InfraSec 12.13.17 Minutes

Attending:

Frank Cervone, Phil Reiter, Marcin Hiolski, Ed Zawacki, Kevin Shalla, Ian Huggins, Sandeep Dath, Jason Maslanka, Therese Molina, Bala Ramaraju, Lalo Camacho, Esteban Perez, Allen Randall, Mark Goedert, Kirsten Pielstrom, Dean Dang, Ateeq Rahman, Lisa Blake, Elizabeth Romero, (Education), Dan Pollack, Ron Fernandez, Ashok Bennett, Matt Miller, Ilir Zenku, Vinay Surpuriya, Andre Pavkovic, Chris Barton, Pedro Valencia, Mike Kirda, Heather O’Leary

  • Updates from Other ITGC Committees
    • Intro
      • Noted that the chairs of the ITGC committees meet regularly to discuss what each committee is working on
    • Education
      • The Education Committee is looking at sustainable printing at UIC
      • They started by looking at how much printing is done by students and realized that students make up a small portion of printing compared to faculty and staff
      • Noted that this effort is not directly related to the Ink printing pilot, but some information for an Ink evaluation survey is being used
      • The committee is looking at a way for faculty to request tools that they may need for teaching
      • If committee members are interested in joining these efforts, they should reach out to the chair of these subcommittees
    • Admin
      • Noted that the committee has concerns about the lack of strategy for how administrative systems are handled
      • Suggested that the committee keep this issue in mind as they consider related items
  • Ongoing Reports and Discussion Topics
    • Rate and Funding
      • Noted that the Rate and Funding Committee met to discuss the FY18 rate and how ACCC is calculating the rate
      • FTE accounts were questioned
      • ACCC is working to develop long-term plans for the rate in furfure years
      • Suggested that the committee is largely composed of admin/finance people and should include more T staff to consider strategy and what services are included in the rate
      • Suggested that there is not consensus between the departments on how to decide what is included in the rate and how funding is provided
      • The committee had some discussion on how costs beyond the FTE rates will be covered
      • There are concerns about transparency around central funds and what they are being applied to
      • Suggested that this issue must be addressed for FY18, but there is some urgency since the FY19 rate is already being prepared
      • The purpose of the committee and how they are working to set a rate was questioned
      • Suggested that the rate has been aimed at covering current service costs
      • Noted that more work needs to be done to consider long term needs and service priorities
      • Suggested that the charge of the committee is not well defined
      • Further discussion on the role of the committee and how to decide what goes into the basic bundle
      • Suggested that IT Governance should be the group determining what goes into the basic bundle
      • Suggested that the InfraSec committee should review the ACCC service catalog
      • Suggested that the rate and funding committee should be formally integrated into the IT governance structure
      • Concern was expressed about who decides what is in the bundle and how InfraSec can address this issue
      • Suggested creating a subcommittee to work on this
      • The basic bundle list will be sent out to the committee
      • Noted that the hospital has a different rate from the rest of UIC
      • Motion to create a subcommittee to review the basic bundle of services for rate and funding, seconded, no oppositions voiced
    • Azure/AWS/POC
      • Suggested that the cloud services are not ready yet
      • Meetings have been conducted with representatives from each university to discuss how to rollout these services
      • Noted that there are unresolved issues around billing
      • Discussion of billing models and what they might look like
      • Suggested that subscriptions will be set up for each unit and there will be policies around how the services can be used
      • Suggested that there is not a launch date set, but the project is in feasibility
      • The contract goes for two years starting in October
      • How to get involved in pilots/use cases was questioned
      • Suggested that once the portal is available volunteers will be asked for
      • Suggested that units need to plan for the future rather than wait for services to be made available
      • Suggested that units begin training on these services now to prepare to use them in a year
      • Discussion of training opportunities
      • Suggested that ACCC is working to set up a billing system that allows the bill to go straight from the vendor to the client
      • A general timeline on when these services will be made available was requested
    • 2017 HIPAA Audit
      • A brief overview of the HIPAA compliance of the HSCs was given
      • ACCC is working with IT directors in those units to address audit findings
      • Suggested that the end point management discussion is relevant to one of the findings and that the security program addresses many of them as well
      • Noted that, for units outside of HSCs, there will be changes that affect them
      • Discussion of audit process
    • Project Reporting
      • Requested greater project visibility on the committee
      • Suggested that the committee should not get involved in operational issues, but should help set strategy
      • Discussion of what the committee would like to see
      • Further discussion of how to improve the committee’s understanding of how ACCC resources are being used
      • A new report will be drafted to address committee concerns
    • AITS Realignment
      • Noted that there were a number of working groups formed by AITS that looked into what it would take to reallocate specific resources from AITS to the universities
      • The working groups created proposals which are being considered by the CIOs
      • Suggested that, if the proposals go forward, a number of services would come to ACCC
      • Discussion of how these changes might affect ACCC and UIC
      • Noted that the proposals were reviewed by the IT Leadership team in detail, but there is still more to be considered
    • Security Policy Rollout
      • Noted that the subcommittee did not meet due to the UISO meeting
      • Suggested that there have been issues about how consistently security training has been implemented across the university
      • It was asked how best to collectively provide for better support for training
      • Suggested that ACCC centrally manage training for consistency
      • Suggested that deadlines can be set and Audits enforce compliance
      • Further discussion of how training can be improved
      • Suggested that there need to be consequences for those who do not complete training on time
      • Suggested that ACCC will set a date for units to roll out training
      • Questioned how consequences used for not completing other trainings coul be used for security training
    • End Point Management
      • Suggested that the committee is evaluating a number of systems and working to get it down to three to share at the next meeting
      • KACE and Kaseya are possibilities
      • Some features of the different options
      • Suggested that there is an evaluation form being used for each option
      • Noted that a decision must be made urgently
  • Announcements
    • Exchange Migration Deadline
      • Noted that the deadline for migration has been extended to January 29, 2018
      • More deadline communication will be going out soon

InfraSec 11.08.17 Minutes

Attending:

Jason Maslanka, Matt Miller, Kirsten Pielstrom, Phil Reiter, Esteban Perez, Mark Goedert, Elizabeth Romero, Allen Randall, RIMS people, Shannon Redden, Ernesto Reyna, Bala Ramaraju, Therese Molina, Bob Sandusky, Mike Toussaint, Ron Fernandez, Marcin Hiolski, Andre Pavkovic, Doug McCarthy. Kim Charles, Ed Zawacki, Chris Barton, Lisa Blake, Mike Kirda, Heather O’Leary, Julio Chavarria, Daniel Paz-Horta, Miguel Martin, Dan Pollack, Deric Criss, Brent West, Ashok Bennett, Lalo Camacho, Ilir Zenku, Ian Huggins

  • Service Issues and Updates
    • UIC Red Infrastructure
      • A brief overview of the Red project was given
      • Noted that the provost had set a deadline of migrating everyone to the new platform in two years
      • Suggested that work has been done with the Web Advisory Committee to address needs, currently working to determine the priorities of these needs
      • Suggested that work is being done to keep up with immediate need and require additional resources to move forward on others
      • Suggested that the goal of moving into Red is to create a common interface and experience for users and templates in Red are limited to maintain the UIC brand
      • Noted that speed and support of Red is being discussed
      • The provost set the deadline and communicated it to the deans
      • Discussion of committee concerns about Red and that public facing sites should be on Red while others may link to Red sites
      • Further discussion of need for analytics
      • Discussion of defining the scope of the Red migration
      • Documentation of the project was asked for
      • Suggested submitting a request for a formal project manager
    • RIMS
      • Noted that a task force for digital content was created by the UI IT LT with a designee from every CIO
      • The group is currently working to address data that is left behind when employees leave
      • The group is looking at use cases and potential solutions and will create a policy for data retention
      • Discussion of off-boarding policies in different departments and the need for improvement
      • Discussion of need for better process to have HR notify IT of off-boarding
      • Further discussion of concerns around data access
      • Discussion of how the policy would be implemented and the process for approving it
      • Noted that there is a feature in Exchange to set retention on individual folders
      • Discussion of email retention and what should be stored
    • Rate and Funding
      • ACCC met with the Rate and Funding advisory committee to gather feedback on the rate for FY18
      • Regular meetings with the committee are being scheduled and the group will work on a process to prioritize the services that are included in the basic bundle
      • An email will be sent to the committee listing the committee membership
      • Discussion of membership
      • Discussion of involving InfraSec in determining the services provided as part of the basic bundle
      • Suggested that InfraSec have a chance to review the included services as part of the annual process
      • Discussion of how best to get IT input
    • Exchange Migration
      • Some statistics on migration were shared and noted that communications that had been sent out increased the number of migrations
      • Discussion of specific cases
      • Noted that mail will be maintained on the servers for a short time after the deadline
      • Discussion of email forwarding and related issues
  • Shared Services
    • End-Point Management Working Group
      • Noted that the group looked at a Garner guide which listed approximately twenty end-point management services
      • The technical group identified seven potential vendors which will be reviewed to make a final recommendation
      • When asked how the committee would like to provide input on the vendors being considered, it was suggested that the subcommittee make a recommendation to the InfraSec committee
      • Discussion of next steps, once a recommendation is made
      • Noted that there is currently no service offering of SCCM from Urbana
      • Some end-point management services have been offered by Urbana but do not meet the needs of UIC
      • Noted that there is some urgency in finding a solution to meet university risk management requirements
      • Once a recommendation is made, it will be sent back to the requirements group for review
  • Strategic Issues
    • HIPAA Audit
      • There was a HIPAA audit of the HSCs and a report was generated
      • Recurring meetings with HIPAA liaisons have been set up to address the audit findings
    • Cloud Computing
      • Working on completing security policies to be able to roll out the service
      • No timeline is currently available
    • IT Strategy
      • Mentioned that the IT Strategy document was presented to the Main Council at their last meeting
      • Noted that the Council made some suggestions such as including UI Health, which will be worked on
      • Noted that the chairs had additional comments and would like to meet with the CIO and integrate all of the comments into the final draft of the strategy document
    • iLeCT
      • Noted that there is an upcoming iLeCT event on Outlook calendars and meeting management, members were encouraged to attend
      • Another upcoming event at SPH on emotional intelligence was mentioned
      • Committee members were encouraged to consider their staff members who may be interested in joining iLeCT
  • Subcommittees
    • Security Program
      • Noted that the UISO Q5 meeting is upcoming, an email announcement went out
      • UISO rollout documents are available in the subcommittee folder
      • Noted that the security program timeline has been adjusted
      • Suggested that the subcommittee has a goal of increasing UISO community interaction
      • Discussion of changing language of “quarters” to “phrases” in the security program timeline
    • Regional Sites
      • The subcommittee is looking at a way to look at student IT fees
      • Questioned how to find out how the IT fees are being spent on UIC’s campus
      • The annual meeting of the Student Fee Advisory Committee, where the library and ACCC share how the fee was used in the past year, and plans for the upcoming year were spoken of
    • Risk Management/Risk Assessment
      • Suggested that email communication will be going out
    • Digital Signage
      • A solution is being worked on
  • Announcements and Updates
    • Symantec
      • Suggested that Symantec at AHS has been deployed
    • VM Servers
      • Suggested that work is being done to move VM servers to the new infrastructure but it will take time
    • Encryption
      • Noted the ongoing problem of encryption not working on Apple OS will be looked into

InfraSec 10.11.17 Minutes

Attending:

Frank Cervone, Marcin Hiolski, Shannon Redden, Daniel Paz-Horta, Ateeq Rahman, Allen Randall, Mike Kirda, Phil Reiter, Matt Miller, Miguel Martin, Julio Chavarria, Lisa Blake, Scott Rozman, Dan Pollack, Elizabeth Romero, Mike Toussaint, Vinay Surpuriya, Lalo Camacho, Therese Molina, Bala Ramaraju, Mark Goedert, Andre Pavkovic, Doug McCarthy, Kevin Price, Chris Barton, Kirsten Pielstrom, Esteban Perez, Janet Shaw, Heather O’Leary

  • Service Issues and Updates
    • 2FA for HRFE/PARIS
      • A presentation on 2FA updates was given
      • Noted that there was an internal audit finding related to Banner
      • Customer impact of implementing 2FA and security needs, policy related to using phones vs. tokens, and risk and contingency were gone over
      • Suggested that there is not yet a deadline for expiring temporary waivers
      • Suggested that a team may start to look at these metrics
    • Exchange Migration
      • A presentation on the current status of the migration was shared
      • Communications will start going out to those who have not migrated
      • Discussion of how to migrate mail for those who have not migrated by timeline
      • Suggested that there is a privacy and security issue with having department IT migrating mail on behalf of a faculty or staff member
      • Suggested that accessing names of those who need to migrate is available in PB
      • Reasons why emails are initially rejected before being scanned were listed
    • Unified Communications
      • Suggested that the committee members had been added to the WebEx pilot
      • ISE has been rolled out and VPN is currently being worked on
      • Spark is also coming soon and will also be piloted
      • Cisco Unity is coming in order to get voicemail off of Asterisk and is currently waiting on funding for licenses
      • Noted that ITGC meetings will switch to WebEx in January
      • Discussion of extra tools on WebEx
      • Discussion of ISE and possible uses
      • Suggested holding a separate meeting to further discuss Unified Communications once these services are made available
    • Cloud Services
      • Noted that the contracts are still under discussion
      • Mentioned that Pharmacy had met with Microsoft to discuss Azure
      • Capabilities, monitoring, training, and pilot opportunities were gone over
      • Noted that ACCC is working on the process to get units access to Azure
      • Noted that contracts with AWS and Google are in the works and will be made available eventually
      • Suggested that communication be sent about how to start with Azure
    • IAM
      • A presentation on IAM was given, noting that it has been a year since OIDPW went live
      • Upcoming changes and NetID and password statistics were gone over
      • Next steps, including a midpoint upgrade which will cause a short outage, were outlined
  • Shared Services
    • End-Point Management
      • Suggested that the working group has been working on updates and looking at different vendors and options
  • Strategic Issues
    • End-Point Management Strategy
      • Suggested that, in order to comply with HIPAA regulations, end-point management strategy is necessary
      • A presentation outlining the current situation, issues with different OS models, and possible solutions was given
      • Suggested that there is a need to get numbers from each unit to be able to assess needs
      • Suggested to consider the cost of labor in managing whatever solution is selected
      • Discussion of various concerns about the EPM and how to best implement a solution as well as FTE needs
      • Proposed that, when a recommendation comes from the working group, that all members participate in order to find a solution as soon as possible
    • Rethinking IT Governance
      • Suggested that over the next year, the structure of IT governance at UIC will be re-thought
      • Volunteers who would be interested in participating in a working group were asked for
  • Subcommittees
    • Web Tech Governance
      • Noted that the subcommittee is working to get all UIC websites onto the HTTPS protocol to avoid getting a not-secure warning from Chrome and increase trust in UIC websites
      • The subcommittee is asking for analytics from units across campus to determine who needs to switch over
      • Guidelines will be posted on the web tech governance website
    • Risk Management/Risk Assessment
      • Noted that the survey that will be going out is being worked on
    • Digital Accessibility
      • Noted that some new members have joined this subcommittee
      • Working to redesign the access website into the new UIC Red platform and better organize accessibility
      • Planning to use an enterprise web accessibility evaluation tool
    • Security Program
      • The new subcommittee chair was introduced
      • Suggested that the subcommittee updated their bylaws
      • Noted that the fifth rollout document has been completed and they are working on the sixth rollout
      • Suggested that the SANs was rebooted back in February and new training policies have been applied to the units
      • Suggested that SANs training should be part of the onboarding process
  • Other Issues
    • Campus Resources for WordPress Red
      • Suggested there were some issues not being addressed by the Web Services Committee
      • Suggested bringing this as an agenda item to the next meeting
      • Questions form the committee will be gathered to be addressed at the next meeting
      • A road map for migration was requested

InfraSec 09.13.17 Minutes

Attending:

Frank Cervone, Charles Nutall, Bill Lim, Sam Hyman, Bill Sullivan, Paul Neumann, Shahid Virani, Dean Dang, Bala Ramaraju, Jelene Crehan, Mike Kirda, Ed Zawacki, Eddie Campbell, Allen Randall, Elizabeth Romero, Marcin Hiolski, Matt Miller, Mark Goedert, Ernesto Reyna, Lisa Blake, Jason Maslanka, Phil Reiter, Sara Ritch, Miguel Martin, Will Marcyniuk, Ian Huggins, Chris Barton, {Audits}, Doug McCarthy, Kirsten Pielstrom, Mike Toussaint, Trish and Justin from Peoria, Vinay Surpuriya, Teresa Molina, Deric Criss, Ron Fernandez, Heather O’Leary

  • Converged Communication and Networking
    • Cisco ISE
      • There was a presentation on Identity Service Engine – what it is used for, previous challenges, and solutions
      • Examples of devices and what the device portal looks like were given
    • VPN
      • Commercial VPN to replace old standard VPN
      • No rollout date yet, but in progress
    • Cisco WebEx/Spark Pilot
      • The WebEx contract has been signed, but not yet connected to Single Sign-on
      • A pilot will be started once this is completed
      • Initial rollout will be conference services only
      • A demo of Spark, a collaboration tool which also integrates Box, was given
      • Spark will be released to all UIC, including students
      • Spark rooms were described and how they work
      • Noted that Spark will also be on Single Sign-On and will have a pilot
      • Noted that the data for WebEx and Spark is stored in the cloud
      • WebEx can be HIPAA compliant, Spark is not
      • Discussion on how this may or may not integrate Blackboard tools
      • Suggested that ACCC will do testing to determine the best solutions
      • Noted that ACCC will not dictate how to use these tools, but will provide support
      • Discussion on how to make sure faculty are involved and informed
      • Whether or not Spark is FERPA compliant will be looked into
    • Cisco Unity Migration
      • Mentioned that the Astrix voicemail system has been stretched beyond capacity
      • Astrix will be replaced with Cisco Unity to improve support and user experience
      • Changes in the user experience – voice prompts, reporting, etc. were discussed
      • Noted that eventually there will be visual voicemail
      • Noed that this change will make support much easier
      • Suggested that this is related to the Unified Communications project and will tie into Jabber and WebEx
      • Suggested that current issues include licensing and phone number ownership
  • Cloud Services via SHI
    • Azure
      • A presentation on Microsoft Azure was given
      • There is a BAA to make it HIPAA, FERPA, etc. compliant
      • Noted that there is not yet a project proposal for this service
      • What cloud computing is, Azure Compute, Storage, and Networking were gone over
      • Noted that Microsoft and Lynda have trainings available
      • Suggested keeping all data within the US
      • Also suggested that local cloud storage would not interact with cloud storage
      • Discussion on different storage options
      • Discussion of permissions and ACLs
    • Amazon and Google
      • Google and Amazon will be included in the IPHEC contract
  • Service Experience Team in ACCC
    • New Team
      • Noted that the LTS and US teams in ACCC have been combined into a single team to work on service experience
      • Telecom has moved to networks, all other ACCC support functions are under the new team
      • New team includes a communication and engagement team, a learning management group, and admin/operations
      • Suggested that the new team is working to standardize all support in ACCC
    • Ink Printing Pilot
      • Student feedback has been very positive
      • Some statistics were shared with the committee
      • After ten print jobs, students receive a survey about their experience and this data will be used to determine whether to expand Ink to the whole campus
      • A remote campus pilot was asked about
      • The RFP process was asked about
      • Suggested that the survey data will be used during the RFP and the process will begin as soon as possible
    • 2FA for Banner Forms Support
      • Coming in September for faculty and staff
      • Suggested that authentication will only be required once a day
      • ACCC support is prepared
      • Suggested that documentation is available in Answers on the ACCC website
      • Some slides on 2FA with project updates were presented
      • Noted that tokens will be available in the WebStore
      • The contingency plan was gone over
      • An updated list of people at risk on the go live date was requested
      • Further discussion of tokens
    • uic
      • uic Service Discover was presented on
      • Noted that this is a campus resource, not limited to ACCC services
      • Noted that the site is currently live
      • A demo of the site was given
      • Suggested that all services could go into the platform if they were appropriately tagged
      • Suggested that other roles could be added to address needs of different groups
      • Noted that some services go into the ACCC service catalog, some launch the service, and some go into other sites such as AITS
      • Suggested that ONE.UIC will replace the ACCC service catalog
  • Symantec Endpoint License
    • Noted that it will be available and is in the process of being renewed
  • Strategic Issues
    • Understanding IT Spend
      • Suggested that there is a need to know how money is being spent on IT at department, university, and system levels
      • Noted that there is an IT expense data cube which shows money tagged as IT spends
      • If access to the cube is granted for a subcommittee, all the data becomes public
      • Suggested that this may be helpful in looking at duplication and considering shared services
  • Shared Services
    • Endpoint Management Working Group
      • First meeting was held by the subcommittee and they are evaluating end-point management options using Gartner research and creating a list of which services meet requirements
      • A list will be sent to the committee
  • Other Issues
    • AY18 Meeting Schedule
      • Meetings will continue to be held at the same time
      • Work is being done on IT strategy and the revamping of ITGC
    • Rate and Funding
      • Numbers have been shared but no decisions have been made yet
      • A committee will review what is being proposed
      • Once approval is received, there will be a presentation to InfraSec on the rate and funding
      • How the services included in the rate are decided was questioned
      • Suggested that the services were decided with input from the campus, but the decision is financial and based on what the campus can afford to support
      • Noted that ACCC is looking for a tool to automate the rate and funding process for future fiscal years
      • How InfraSec can be involved in the process was questioned
      • Suggested that as the IT strategic plan is created and the ITGC is being revamped, this should be part of the discussion
      • Discussion on need to drive funding process to focus on need rather than cost
  • Subcommittees
    • IS-0002 Digital Accessibility
      • Continuing to work on accessibility testing tool and making sure Red sites are accessible

InfraSec 08.09.17 Minutes

Attending:

Mark Goedert, Lisa Blake, Dan Paz Horta, Sandeep Dath, Phil Reiter, Bala Ramaraju, Mike Kirda, Ashok Bennett, Matt Miller, Therese Molina, Jason Maslanka, Deric Criss, Sarah Ritch, Ed Zawacki, Mike Toussaint, Ernesto Reyna, Kevin Price, Edward Campbell, Ateeq Rahman, Ron Fernandez, Marcin Hiolski, Frank Cervone, Juilo Chavarria, Dean Dang, Chris Barton, Gene Fruit, Dan Pollack, Ian Huggins, Vinay Surpuriya

  • Chair’s Remarks
    • Formal Thank You and Moving Forward
      • The new chair thanked the committee for electing him
      • Mentioned how the committee has made significant progress and moved forward over the years
      • Suggested using a content agenda for organization
    • Pilot of Cloud Printing Project
      • There was a presentation on the new pilot printing program called Ink
      • Mentioned that this program will be presented to the campus in the fall
      • Discussion on the program, potential issues, and accreditation
  • Subcommittee Reports
    • Digital Accessibility
      • Noted that this group is gearing up for the fall
      • Mentioned the possibility of doing more with FAE if possible
    • Digital Signage
      • Noted that this group is working on a proposal and will present to the committee soon
    • Risk Management/Risk Assessment
      • Noted that responses from those assigned to roles are incoming and more information will be presented at a later date
    • Security Program
      • Noted that there is still work being done on the annual report as well as the Q5 and Q6 rollouts
      • Discussion on the timeline and intricacies of rollouts
      • Discussion of resources and other concerns and issues
    • Regional Sites
      • Group is set to meet later this month
    • Web Tech Governance
      • Noted that this group has decided to end the pursuit of a unified search engine across campus due to Red
      • Mentioned that they are looking into adopting Red as a full step solution
      • Mentioned that there was a discussion on the cloud service as well as the the possibility of adopting AWS for development
  • Issues in Progress
    • Cloud Services at UIC
      • Mentioned that ACCC had an internal gathering to discuss cloud services
      • Suggested the task of narrowing the scope of an old proposal that did not survive the feasibility phase
      • Mentioned that a group within ACCC is currently in the process of reviewing all of the cloud service contracts
    • Clarification of Email Forwarding
      • Mentioned where faculty and staff are routing their email accounts is being monitored
      • Noted that 55% are routing to Exchange while 45% are routing to UIC Gmail
      • Suggested that there is currently an option to migrate between Exchange and Gmail, but there is being work done to make the migration to Exchange permanent
      • Discussion on Exchange versus Gmail
    • Shared Services
      • The people on the requirement group were thanked for getting the document mostly completed
      • The next meeting will be scheduled soon
    • Update on AITS Status, Urbana Governance, and Power Plant
      • Mentioned that ther4e is a developing shared servie around endpoint management down state that will be deploying soon
      • A meeting to discuss this service possibly coming to UIC will be facilitated
      • An update on AITS was given
      • Discussion on AITS as a whole
    • Status of New VPN
      • Mentioned that Networks has everything in place and are waiting on CDW to get resources on site
      • There are hopes that it will be ready to go by the end of the month
      • Noted that there will most likely be a short pilot within sixty days
      • Discussion on the new client Any Connect
    • IT Areas of Responsibility
      • The group gathered to document the IT areas of responsibility was mentioned and their goals were explained
    • iLeCT Update
      • Stated that this group is looking to establish a long-term, professional badging program
    • College/Unit Websites
      • Noted that there has been confusion on this subject
      • Discussion on the expectations of college/unit websites
  • New Issues
    • Meeting Schedule in AY 2018
      • Discussion on possibly changing the current meeting time
    • Nominations for Vice Chair
      • Mentioned that nominations for the AY18 Vice Chair are needed
    • ISE
      • Noted that ISE is an ongoing project that has kicked off
      • Explained that they are working with CDW to build profiles for the students
      • What this group does was explained
    • Announcements and Updates
      • Password Update
        • Short discussion on password change and what is required
      • Networks Update
        • Noted that WebEx and Spark are coming
        • Mentioned that Unity will be replacing Asterisk

InfraSec 07.12.17 Minutes

Attending:

Jason Maslanka, Sandeep Dath, Chris Barton, Ed Zawacki, Ian Huggins, Sarah Ritch, Mike Kirda, Bala Ramaraju, Kirsten Pielstrom, Mark Goedert, Allen Randall, Andre Pavkovic, Doug McCarthy, Frank Cervone, Matt Miller, Elizabeth Romero, Ateeq Rahman, Daniel Paz-Horta, Vinay Surpuriya, Lisa Blake, Miguel Martin, Ron Fernandez, Ernesto Reyna, Michael Toussaint, Shannon Redden

  • Subcommittee Reports
    • Digital Accessibility
      • Continuing to look into the viability of Functional Accessibility Evaluation tool
    • Digital Signage
      • Finishing up the final model for delivery
      • Doing some last minute testing
    • Risk Management/Risk Assessment
      • Call for role assignments was sent to HIPAA liaisons
      • Survey will be sent out
    • Security Program
      • Completing the review of responses to first UISO annual report
      • Findings will be presented to InfraSec
    • Regional Sites
      • Discussed MOR Leadership Conference
      • Recap of Rockford and Peoria visits
      • COM is waiting for feedback from ACCC on specific issues
    • Web Tech Governance
      • Will take up issue of search engines in August
  • New Business
    • Cloud Implementation
      • Meetings about cloud implementation which require network configuration to be used on campus were held
      • The committee was asked what the priority should be
      • Suggested agreeing on one cloud service that meets the most needs
      • Discussion on what has been done so far and what else should be considered
      • The committee will be presented to in September
      • Suggested bringing in vendors, giving them use cases, ask asking about potential solutions
  • Shared Services
    • End Point Management
      • A list of requirements has been created
      • A document is being worked on to share with the group
  • Chair Report
    • Thank You
      • The current chair thanked the committee for all he had learned in his time as chair
    • ITGC Review Future
      • Review is ongoing
      • Input from past InfraSec meeting will be taken into consideration as information is sent to the provost and decisions are made
    • HR IT Position Committee
      • The appeals committee has an upcoming meeting
    • HR Meeting
      • There was a meeting about general HR concerns of the IT community
      • Support was offered in reviewing hiring process
    • UIC IT Community
      • A discussion on IT strategy, followed by a workshop looking at UIC Strategic Priorities was done at the MOR IT Leaders conference
      • A draft report was put together
      • Document is being shared with the MOR group for feedback
      • Suggested that this document fills a gap and links IT to the four strategies
    • Shared Services
      • The shared services framework will continue to be worked on
  • Group Discussion
    • Urbana Tech Council and Power Plant
      • Noted that Urbana would like to offer a shared service for end point management
      • A document with pricing was shared
      • Suggested that Urbana first speak to the end point management technical group
      • Discussion of when the rollout will be, how it will happen, and whether it will be included in the basic bundle
      • Discussion on requirements
    • TEM
      • A presentation on changes to TEM was given
      • Noted that Rockford and Peoria have been included in the network
      • Suggested reaching out to HR employees
  • Announcements
    • UIC Web Committee Reprisal
      • Noted that the committee who initially made decisions about Red.uic.edu is being brought back together to discuss the future of Red
    • Unified Communication
      • Cost analysis to determine cost savings of discontinuing some services and true cost of UC are being worked on
      • Noted that Enterprise licenses are needed by August
      • Cost savings of switching to WebEx was gone over
      • Further discussion of which services may be discontinued, how rate and funding will be affected, and getting buy-in of IT leaders before determining the rate
      • More information will be sent to the InfraSec listserv
    • Hardware VPN
      • Noted there is an upcoming meeting to work on high level design
      • Low level design will be determined later
      • Stetement of work should be ready soon
    • Exchange Migration
      • Communication from ACCC was requested on the migration to address concerns on the Academy
      • Suggested posting to news.uic.edu
      • Concern was voiced about email archived on Mailserv
      • Discussion of now to communicate the migration to campus

InfraSec 06.14.17 Minutes

Attending:

Jason Maslanka, Phil Reiter, Matt Miller, Frank Cervone, Sandeep Dath, Kirsten Pielstrom, Ernesto Reyna, Mike Kirda, Ian Huggins, Sandy De Groote, Sarah Ritch, Elizabeth Romero, Allen Randall, Mark Goedert, Marcin Hiolski, Vinay Surpuriya, Therese Molina, Dan Pollack, Ian Huggins, Doug McCarthy, Andre Pavkovic, Lisa Blake, Ateeq Rahman, Daniel Paz-Horta, Kevin Price, Ashok Bennett, Chris Barton, Dean Dang, Michael Toussaint, Ron Fernandez

  • Faculty Activity Profile Tool
    • Infrastructure Framework
      • Noted that there is an effort to select a campus wide profiling tool
      • A committee is looking at various toold and putting together a list opf requirements
      • The committee was asked to look at the RFP and consider what infrastructure would be needed to access the data for the tool
      • Working on a timeline for implementation, and the committee was asked to give regular updates of the review project
      • Discussion on how this tool might interact with the START MyResearch portal as well as funding and RFI
  • Subcommittee Reports
    • Digital Accessibility
      • Had a successful presentation at ITPF
      • Questioning whether UIC needs own version of FAE on campus
      • Looking to create a shared campus
    • Digital Signage
      • Meeting soon to finalize details
      • Goal is to start installing signs at start of fall semester
    • Risk Management/Assessment
      • Submitted final surveys for HIPAA liaisons to review
    • Security Program
      • Making sure the last rollout is completed before rolling out next quarters
    • Regional Sites
      • There were meetings which involved both the Rockford and Peoria campuses
      • There is now a better sense of the teams and tools being used at each campus
    • Web Tech Governance
      • Will be reevaluating whether the search engine optimization still needs to be reviewed
  • Old Business
    • HR Global Degree Requirement
      • Once the next meeting is scheduled, the charge of the HR advisory committee would be the review appeals on Civil Service positions
      • Since the committee is concerned about lack of action, it was suggested to write a letter to the HR advisory committee
      • Discussion of ineffectiveness of actions already taken
  • Shared Services
    • Endpoint Management
      • A list of requirements has been created, still working on report
      • Noted that Urbana is working on an endpoint management plan that may or may not involve UIC
  • Chair’s Report
    • IT Department Level Responsibilities
      • Suggested that the role of department IT has not been defined
      • Discussion on whether to define role or map out current work to determine an ideal state
      • Discussion on importance of defining roles
      • Concerns voiced about AITS functions being merged with Urbana
  • Group Discussion
    • ITGC Recommendations Report Group Exercise
      • Noted that the report includes five recommendations and the committee was asked to break into groups and discuss potential solutions to each
    • Purpose and Mandate
      • Agreed on need to address mandate, leadership, etc.
      • Need new strategic plan
      • Define who makes decisions and where services sit
    • IT Leadership Model
      • Agreed that the split of responsibilities of CIO and ACCC director is important for implementing a strategic vision for IT
    • Re-brand
      • Noted that re-branding is dependent on what comes of other recommendations
      • Discussion on different ways to re-brand ITGC
    • Structure
      • Disagreed with the simplification and suggested that the structure be broader and more representative
    • Communications and Onboarding
      • Noted that consistency is needed in replacing members from leadership
      • Suggested mentorship pairing for new members
      • A governance arrangement matrix was shared
  • Announcements and Updates
    • UIC Web Committee
    • Committee is being reprised and a survey will be sent out asking for requirements
    •  iLeCT
      • The IT MOR Leadership Conference is coming up
    • iOS Workshop
      • An Apple representative will be at UIC to host an upcoming workshop
    •  Email
      • Noted that mail will stop being routed to Tigger and Mailserv and will be routed to Exchange instead
      • Users will be unable to route mail to off-campus mail services
    •  Voicemail
      • Changes will be coming to voicemail
      • The committee will work with the networks director to find the best way to communicate to the end users when the changes are made

InfraSec 05.10.17 Minutes

Attending:

Jason Maslanka, Ian Huggins, Mike Kirda, Ron Fernandez, Miguel Martin, Cynthia Herrera Lindstrom, Frank Cervone, Marcin Hiolski, Kevin Price, Ed Zawacki, Elizabeth Romero, Rehman Ali, Allen Randall, Bala Ramaraju, Lalo Camacho, Kirsten Pielstrom, Russ (CDW), Tony (Cisco), Therese Molina, Doug McCarthy, Ateeq Rahman, Sandeep Dath, Chris Barton, Heather O’Leary, Vinay Surpuriya, Ashok Bennett, Matt Miller, Ernesto Reyna, Sarah Ritch, Mark Goedert, Daniel Paz-Horta

  • Unified Communications
    • Presentation
      • There was a presentation on the Unified Communications plan for UIC
      • Suggested that ACCC worked with CDW to find solutions
      • Discussion of timeline and need for funding
      • Some parts of the plan can be launched immediately and some will take longer
      • Cost of new plan will be integrated into rate and funding as part of the basic bundle
      • Discussion of need to get funding
      • Concern was voiced about buildings not owned by UIC and need for wiring
      • Discussion of need to move off of Centrex and make updates to other systems due to outdated equipment
  • Subcommittee Reports
    • Digital Accessibility
      • Going over top websites for accessibility
      • Also trying to get a server on UIC’s campus for unlimited checks and pages for accessibility
    • Digital Signage
      • Working to put package together and will present when ready
    • Risk Management/Risk Assessment
      • The language for the risk assessments were finalized
      • New HIPAA employee will start this month
    • Security Program
      • New members have joined, working on quarterly rollouts
    • Regional Sites
      • Reps from all regional campuses met last month
      • Working on a site visit to Peoria
      • Noted that ACCC is in conversation to bring Peoria into our infrastructure
    • Web Tech Governance
      • Google Analytics will be made available for tracking websites
      • Discussing issue of search engine silos on campus
  • Old Business
    • HR Global Degree Requirements
      • Memo will be going out soon
    • Shared Services
      • Endpoint Management Requirements Group
        • Met recently to discuss preliminary requirements for a solution for across campus
        • Goal of coming up with and prioritizing most important requirements for the campus
        • Will report back when the list is complete
  • Group Discussion
    • UIC Red; Provost’s Email
      • Noted that Red is now available and there is a directive to use it
      • Concern was voiced on the platform, the rigidity of it, and security
      • There will be a follow up about allowing more flexibility
    • Box Replacing Windows Files Shares
      • Whether or not departments are moving file shares into Box was questioned
      • Noted that OneDrive cannot be used for high risk data
      • Discussion of problems with permissions and off-boarding
      • Discussion on need for management tools
    • Quarterly Maintenance Windows FY18
      • There was a presentation on the maintenance windows for FY18
      • Noted that the January window was moved up to accommodate holidays
    • VPN
      • The network core migration hit a roadblock due to VPN problems
      • ACCC is looking for a commercial solution
      • Discussion of pilot timeline and implementation
  • Announcements and Updates
    • iLeCt Update
      • CEB webinar coming up
      • The group will be presenting at the IT Pro Forum
      • The MOR Leadership Conference is coming up
    • Project Management Training
      • A project management training program through External Campus is being worked on
      • Discussion on whether departments or individuals would pay

InfraSec 04.12.17 Minutes

Attending:

Frank Cervone, Phil Reiter, Lisa Blake, Jason Maslanka, Andre Pavkovic, Doug McCarthy, Mike Kirda, Matt Miller, Vinay Surpuriya, Ron Fernandez, Ian Huggins, Sandeep Dath, Ed Zawacki, Allen Randall, Jelene Crehan, Dean Dang, Ernesto Reyna, Kevin Price, Ashok Bennett, Chris Barton, Dan Pollack, Ilir Zenku, Ateeq Rahman, Lalo Camacho, Heather O’Leary, Daniel Paz-Horta

  • Subcommittee Reports
    • Digital Accessibility
      • Will be presenting at the IT Pro Forum
      • Still looking for a new co-chair
    • Digital Signage
      • Issues have been resolved
      • Working on package for ACCC services page
      • Working to create a per-building directory
    • Risk
      • Performed final review of the survey
    • Security Program
      • Pharmacy has taken over scheduling of quarterly meeting
      • Will resume meetings of UISOs
      • Looking for more members from the East Campus
      • Will be looking at UIC policy on policies website
      • Discussion of member expectations
    • Regional Sites
      • Have set a permanent, recurring meeting time
    • Web Tech Governance
      • Continuing projects set in February
  • New Business
    • HR Global Requirement
      • A memo was written to send to HR regarding degree requirements
      • Discussion of how to allow for H-1B visas if the degree requirement is removed and other consequences of changing requirements
      • Motion to approve the memo was approved
  • Old Business
    • Risk Management/Risk Assessment Proposals
      • The council has approved the proposals to go forward to the Provost, as well as ACCC, and HIPAA budget requests
    • Unified Communication
      • A presentation from Cisco to go over plan and costs is being planned for May
    • Shared Services
      • Endpoint Management
        • A requirements group and a technical design group were formed
        • Noted that as the group considers shared services, they should communicate with others at UIC and in Urbana to find solutions
        • Discussion on how new shared services would be governed
      • IT Investment Proposal Portfolio
        • Need to create a portfolio of future ideas for the shared services framework
  • Chair’s Reports
    • BAA for Box
      • The Box quota will be increased to unlimited storage on April 24th
      • The BAA for HIPAA compliance is still under negotiation
  • Group Discussion
    • Website Outage Tools
      • Engineering has VMs for WordPress sites
      • Discussion of services and fees
    • Public Wi-Fi
      • Dentistry would like to have public Wi-Fi for patients
      • Discussion on what a public Wi-Fi service would look like
      • Noted that there is risk involved with opening a network on campus
      • Discussion of Wi-Fi needs, potential funding options, and possible support issues
  • Announcements and Updates
    • iLeCT
      • Noted that iLeCT had a strengths finder workshop
      • It was requested that the group hold some events on the East side
      • Working with HR on professional development and a potential badging program
      • Noted that there will be a series of webinars from CEB coming up

InfraSec 03.08.17 Minutes

Attending:

Ernesto Reyna, Shannon Reden, Mat Willis, Dan Pollack, Miguel Martin, Lisa Blake, Jason Maslanka, Andre Pavkovic, Phil Reiter, Matt Miller, Doug McCarthy, Dan Paz-Horta, Ateeq Rahman, Vinay Surpuriya, Allen Randall, Barry White, Therese Molina, Dean Dang, Mike Kirda, Bala Ramaraju, Elizabeth Romero, Mark Goedert, Gene Fruit, Kirsten Pielstrom, Kevin Price, Marcin Hiolski, Chris Barton, Heather Ross, Ron Puskarits

  • Group Discussion
    • IT Job Families
      • An overview of the iLeCT leadership group and the importance of the job families and how they relate to IT was given
      • A potential badging program for professional development was mentioned
      • The new job model was presented on
      • Concern was voiced about the requirements for advancement
      • Discussion on the different avenues for advancement
      • Discussion of STEM disciplines and others to include in the educational requirement
      • Noted that the model could be adjusted later
      • Stated that an extended discussion of the job model would be had at a later date
      • Feedback will be reported back to HR
  • Subcommittee Reports
    • Digital Accessibility
      • Mentioned that they are continuing their efforts to test for accessibility on more public campus areas
      • Noted that they are investigating the accessibility of Red.uic.edu
    • Digital Signage
      • Nothing new to report
    • Risk Management/Assessment
      • Mentioned that members were assigned to review the final version of the Risk Assessment survey
      • Expected to be completed by the end of March
      • Mentioned that there are separate surveys being distributed across multiple groups
      • Surveys should be completed by the next meeting
    • Security Program
      • Noted that there is a request for more representation from different operational areas
    • Regional Sites
      • Discussion on the uses of the student tech fee
    • Web Tech Governance
      • The subcommittee is tackling three major subjects right now: having Google analytics across campus, evaluating how websites are handling their search engines, and readdressing the need to use redirects on the websites
  • Old Business
    • HR Resolutions/IT Classification Advisory Board
      • The kickoff meeting was noted as well as what was discussed and what the board’s responsibilities are
      • Discussion on the job model and how progression is/can be handled
      • Discussion on whether the board will be engaged directly or if employees will have to go through HR
      • Discussion on the role of HR in the process of advancement as well as the classification of positions
    • Risk Management/Risk Assessment Proposals
      • Whether or not the proposals should be redirected for review was questioned
      • Discussion on the review process and its timeline
    • Unified Communications
      • A brief background on ACCC’s goal for unified communications
      • Discussion on a recommendation for the solid call platform
      • Mentioned that the focus is on the cost overlap and the rate
      • How the system would work across all three campuses was briefly explained
  • Chair’s Reports
    • Shared Services Framework
      • The Shared Services presentation was gone over as well as the best path through the framework
      • Mentioned that feedback and working group participation would be beneficial
      • What the shared services are and are not were defined
      • Noted that there are three groups: Service Design Leadership, Service Design Technical Group, and Build and Operational
      • Discussion on the presentation and the functions, funding, and operations
  • Group Discussion
    • Public Wi-Fi
      • Mentioned that there have been years of questioning and requesting public access to Wi-Fi
      • Suggested that there should be a service for public access to Wi-Fi
      • Discussion on importance, possible sources of funding, and impact
    • Ad Astra
      • Mentioned an email discussing Ad Astra in colleges sent out after the last meeting
      • Short discussion on the rollout, possible need for adjustments, and role on campus
      • There will be a follow up brought back to the committee for further discussion
  • Project and Service Updates
    • ACCC Project Updates
      • Announced that Outlook’s storage capacity has increased from 50GBs to 100GBs
      • Mentioned that the countdown for the completed Exchange project is being mapped out
      • A document was mentioned which describes the many different mail routes
      • Short discussion on the document as well as how Exchange will affect the various units
    • ITGC Review
      • Mentioned that the final report was delivered
    • DUO for Banner
      • A presentation on why Two-Factor Authentication and Banner are important and beneficial to the university was given
      • Noted that the audit is due April 1st
      • Discussion on DUO and its potential uses