InfraSec 04.08.15 Minutes

Attending:

Lisa Blake, Ed Zawacki, Allen Randall, Phil Reiter, Yilmaz Bal, Craig Jackson, Mike Kirda, Sandeep Dath, Ron Fernandez, Bala Ramaraju, Jason Maslanka, Kevin Price, Julio Chavarria, Kevin Shalla, Chris Barton, Mat Willis, Marcin Hiolski, Brian Ng, Jay Dean, Sarah Ritch, Cynthia Herrera Lindstrom, Therese Molina, Ashok Benet, Jonathan Kupferer, Ernesto Reyna, Andre Pavkovic, Frank Cervone, Mark Goedert

  • Information & Discussion
    • Rate & Funding
      • WTC presented to IT Governance Council on what is included in service bundle, what rates would be
      • Discussion on how to track which departments are using what services
      • Goal is to implement this as a pilot in FY16
      • More work needs to be done on the strategic plan roadmap
    • Service Catalog
      • A survey will be sent out to the committee for feedback on existing services
      • Goal is to review services and determine the level of necessity for each
      • Discussion of what the definition of a service is
    • COBIT Framework
      • Presentation on framework for governance and operations working together
      • Overview of COBIT 5
      • Goal is to balance value, benefits, and risk
      • Discussion of how COBIT could help mature the governance process
    • Linux Support & Licensing
      • Linux is changing their funding model to match a number of FTEs, increasing costs for UIC
      • ACCC will switch infrastructure to CentOS 07, which is very similar
      • Discussion of RedHat, Virtual Machines, concerns, and consequences
    • HR Conversion/Job Analysis
      • Members expressed concern over reclassification of Access Points
      • Discussion of proposal addressing misclassified hiring with HR
    • Box Team Folders
      • Box users at UIC cannot create groups, only Box administrators can
    • Unified Communications & Automatic Call Distribution/Auto Attendant Systems
      • A consultant will be brought in to analyze campus requirements
  • Security
    • University Information Security Office/Security Program
      • At a meeting with the University Information Security Officers, the group received positive feedback
      • Discussion of policies and related issues, what role the committee should play in implementation
      • Modifications to policies have been proposed, will be shared with committee for a vote
    • Health Insurance Portability & Accountability Act/Privacy and Security
      • Training in the hospital is being updated, not yet shared with committee
      • Goal is to put HIPAA training in Blackboard for campuswide use
      • Committee continues to review BAAs
  • New Business
    • Password Expirations
      • Password expirations will be enforced within a year
      • A communication plan will be put in place
    • Data Governance Committee
      • A proposal is being drafted to create a fifth IT Governance Council committee focusing on data
      • Members are asked to review this and provide feedback at the next meeting