Faculty Senate and Deans Conference in the very near future. We’ll post a conversion schedule here when there’s more information available.

Eugeniu noted that CTLE plans to do some pilot course conversions with several faculty members early on in the process – particularly faculty members whose Angel courses have a lot of specialized content.  (Tara has already volunteered to be one of the pilot participants.) There will be trainings and demonstrations available for faculty.  Let TAG know if you have questions or requests related to the LMS transition and we’ll pass them along to CTLE and ITDA.

Website Proposal Group (Dave)

Dave, Jeremy S., Kristen, and Katie met with Hal Baillie, Jerry DeSanto, Gerry Zaboski, and Vince Carilli in May to discuss the Website Maintenance Proposal that members of TAG drafted last year as a solution for the complex issue of maintaining and updating departmental websites. All parties generally agreed that maintaining departmental websites is a serious issue affecting recruitment of students and faculty, but unfortunately a new position (full time or part time) is not an option. TAG will table this issue unless we come up with other options to explore.

On a related note, during the switch to the new responsive design for the University website this summer, some departments were prepared for the conversion and had sized images uploaded in time, but others did not.

Acceptable Use Policy (Dave)

The Acceptable Use Policy drafts are moving forward and will go to the University Governance Council and the Faculty and Staff Senates this semester.

Identity Finder (Kristen)

At our April 2013 meeting, IT Services Director Jim Franceschelli and Information Security Director Adam Edwards brought a proposal for Identity Finder Automated Scans to TAG for faculty feedback. TAG shared two main concerns from faculty:

1) Decreased performance of computers during Identity Finder Scans — Adam had explained that the automated scans would be implemented with IT staff members first, so that he’d be able to smooth out the process before implementing with faculty. Jim noted that the staff rollout had gone smoothly and IT Services had not received any complaints about decreased performance. The *first* Identity Finder scan tends to take the longest, but subsequent scans are quick.

2) IRB data – concerns that Identity Finder scans of machines storing human research subject data or client files would breach subject confidentiality. We were working over the summer on preparing recommendations for faculty members who store IRB data on how to encrypt and password protect their data folders, such that the data would be protected from Identity Finder scans but (perhaps more importantly) also from external malicious attacks. Kristen will check in with Adam to find out the status of the recommendations.

All TAG members in attendance volunteered to serve as pilot participants for faculty implementation of Identity Finder prior to full rollout.

Jim recommended that faculty members run their own Identity Finders scans ASAP due to the increase in malicious attacks on campus computers — IT Services can clean and return faculty desktops much more quickly if a recent Identity Finder scan has confirmed the absence of confidential or sensitive data.

Information Resources Advisory Council (Kristen)

IRAC will meet twice this academic year, in October and March. TAG normally sends two faculty representatives to IRAC meetings. Paul Cutrufello volunteered to continue serving on IRAC this year. Andrew LaZella volunteered to serve as the second representative depending on the schedule for IRAC meetings. Kristen will contact Robyn Dickinson for IRAC meeting dates.

3. Items for Discussion

University Website Changes (Kristen)

During the summer, there were several major changes to the University’s web presence. Kristen opened the floor for feedback or comments on these transitions:

  • Academic server (academic.scranton.edu) decommissioning — Kristen worked with Adam Edwards in Information Security to reach out to faculty members who still had content on academic. CTLE offered support for faculty who needed help moving their content, generally recommending that faculty members use existing templates in the University’s content management system (CMS). While the transition seemed to go smoothly, there is still a need for a place or host for faculty and student web development. At least one faculty member had needs that could not be fulfilled in the CMS.
  • Responsive redesign of www.scranton.edu — There are several reports of templates not quite making a smooth transition – e.g., Faculty/Staff pages like the History Department’s, dropdown links on the Provost’s website, etc.
  • m.scranton.edu takedown — The Library had issues with this, but TAG members hadn’t heard any other concerns. [Update 2014-02-12: Lori Nidoh in PR clarified that m.scranton.edu had not been taken down. Instead, automatic redirects had been implemented.]
  • my.scranton.edu (Luminis) upgrade — TAG members reported several ways in which the new interface unintuitive. Student schedules are difficult (for students) to find, as are the Faculty/Staff directory, class rosters, and course evaluations. However, TAG members agreed that by now most people have figured out where links are, so we don’t want to request changes to the Faculty Tab at this point.

WordPress (Kristen)

The University set up a local WordPress network in late 2011. It now hosts admissions blogs, the Library blog, and the History Department blog. IR staff members had indicated that they were working on developing guidelines for how the WordPress network could be used and creating a process through which sites on the network could be requested.

In the meantime, several faculty members have requested WordPress sites for other uses – internal collaboration, classroom use, etc.  To date, while internal collaboration requests have been accommodated, IR has denied requests for classroom use. Jim explained that IR is working on determining what level of support they can provide. For example, while supporting one faculty member’s WordPress site would not be time intensive, supporting 30-40 classroom sites would be an issue — whose job does this become? There are also other issues IR wants to consider before providing class-based WordPress support – e.g., archiving student work, providing access and security, etc.  IR’s preference would be to provide support for classroom blogs via Desire2Learn once we convert over from Angel. Kristen asked Eugeniu if one of the D2L faculty pilots could include a blogging feature so that faculty members can see what blogging features are or aren’t available in D2L.

IR staff members are meeting to discuss the WordPress service in a few weeks. Kristen asked if faculty members can participate in this conversation, and Jim said that he will let TAG know when faculty input is needed. TAG will expect to see drafted language on service levels for WordPress at our November meeting, in the hopes that the service may be available for use in Spring 2014.

TAG Senate Status (Dave)

Dave (as TAG’s Faculty Senate liaison) reported that Senate president Rebecca Mikesell would like to propose that TAG become a full Senate Committee, (possibly called the Technology Advisory Committee). The membership criteria would be the same as we discussed last year for TAG as a subcommittee of the Academic Support committee — that is, flexible membership aiming for representation from CAS, PCPS, KSOM, and the Library, with at least one faculty Senator, who will serve as TAG’s liaison to the Senate. Dave noted that if TAG is a full Senate committee, TAG’s Senate liaison will serve on the Senate Executive committee.

TAG members had no objections to the proposal, which will likely be brought up for a vote at the September 13 Senate meeting.

4. New Business

Jim gave us some quick updates on changes that will affect or interest faculty:

  • Desktop computer logins — by the end of 2013, logins for desktop computers will change to the user’s R number and my.scranton password – so users will not have to remember a separate desktop password. This is part of the continued implementation of Active Directory authentication.
  • Google Chrome browser — IR will begin providing Google Chrome to University computers via KBOX. There are still some details to be worked out on this – Jim will let us know when it will happen and what will happen for users who already have Chrome installed.
  • Office 365 — We converted to Office 365 from Live@Edu over the summer. We’ve already benefited from increased email storage space and access to “lite” cloud versions of Office software. We will see a few new features later this fall, including Lync instant messaging and SharePoint collaboration software.

Kristen and Dave will meet with Jerry DeSanto, Robyn Dickinson, Lorraine Mancuso, and Jim on September 25 for a full “road map” discussion of what’s coming this year from IR for faculty.

The meeting adjourned at 2:50pm – TAG will reconvene on Wednesday, October 2 at 2:00pm in LSC591 (CTLE Conference Room).


Comments : Leave a Comment »
Tags: , , , , , , , , , , , , , , , , , , , , , ,
Categories : Angel and Desire2Learn, Announcements, CMS and University Website, Minutes, Website Proposal

Identity Finder and confidential data

14 04 2013

At our last TAG meeting, IT Services Director Jim Franceschelli and Information Security Director Adam Edwards invited faculty feedback on their Identity Finder Proposal on Automated Scans. For those just joining us, Identity Finder software scans your (Windows) computer for sensitive, unsecured Personally Identifiable Information (PII). The Information Security Office and IT Client Services are jointly proposing implementation of weekly, automated, required Identity Finder scans (see the proposal for details). During the meeting, TAG members shared some concerns about scheduling and performance effects. After the meeting, we received additional concerns from Bryan Burnham (Psychology), a member of the Institutional Review Board, that Identity Finder scans of machines storing human research subject data or client files (from a counseling practice, for example) would breach subject confidentiality. Concerns are paraphrased here:

There are privacy issues related to data collected on human research subjects that must be considered before automated Identity Finder scans of machines can occur. Specifically, we (IRBs, DRBs, PIs – primary investigators) ensure complete and total privacy of our human research subjects’ data, especially sensitive information (names, emails, Royal IDs, social security numbers), some of which is undoubtedly stored on computer hard drives. [The same is true for client files maintained by counselors or clinicians.]

“Subject confidentiality” means that knowledge of a person’s participation in a research study is between the human subject and only the PI. That is, a subject is guaranteed by the PI that knowledge of their participation as well as their personal and sensitive data will not be open or available to any third party – meaning anyone not associated with the research project. The automated Identity Finder scans would, in effect, view confidential human research subject data and client information that, by definition, cannot be viewed by others.

It should be noted that the Identity Finder reports that the Information Security office receives are redacted, showing a masked version of a potentially problematic file and the location where it was found, and are only accessible to the Information Security Director (Adam) and the Information Security Engineer (Scott Finlon). However, Bryan noted that the scan itself is the issue: third parties (including other University divisions/employees and University-owned software) are not allowed to access or see confidential subject information.

Bryan, Jeremy, Kristen, Adam, and Scott got together on Friday to get a better understanding of this issue and what options there might be for general campus implementation of automated Identity Finder scans without violating subject confidentiality.

We discussed a few options that IR and TAG  could consider for Identity Finder, each with varying advantages/disadvantages. A significant complication, however, is that at this point we don’t know how many researchers on campus have this kind of data, where it’s stored (faculty, staff, student, and/or lab machines? cloud storage?), and whether it’s encrypted or otherwise protected against security breaches (malicious or inadvertent). Bryan stressed that researchers are responsible for their own data and for ensuring subject confidentiality, and neither the IRB nor the University can impose or require specific data management practices, at least under current IRB policies.

Scott noted that the Identity Finder question is only the top layer of broader issues of privacy, security, and digital records management on campus, and that research data stored on a researcher’s hard drive or in cloud storage could be vulnerable to external attack. Both Adam and Scott mentioned that Identity Finder, used appropriately, could help researchers protect subject confidentiality by locating vulnerable information and prompting the researcher to take further steps towards securing it. We agreed, though, that educating researchers about data security and encouraging more secure data management practices (encryption, password protection, etc) will be a longer, more involved, and more inclusive conversation – but a conversation that needs to happen nonetheless.

Next steps: Bryan will bring this discussion to the IRB at their April 16th meeting for additional input and will share any relevant guidelines from grant agencies (e.g., Department of Health & Human Services), and his and others’ own digital data management practices. Adam and Scott will reach out to Identity Finder and other university security offices re: how others have handled this issue. They are willing to continue discussing accommodations for researchers storing sensitive data, if we can find all of them or somehow get them to self-identify. TAG might be able to help survey the faculty on this question (yes/no/unsure) – multiple outlets should be used to try to catch everyone’s attention. The IRB, ORSP, and TAG may want to coordinate a faculty forum on this topic.

We’re still early on in this discussion, so please contact TAG if you have any insight, concerns, or questions that we might not have considered yet.

 


Comments : Leave a Comment »
Tags: , , , , ,
Categories : Announcements, Network and Infrastructure, Security

TAG Meeting 2013-04-03

3 04 2013

TAG met for our third and final Spring 2013 meeting this morning, and it was a meaty one. Here’s what’s going on:

1. TAG Leadership for 2013-2014

Continuing the discussion from our March meeting, we’ve officially agreed to move to a rotating, 2-year-term, 2-co-chair leadership model for 2013-2014. Jeremy and Kristen nominated Dave (currently a Faculty Senator) to take over for Jeremy as co-chair in 2013-2014 and serve as TAG’s liaison to the Faculty Senate. We held a not-quite-strictly-parliamentarian vote among the faculty TAG members present, which passed with no audible or visible dissent, so Dave will start his 2-year term in Fall 2013… or more likely Summer 2013. Kristen will stay on for 2013-2014 and then rotate off, to be replaced by a new co-chair in 2014-2015.

2. Identity Finder Automated Scans

Jim brought Adam Edwards, our new Information Security Officer, with him to the meeting to talk about an Information Security Office/IT Client Services Identity Finder Proposal on Automating Scans. For those just joining us, Identity Finder software scans your computer for sensitive, unsecured Personally Identifiable Information (PII). It’s been installed on faculty computers since 2011 (Windows only – Mac and Linux users can skip this part). To date, the scans have been encouraged but entirely voluntary and entirely user-initiated.

The Information Security Office and IT Client Services are jointly proposing implementation of weekly, automated, required Identity Finder scans (see the proposal for details). Adam explained the rationale — if IR knows where sensitive data is stored on campus, it’s easier to protect that vulnerable data and avoid embarrassing FERPA violations. It’s also easier and faster to fix and return malware-infected machines if IR knows whether or not the machine had any sensitive data on it. Here’s how the proposed scans would work:

  • Every Friday at 12:30pm (or the next time your work machine was turned on), Identity Finder would automatically begin a scan.
  • Scans would be limited to only certain types of sensitive data – e.g., Social Security numbers, drivers’ license numbers, credit card numbers, and birth dates.
  • The Information Security Office would receive reports on the scan results. Adam would see the number of hits, and a masked view of the PII found, but he would NOT be able to see the file or the full PII picked up in the scan.
  • If a computer frequently had many hits identified, Adam would reach out to that user to help them better manage their sensitive data (so that the Information Security Office’s efforts would be focused on the largest sets of the most vulnerable data).

Adam has been testing with a small group. This Friday he’ll be rolling out the automated scans to all PIR staff members for another 2-3 weeks of testing. Adam noted that they are working on finding the most effective and efficient ways to scope the scans to minimize scan time.

TAG members mentioned a few concerns:

  • Scan length and performance effects — Kristen and Kim had run test scans on their machines that took much longer than expected (Kristen’s was 7 hours and 45 minutes, with a noticeable impact on performance).  Jim said that the subsequent scans are much faster, since you can set Identity Finder to ignore locations with many false positives – his scan takes about 3 hours. With respect to performance, Identity Finder does have a throttling capacity, such that it is not supposed to impact other applications. Adam explained that continued testing with PIR will help him make the scans faster and less noticeable.
  • Scheduling — Kevin and Katie noted that many faculty members (and their computers) are not on campus on Friday afternoons, especially if a scan needed multiple hours. We discussed a few options – for example, scheduling for Tuesday or Thursdays during the 11:30-1pm time slot, having an option to skip a scan if your machine had already been scanned within the past week, being able to pause a scan, doing monthly instead of weekly scans, pinging computers to automatically turn on and scan in the middle of the night, warning everyone to run their first scan overnight, etc.

To help resolve some of these issues and identify other areas of concern for faculty, TAG members volunteered to serve as test subjects for automated scans. Adam said that he’d like to work through the PIR staff first but will then reach out to TAG members for additional testing and scoping.

We invite our fellow faculty to contact us with other concerns or questions.  If you’d like to try Identity Finder, it should already be installed on your (Windows) machine, and you can find a Quick Guide for getting started at http://www.scranton.edu/pir/its/identityFinder.shtml.

3. Academic Server Decommissioning

An official memo from IR will be coming out in the next few days announcing a timeline for the decommissioning of the academic server (academic.scranton.edu), which has been in the works since mid-2011.  The server has been heavily targeted by attacks, so due to security concerns, academic.scranton.edu will no longer be *public-facing* beginning June 15. Internal access (via a campus IP address) will still be available until August 31 in case users need more time to move content. Adam explained that a firm deadline was needed in order to mitigate the major risk of a supposedly retired server still being public-facing.

Adam would like to work with people who still have public content on the server to migrate to either the CMS or another campus server.  (Content was supposed to have been migrated to the Content Management System (CMS), but there is still some active content there that was not migrated for one reason or another – some of it could not be accommodated within the CMS’s available functionality.) He has already met with the CTLE and the Library about moving the development pages for the Academic Integrity Tutorial. TAG will help reach out to faculty members who still have either individual content or organizational content on academic to determine what needs to be migrated where, and what level of support, assistance, or training is required. Adam will send Kristen information about the remaining directories and a list of faculty usernames connected to content on academic. After the official IR memo comes out, TAG will follow up that communication with those faculty members. (Faculty members who had individual pages on academic were contacted back in 2011 about moving their content, so hopefully most of this migration work is already completed.)

This discussion brought up some broader concerns about web development resources on campus. Tim described some of the difficulties he had finding a home for the Sheep Brain Dissection Guide. Eugeniu mentioned that some faculty members who had migrated their content from academic to the CMS reported that the Google ranking of their page had gone down in search results. The local WordPress server (sites.scranton.edu) might be a new option for student and faculty web development, but the extent of this service is still being discussed. We didn’t come up with any answers on this, but as always faculty members may contact TAG with other concerns, questions, or suggestions regarding web development on campus.


Comments : Leave a Comment »
Tags: , , , , , , ,
Categories : CMS and University Website, Minutes, Network and Infrastructure, Outages, TAG Administrative

IT Forum on Data Security

16 10 2011

Announcement from IR about an upcoming IT Forum:

Classifying, Handling, and Securing University Information

IT Services will conduct an IT Forum on Tuesday, October 25, 2011, at 11:30 a.m., in The DeNaples Center 405, dealing with classifying, handling, and securing University information, both electronic and paper. The discussion will focus on, first, classifying our information into easy to understand categories. Secondly, how to properly handle that information in our daily routines. Finally, we’ll discuss how to secure that information.

October is CyberSecurity Awareness Month and this forum should bring attention to the threats we face each day, with the use of electronic devices. We’ll also discuss the benefits of using Identity Finder, and the SANS Security video training available, as well. Registration is required.

To register, go to: https://ssbprd.scranton.edu/appprd/uis2.log?f=yiaevnt.event .

Lunch will be served.
Prizes will be given.
Jack Williams, IT Trainer, will give the presentation.


Comments : Leave a Comment »
Tags: , , ,
Categories : Announcements, Security, Technology Training

Identity Finder: Coming Soon on KBOX

5 05 2011

Today’s IT Forum with trainer Jack Williams was all about Identity Finder. What faculty need to know:

  • Sometime next week, KBOX will push out a new program to your computer called Identity Finder.
  • Identity Finder is a software tool that scans your computer for unsecured Personally Identifiable Information (PII).  It looks for things like Social Security numbers, credit card numbers, bank account numbers, passwords, etc (full list here) using pattern recognition and contextual analysis.
  • While the program will be automatically installed by KBOX, it won’t run automatically – so you can choose when you want to run it.  Jack recommends running it once each quarter.
  • When you do start the program, it will scan all of the files saved on your computer (including any email and email attachments that you have saved locally) and search for PII.  Jack noted that the scan can take a long time (average 3.5 hours), but you can run it in the background as you do other work.
  • At the end of the scan, Identity Finder will show you a list of any information it has identified as potential PII.  You can then review that report and decide how to act on each item. Options are to “shred” (delete completely from your machine), “scrub” (redact the sensitive information from the document), “secure” (password-protect the file), “quarantine” (save to a secure location, i.e. a folder on RoyalDrive), “recycle” (send to recycling bin), or “ignore” (for false positives – the file will be ignored in future Identity Finder scans).  If Identity Finder picks up PII in a Thunderbird email file, Jack recommends deleting it by going through Thunderbird rather than through Identity Finder.
  • You’re the only person who can review your scan results (there’s no automatic reporting back to IR, for example). When the scan is complete, Identity Finder sends a brief report back to a central management server indicating what PII has been found and what PC it is on.  It does not allow that central server to access the actual files on your machine.  The only people who can access that central server are the staff of the Information Security Office, and they will review Identity Finder reports from a University machine only in two situations: 1) if the security of a machine has been breached, or 2) if the head of a department or area requests the reports to validate the security of machines in their area.
  • Step-by-step instructions will be available here.  Jack has also posted basic and detailed instruction guides (PDF).

Please pass the word along to your fellow faculty members so that no one’s caught off guard next week, and let me know if there are any questions. Thanks!

————–

Updated 5/6/11 with correction from Jim regarding reporting


Comments : Leave a Comment »
Tags: , , ,
Categories : Announcements, Security

IT Forum on Identity Finder 5/5

19 04 2011

We’re all invited to the next IT forum (5/5 from 11:30-1pm) to learn more about Identity Finder.  Here’s the invite from IT Services:

Join us at the next IT Forum set for Thursday, May 5, in Brennan Hall, room 509, for an important and interesting look at Identity Finder. This easy-to-use program will allow the entire University of Scranton community to secure the very important information we have stored on our computers.

Identity Finder looks for those files we keep that may be targets for identity theft and other malicious acts. Files holding Social Security numbers, credit card numbers, driver license numbers, bank account data, passwords and more, can be secured to prevent any unauthorized use of your files or data belonging to the University.

Jack Williams, IT Services Training Specialist, will be presenting. All University personnel are encouraged to attend, and lunch will be provided. Please RSVP by e-mailing ITServices@scranton.edu by Monday, May 2.


Comments : Leave a Comment »
Tags: , ,
Categories : Announcements, Security, Technology Training

More IT Forum updates

19 10 2010

I’ll post the slides from today’s IT Forum when they’re available, but in the meantime here’s what I thought was the most important news from Jim Franceschelli’s talk on “Desktops of the Future”:

  • Windows 7 will be rolling out around November, since Windows XP Extended Support is ending.  IR computers will get the rollout first (probably this month).
  • IR will be setting up standard user accounts on University-owned computers.  These user accounts will limit what applications users can install, in order to make the campus more secure.  MOST applications will be blocked, but some whitelisted applications (e.g., iTunes) will be allowed.  This has me a little concerned – it seems like an area where we’ll need a lot of communication between IR and faculty to make sure that faculty can download and install the applications they need on their desktops.
  • IR will also soon be rolling out Active Directory, a tool that will sync your Windows account – so that you’ll be able to access to mapped drives, etc from any computer on campus.
  • IR is encouraging everyone to delete any personally identifiable information (PII) from their computers.  A tool called Identity Finder will be rolled out soon that will try to locate what it thinks is PII on your desktop and then give you the option to delete or encrypt it.
  • Remote desktop assistance will be available soon – this will allow IR staff members to remotely connect to your system, making repairs faster and making the TSC more efficient.
  • The University is heading towards a virtual desktop environment (where all data is stored on Royal Drive and access to your “desktop” is via a thin client on a terminal).  IR already has the thin client and will be testing it later this month.  The current plan is to set up a prototype lab in January to be tested by users in Spring 2011.

Comments : 4 Comments »
Tags: , , , , , , ,
Categories : Announcements, Network and Infrastructure, Security, Upgrades

Next Entries »