Skip to Content

ITPG Meeting Notes 2011-10-20

Printer-friendly versionPrinter-friendly version

Attendees (26):

John Ajao, Masha Akesnova, Arlene Allen, Kip Bates, Michael Colee, Ken Dean, Bill Doering, Doug Drury, Ann Dundon, Matthew Dunham, Kirk Grier, Karl Heins, Tom Howard, Richard Kip, Dan Lloyd, Shea Lovan, Steve Miley, Bruce Miller, Alan Moses, Ben Price, Andy Satomi, Jason Simpson, Chris Sneathen, Jamie Sonsini, Heidi Straub, Jim Woods

Administrative Items

  1. The 9/15/2011 meeting notes were approved with the clarification that the initial functionality of the eProcurement system would also include SBs, and Vendor Blankets in addition to Low Value purchase orders.

Informational Items

  1.    Campus Calendaring Workgroup

The Recommendation for Campus Calendaring & Collaboration was presented via powerpoint.  Highlights from the presentation appear below:

  • The Work Group was complimented for 50 hours of meetings, which were full of a great level of honest discussion.
  • The recommendation addresses separately the goals of the ITPG and ITOE.
  • The Work Group developed a clear preference for SAAS.
  • They sought input from others on the issues of Data Recovery/Retention and E'Discovery.
  • The recommendations for ITPG:
    • Microsoft Office 365 at the base level (Which is Exchange Online and does not include Collaboration features.)
    • Microsoft Office 365 should become the campus standard for Calendaring
    • There should be a Campus Service & Support Organization.
  • The recommendations for ITOE:
    • Consider Microsoft Office 365 at the Plan A3 level (This includes Microsoft Office Desktop software.)
      • Advanced collaboration features
      • Analysis of campus expenditures on Microsoft licensing
  • The "Service Organization Sandwich" consists of the following:
    • The top layer is the Governance Committee, which is responsible for oversight of service priorities, policy, levels of service, and to align service with funding.  Each Control Point should have a representative on this committee.
    • The middle is the Service Organization, which includes the folks who communicate with Microsoft and with the campus.  Specifically, it would include a Service Manager (who would report to the Governance Committee), Technical Support Staff, and Application Support Staff (Who are similar to "Tier 2 Support".  They would produce documentation, be the conduit to/from Microsoft, and support the Technical Coordination Group).
    • The bottom layer is the Technical Coordination Group, which would operate similar to the CIG (CorporateTime Implementation Group).  There would be one representative per department, and they would be responsible for local department support.
  • An additional recommendation is that the campus fund migration from Oracle Calendar to Office 365.  There are companies that are able to do this, and the migration process is able to keep meeting linkages.
  • With respect to Cross Calendaring:
    • Existing Exchange users should have full cross calendaring fidelity.
    • Google users may have cross calendaring at the free/busy level
    • The Governance Committee can provide guidance on whether additional calendaring systems need to be accommodated for cross calendaring.
  • They recommend implementing a Proof of Concept pilot.
  • UCB is currently negotiating with Microsoft for functionality beyond the Plan A3 level.
  • The Work Group had two concerns about funding:
    • The project should be funded for success
    • The funding mechanism should be communicated widely.
  • Office 365 has only been in production since July 2011.  Microsoft services only commit to 3 9's reliability.

Here are the comments from the ensuing discussion:

  • The costs only include migration of the calendar data (since we assume that we can migrate email locally), but they include support for both calendaring and email services. 
  • Initial support will focus on email and calendaring, and then add other functions.  The Governance Committee will provide guidance, and handling full collaboration might be next.
  • UCB is looking at Microsoft site wide licensing that includes students and researchers.
  • We need aggregation for talking with Microsoft
  • The CIG has been a helpful application support conduit.
  • There is technology to provision at UCSB.
  • Proof of Concept volunteers may come from the existing advisory group or existing customer departments.
  • UCI (and UCB as noted above) are going down same road. 

The recommendation was formally ratified by the ITPG, and will be taken forward to the ITB on 10/28 and to ITOE. 

CIO Report - Tom Putnam - not present

CISO Report - Karl Heins

Based on an audit recommendation, he has put together a Security Plan for the campus.  This plan was presented via a powerpoint slides, and the highlights from that presentation are below:

  • IT Security is ranked 13th overall in the most recent campus risk assessment.
  • For breaches that require notification, the historical cost has been $216 per breached record.
  • Applications that include Health Information and/or Health Insurance Information will be added to the inventory that already includes applications with SSNs.
  • In the next month or two new security awareness training should be released.  This training will only be 30 minutes, and initially will be mandated for all who handle restricted information, but may be extended to everyone.
  • Red Flags is supposed to better enable law enforcement to arrest identity thieves.  He is trying to reduce the number of systems that require Red Flags handling.
  • Whichever FIS is chosen, it will be subject to financial system security.
  • Another 25% of campus departments are to be added to UC Ready's Business Recovery Plan system this year.
  • Whenever a breach is reported, the Credit Card companies call to make sure that no PII was breached.  A PCI Credit Card breach would require more PCI requirements for UC.
  • There is a Physical Access Project that is an effort to standardize building access systems over time.
  • For Network Security there are central pieces and departmental pieces.  The security assessment starts at the department level.
  • Potential future projects:
    • Web scanning tools to focus on high risk areas.  The biggest source of breaches are stolen laptops, stolen desktops and then web hacks.
    • Improve vulnerability scanning, we have Nessus, but we could improve the tools.
    • UCPD is interested in getting a LoJack-type system for student laptops.  (There was concern expressed about the legal follow-through for these types of cases.) 
    • He's had request for a secure file transfer mechanism for exchanging data with UCOP.
       

PPS Replacement Project: He is the campus Project Manager for this project.  It is moving fast.  UCOP is hiring staff at their Program Management Office.  Oracle wants more information sooner rather than later, which will require more effort now.  They are working on blueprinting and configuration.  A key piece will be the creation of a UC-wide service center to handle HR questions.  Tricia will be working on that for UCSB.  The subject matter experts have already had some training.  The local team includes Ron Cortez, Cindy Doherty, Doug Drury, Tricia Heimstra, and Jim Corkill.  We can participate in the decision making process, but we won't migrate until the 2nd or 3rd wave.  They are looking for a new name for the PPS Replacement Project.


Subcommittee Reports

Backbone Engineering Group (BEG) - Elise Meyer for Glenn Schiferl

They have not met since our last meeting, and nothing has been scheduled.

Security Working Group (SEC-WG) – Kevin Schmidt/Karl Heins

They have not met since our last meeting.

Web Standards and Content Working Group (WSG) - Ann Dundon

They last met on 10/4/11.  On 10/7 they held a lab-based training tutorial on Web Site Accessibility given by Rain Breaw.

UCOP has purchased the AMP accessibility tool to be available to all of the campuses.  There will be training on this tool 11/2-3 at UCSD.  There are 10 slots available for UCSB staff, and currently only 2 have signed up.

UCLA's Mobile Web Framework has now been set up at UCSB hosted by the Library.  Contact either Ian Lessing or Joe Sabado with questions. 

ITPG Communications - Ann Dundon

They last met on 10/13.  The update on the shared IT training effort is that UCLA has proposed a system-wide license for lynda.com to TAS.  Arlene said that separately, she had been talking with Howard Giles from lynda.com and had arranged for 20 accounts that could be used for a 6 week trial.  This trial should be moved to the subcommittee, and the first thing they should do is develop an evaluation process.

Identity Management Subcommittee (IdM) - Matthew Dunham/Karl Heins

They last met on 10/5.  They decided to change the policy regarding email address promotion for those with both "student" and "employee" affiliations.  They discussed the granularity of the "associate" demographic, which includes contactors, visiting scholars, library patron, and extension students.  They also discussed the Identity Annex, which allows delegated provisioning of guest demographics, e.g. only the Library can create library patrons.

In other news, they are now getting UC Trust rolled out.  They are looking for branding suggestions for the UC Trust inter-campus federation.  The existing intracampus federation that will replace Netpoint will be called Espresso and is being sponsored by Administrative Services.  

Join the ldap-customers mailing list for change announcements and other customer communications on LDAP authentication & directory services.

Campus Calendaring Workgroup - Jamie Sonsini

Liaison Reports

Information Technology Board (ITB) – Richard Kip

Their last meeting was on 9/15.  As requested by the ITPG, Richard took forward the issue of a lack of communication about the governance for the North Hall Data Center.  Arlene sent an email to the list and has posted a FAQ on the NHDC project site that addresses some of these questions.  On the Campus Calendaring Work Group's question of whether to send forward a recommendation for one or two solutions, the direction received was to submit a recommendation for one solution.

Enterprise Information Systems Planning Group (EISPG) – Lubo Bojilov

They have not met since our last meeting.

Academic Technology Planning Group (ATPG) - Alan Moses

Their Fall Quarter meeting is 10/24.

Research CyberInfrastructure - Arlene Allen

They have not met since our last meeting.

OE IT Structure and Governance Team - Richard Kip

Their next meeting is on Halloween.  They are trying to figure out campus IT processes, and after that trying to determine the best way IT should be governed.  Their charter was given to them by the OE committee.  Their goal stated in the OE Orientation IT Committee Presentation Slides. (NB: Their goal is "Develop a proposal for a new IT governance structure that will work within the context of our decentralized and distributed IT infrastructure, and will promote greater coordination, communication, and support of central IT goals of the campus.")

Project Reports - a brief report or location where projects will be located

Financial Information System (FiS) - Doug Drury

The project has engaged two different consultants to review our options (IBM is looking at Oracle, and Rsmart is looking at Kuali).  Their results are due in a couple of weeks.

Student Information System (SiS) - Lubo Bojilov

Collaborate - Alan Moses

Technology Infrastructure Fee - Elise Meyer

Our analysis has determined that including faculty summer salary records doesn't make a big enough financial impact, and does add significant complexity, so we will be consistent with UCLA and not include summer salary records for TIF purposes.  We plan to put the proposal out for review prior to the next ITPG meeting.  As part of the review process, we have developed a tool that allows departments to redirect TIF charges.  This tool will be available to departments during the review period.
 

North Hall Data Center - Arlene Allen

The North Hall Finance Committee has now reached resolution on the remaining items.  Please see the Draft Service Description on the North Hall Data Center Project (documents are listed on the right hand side of the screen.)  Question: Will NHDC occupants need to request fiber to access their systems?  Answer: No, network access to the NHDC will be via the campus backbone network.  There also will be 10 Gbps within the data center.
 

Discussion Items

Member Announcements

To support their SIS project, Student Affairs is in the process of hiring 12 CNT IIIs, some of these are existing positions, and some are part of divisional plans.  They are pooling applicants by level to be able to do multiple hires.

LSIT (Bill Koseluk): There will be a SLAC (Software Licensing Advisory Committee) reconvening meeting on October 25th.  Should this become another ITPG subcommittee?