InfraSec 02.08.17 Minutes

Attending:

Ed Zawacki, Lalo Camacho, Mike Kirda, Andre Pavkovic, Frank Cervone, Phil Reiter, Mark Goedert, Kevin Price, Matt Miller, Bala Ramaraju, Marcin Hiolski, Ateeq Rahman, Vinay Surpuriya, Therese Molina, Chris Barton, Gene Fruit, Heather O’Leary, Ashok Benet, Ilir Zenku, Jelene Crehan, Ernesto Reyna, Sandeep Dath, Chris Berndt

  • Subcommittee Reports
    • Digital Accessibility
      • Had first meeting of the year
      • Looking at evaluating different websites for accessibility
      • Noted that the group will work on a process for anyone who needs live captioning
    • Risk Management/Risk Assessment
      • New survey content was created and will be put into Qualtrics
    • Security Program
      • Working to reorganize meetings
      • Looking for new members
    • Regional Sites
      • ACCC visited Rockford
      • Follow up meeting topics included services provided to Rockford, potential shared services, sharing resources, and more
  • Old Business
    • IT Classification Advisory Board
      • Will be meeting soon, updates at next meeting
    • Burwood Report
      • Met with CDW
      • A meeting has been scheduled with ACCC to review the rest of the documents
  • Chair’s Report
    • IT Governance Council Recap
      • ITGC discussed FY18 proposals
      • There was a discussion at the council meeting on how to present proposals to the Provost
      • Suggested to create a document including all IT budget requests to allow the Provost to consider all needs at once
      • Each request will be categorized as critical infrastructure, service improvements, or new initiatives
      • The final document will be shared with the ITGC committee once complete
      • Discussion of ITGC reporting structure with some concerns about VCHA
      • Noted that once the VCAA receives the proposals, they would be shared with the VCHA
      • Noted that HIPAA requests are at the system level
  • Project and Service Updates
    • ACCC Project Updates
      • An update on the Exchange Online project was given
      • Need to complete by December 2017
    • Box Limits
      • Current limit is 50gb
      • Working on new contract with Box for unlimited storage
    • Ad Astra
      • Suggested that the people running Ad Astra would be coming to an upcoming meeting to present on the service
    • Symantec
      • Noted that the pilot has begun on a Symantec server with Nursing and VCAS
  • Announcements and Updates
    • New IT Auditor
      • A new IT auditor will be starting at the end of February
    • iLeCT Update
      • Have been meeting biweekly
      • Noted that there are a few upcoming events
      • Have met with HR to get more training to IT staff on campus
      • Some discussion on the IT job family model
      • HR will be presenting to the InfraSec committee in March
      • iLeCT will have an event to discuss the model with all IT staff
      • Eventually, a badging program could be mapped to the job families
    • Shared Project Management
      • Have had informal meetings to discuss how IT can be more efficient
      • Looking at the IT project management process
      • Looking to improve uniformity and sharing of project management resources
    • Shared Services – Endpoint
      • Followed up with UIUC on Big Fix and SCCM
      • Need to consider existing frameworks when looking at how to create shared services
      • UIUC will follow up with ACCC
      • Noted a need for further discussion in ITGC and ACCC
    • uic.edu
      • New UIC website platform is now available
    • AITS Services
      • There was an internal review followed by an external review of AITS and services offered
      • There will be a restructuring of AITS
      • Suggested that the universities might create a framework for sharing support
      • Noted that one service being restructured is information security
      • Suggested that whatever shared services is created must be fair and helpful to all universities
      • Discussion of how shared services should be created
  • Small Group Discussions
    • Intro/Breakouts
      • The committee broke into small groups to discuss Endpoint management, Data Security & Storage/Systems for High Risk Data, Servers & Storage, and Shared Services Framework
      • Discussion on how shared services could fit into the IT governance model
    • Report Back
      • Each small group reported back with their ideas
    • Final Discussion
      • Noted that there will be work done to bring a shared service model to UIC
      • Suggested a small group be put together to oversee the process
      • Discussion of Power Plant, their framework, and how to collaborate going forward

InfraSec 01.11.17 Minutes

Attending:

Gene Fruit, Lisa Blake, Jason Maslanka, Sandeep Dath, Marcin Hiolski, Chris Barton, Kevin Price, Frank Cervone, Mark Goedert, Jelene Crehan, Janet Shaw, Ian Huggins, Mike Kirda, Bala Ramaraju, Vinay Surpuriya, Jackie Kern, Doug McCarthy, Allen Randall, Lalo Camacho, Matt Miller, Heather O’Leary, Josh Naylor, Ernesto Reyna, Ashok Bennet, Ron Fernandez, Phil Reiter, Dan Pollack, Therese Molina

  • Discussion Topics
    • UIUC Shared Services
      • Power Planted started in May 2015 with goals of making IT as ubiquitous as electricity
      • Started by focusing on a few main services, then put together a high level requirements gathering team, then the solutions team took over
      • The process for considering how to meet user needs and coming up with realistic solutions was outlined
      • A Power Plant Advisory Group is heading the effort on reaching out to users and working with IT Governance to make decisions and keep everyone informed
      • The status of a few services they are working on were gone over
      • Discussion on process for finding best solutions and occasional outsourcing
      • Further discussion of funding models, noting that each service is different
      • Questioned whether the Power Plant is working with UIC and UIS to consider services shared between campuses
      • Noted that they are working to hire project managers to engage more with other campuses
      • Concern expressed about services in Urbana
      • Concern also raised about governance in Urbana not getting enough input from users at UIC
      • Suggested that there needs to be a discussion about end goals of services
      • Suggested having regular communication between campuses as new services are developed
    • UI IT LT Share Services Governance
      • A presentation on the Shared Services Governance Group was given
      • Noted that this group focuses on services shared across the university system while Power Plant focuses just on UIUC
      • The charge of the group, who is involved, and how they make decisions on services were also gone over
      • The tasks the group has done as well as how to go about creating an operational level agreement was outlined
      • The shared services website and current services offered were also gone over
    • Shared Services Discussion
      • Discussion of how to better work on creating shared services and reducing replication
      • Further discussion of how shared services are needed in this budget climate
      • Suggested that it is acceptable to have another campus/unit run a service, so long as there is some guarantee of reliable service and ongoing communication
      • Suggested that there are three models: units host their own services, a well-funded central unit supplies services, and shared governance maintains a balance between the first two
      • Suggested that governance is currently ineffective
      • Suggested that the committee should be involved in creating a vision for IT services
  • Subcommittee Reports
    • Digital Accessibility
      • Working on the giving.uic.edu page to improve accessibility
    • Risk
      • A risk cycle is coming up, an assessment survey will be sent out to campus
    • Security
      • Fifth quarter roll out will be coming soon, delay in original timeline
    • Regional Sites
      • Did not meet last month, Rockford will be hosting ACCC on January 27
  • Old Business
    • HR
      • No further updates
    • Burwood Report
      • WTC will send their documents with initial numbers for review
      • A draft report from CDW was received, waiting on the final
      • There will eventually be a guiding document on how to go forward with unified communications
  • Project/Service Updates
    • ACCC Updates
      • Exchange kickoff meetings with every unit have been being scheduled
      • A plan of action for once all migrations are completed is being worked on
      • Committee was asked how holdouts should be handled
      • Suggested cutting off services to those who do not migrate
    • VPN
      • There is a current project to find a commercial VPN solution
  • Chair Report
    • uic.edu
      • The new WordPress website platform is still not functional, should be available in January
  • 2017 Challenges and Goals
    • Discussion
      • Committee was asked to consider their current challenges and goals for units
      • A report from ACCC about what services are coming in the next 18 months was asked for
      • Committee members shared goals and challenges
      • Discussion on how to better share services between units and when to go ahead with an internal solution
      • Noted that there is a need to move decisions forward more quickly
      • Suggested that the ITGC should set timelines on specific services for decisions to be made
      • Further discussion of priorities set by InfraSec and how to get them addressed and funded
      • Noted that the ITGC assessment process is almost complete
      • A report of recommendations will come out and will be shared with the Provost and Chancellor, they will decide how to move forward
      • Suggested that there should be a greater effort on created shared services

InfraSec 11.07.16 Minutes

Attending:

Marcin Hiolski, Miguel Martin, Lisa Blake, Jason Maslanka, Kevin Shalla, Ed Zawacki, Chris Barton, Andre Pavkovic, Mike Kirda, Barry White, Lalo Camacho, Allen Randall, Mark Goedert, Vinay Surpuriya, Doug McCarthy, Ron Fernandez, Mat Willis, Ernesto Reyna, Frank Cervone, Phil Reiter, Bala Ramaraju, Matt Miller, Shannon Redden, Dan Pollack, Therese Molina, Josh Naylor, Kevin Price, Gene Fruit

  • Subcommittee Records
    • Digital Accessibility
      • Met with UI Health website people, had a positive response
      • Suggested that groups can request an assessment
    • Digital Signage
      • Waiting on Industry Weapons for a problem with maps
    • Risk Management/Risk Assessment
      • Met to compose a letter to the provost requesting responses on past proposals
      • Looking to elect new chair
      • Will be sending out surveys soon to help address risk assessment
    • IT Security Program
      • Noted that while there are issues to be addressed, the subcommittee is working on linking guidelines to the program
    • Regional Sites
      • Discussed which services are available to regional sites
      • ACCC directors visited Peoria and it was suggested that visiting Rockford would also be helpful
      • Suggested to bring broader group of people
    • Web Tech Governance
      • Will be building website
      • Working on data sharing to provide content templates
  • New Business
    • Patch Management
      • Noted that there was a meeting to address concerns about BigFix as a supported service from Urbana
      • Concern was voiced about BigFix being discontinued without comment from ITGC
      • Possible patch management solutions were gone over
      • Concern expressed about UIC and Urbana not collaborating enough
      • Suggested that without a formal structure, it is difficult to ensure that shared services are maintained
      • Discussion on how to improve collaboration and communication between campuses
      • Further discussion on the discontinuation of BigFix and decisions leading up to it
      • Further discussion on relations between campuses as well as a need for documentation and accountability for service
  • Old Business
    • Risk Assessment Letter to Provost
      • A letter written to the provost requesting a revisit to the proposals submitted last year and a formal response was reviewed
      • Motion to approve the letter to be sent to the Council
      • Motion approved, no opposition voiced
      • Committee reviewed the risk assessment status addendum
    • Burwood Report
      • Feedback on the report as well as concerns about how UIC is collaborating with other campuses was provided
      • More information on pricing between Lync and Cisco was requested
      • Suggested that CDW will be providing a report on which would be better for UIC
      • Discussion on other options, costs, and support staff issues
      • Suggested that more information was needed, but a decision must be made soon
  • Project and Service Updates
    • ACCC Project Updates
      • Exchange Online is moving forward and updates can be found in the report
  • Chair’s Reports
    • Provost & Admin Rights
      • Discussion on reactions to the Provost’s announcement on admin rights
      • Discussion Topics and Announcements
    • Opsview
      • Questioned whether there is an interest on campus for Opsview to monitor servers
    • LeCT
      • Planning committee will be meeting more frequently
      • An HR event is being planned
      • A badging program is under construction
    • Security Training Lunch ‘n’ Learns
      • Suggested having events on security training which may be recorded and shared online
    • HRFE Access Blocked at AITS Firewall
      • Presentation was given on changes to HR Front End to mitigate risk
    • Duo Licensing
      • An update on Duo was shared
      • Discussion of Box and related policy concerns

InfraSec 10.12.16 Minutes

Attending:

Jason Maslanka, Allen Randall, Cynthia Herrera Lindstrom, Kevin Shalla, Ed Zawacki, Frank Cervone, Elizabeth Romero, Andre Pavkovic, Mike Kirda, Marcin Hiolski, Mat Willis, Mark Goedert, Matt Miller, Kevin Price, Vinay Surpuriya, Chris Barton, Lisa Blake, Heather O’Leary, Phil Reiter, Sandeep Dath, Sarah Ritch, Shannon Redden, Ashok Bennett, Ron Fernandez, Therese Molina, Josh Naylor, Dan Pollack, Ilir Zenku, Doug McCarthy, Lalo Camacho,

  • Subcommittee Reports
    • Digital Accessibility
      • High profile evaluation of websites helping to improve accessibility issues
      • Created a subcommittee to work on this
    • Digital Signage
      • Still struggling with Industry Weapon and mapping
    • Risk Assessment
      • Presentation given on state of risk assessment
      • Went over achievements, importance, and future goals
      • Named next steps
      • An HR focused draft of a survey was shown, naming concerns and need to push forward
      • Need for continued follow-up on 2015 Risk Recommendations proposals
      • Discussion of recommendations and status of implementation
      • Noted that there are three priorities the group is focused on
      • Discussion of funding issues
      • Discussion of Nessa’s meeting campus needs
      • Concern expressed about work done on this topic
      • A summarized update was asked for to send to the Provost
      • Suggested that the risk is understood, but the lack of funding is an issue
      • Suggested to create a document to send to Council, Provost, and VCHA
      • Suggested that a possible solution would be to ask HSCs to provide funding for costs of risk assessment
      • The subcommittee was asked to create a document emphasizing work to be done to send to upper administration voicing concern of UIC IT community
    • Security Program
      • Fourth quarter rollout happened at UISOs met yesterday, annual report almost complete
      • Concern expressed about new Qualtrics dashboard and other issues
    • Regional Sites
      • Will have first meeting next week and report to next meeting
  • New Business
    • ACCC Service Level Agreements
      • Presentation on ACCC SLAs given
      • How to work with ITGC to establish SMART SLAs and set expectations was questioned
      • Since currents SLAs were set by service managers, feedback from the InfraSec committee was requested
      • Committee was asked to review the SLAs and send feedback
      • Measuring service performance was questioned
  • Old Business
    • Web Governance Subcommittee
      • First meeting scheduled, will report to InfraSec committee at the next meeting
    • HR Resolutions
      • No new information, Appeals Board delayed
    • Burwood Report
      • Suggested that a revised report has been prepared
      • Burwood rescanned the environment and updated the report
      • Suggested that the report outlines various options
      • Suggested that there will be an update on the strategic plan
      • CDW will be providing a comparative report on the options
  • Projects and Services
    • ACCC Projects
      • Exchange Online is moving along
      • Meetings with units being arranged
      • An overview was given
    • DUO Miltifactor Update and NESSIE
      • Presentation on DUO was given
      • Discussion of communication plan for November 10 deadline
    • Box BAA
      • Contract still being worked on
      • Discussion on a projected goal for completion
  • Chair’s Reports
    • Information Privacy & Security Committee
      • Noted that HIPAA training almost complete, some modifications being addressed
      • Units must submit a survey to determine whether they are under covered entity
    • ITGC Workshop
      • Suggested that workshop was insightful and participants were honest
      • Noted that some faculty members who were not in the ITGC provided different prospective
      • Report will be created by December
  • Discussion Topics & Announcements
    • De-provisioning Disabled Accounts
      • Presentation was given on disabling inactive accounts
      • Discussion of alternative options
    • IPHEC Cloud Projects
      • Suggested that the committee needs to look at details of the contract
      • Suggested to create a discussion group to look at business needs
    • Urbana AWS
      • Noted that Pharmacy had contacted Urbana about a contract issue and has not heard back
      • Urbana will be reached out to in order to see if UIC could be added to contract
    • Security Training Alternatives, “self-phishing”
      • Suggested that there are tools available to train people on how to avoid phishing
    • BCP/DR Educause Presentation
      • Suggested that a number of UIC people attended an Educause webinar on disaster recovery
    • UA Review
      • Suggested that a group had been put together to look at AITS, services provided, and possible improvements
      • Discussion of what final report might include
    • Academic Medical Center IT Forum
      • Members of the committee attended a forum which went over concerns for health-related schools in the Midwest
      • Other members of the committee were encouraged to join

InfraSec 09.09.16 Minutes

Attending:

Jason Maslanka, Dean Dang, Matt Miller, Mike Lamdagan, Sandeep Dath, Lalo Camacho, Chris Barton, Bala Ramaraju, Mark Goedert, Mike Kirda, Frank Cervone, Ed Zawacki, Janet Shaw, Allen Randall, Ernesto Reyna, Lisa Blake, Miguel Martin, Kevin Price, Shannon Reden, Therese Molina, Ron Fernandez, Kevin Shalla, Vinay Surpuriya, Andre Pavkovic, Barry White, Doug McCarthy, Ian Huggins, Sarah Ritch, Cynthia Herrera Lindstrom

  • Subcommittee Records
    • Digital Accessibility
      • First meeting of the year was held
      • Many improvements have been made including automated assessments on UIC websites
    • Risk
      • Working on risk assessment survey
    • Security Program
      • Revising incident response process
      • 4th quarter rollout has been posted and an email announcement will be sent out
    • Digital Signage
      • Currently testing the interactive touch signage
      • The goal is to bring to buildings all over campus
  • New Business
    • IPHEC Cloud Computing Services RFP
      • The RFP was awarded to SHI and there was a presentation on the selection process
      • Discussion of VPAT to prove accessibility
      • Discussion of SHI contract
      • Discussion of other existing contracts and possible issues
    • One ID, One Password
      • A presentation was given, noting that this service is going live in October
      • Discussion of timeline and specific parts of the project
      • Discussion of campus communication plan
      • The new process for new hires was gone over
      • Noted that support information was included in presentation
    • RAVE Guardian to Campus
      • A presentation was given on the RAVE Guardian Campus Safety App
  • Old Business
    • Web Governance Subcommittee
      • Officially a subcommittee
    • HR Resolutions
      • Invitations went out for people to participate
      • Survey under review and will go out
    • Risk Management/Risk Assessment Proposals
      • Suggested that there had been a meeting to discuss request for two FTEs to support HIPAA
      • Brought to university leadership
    • Burwood Report
      • Burwood came to campus to review the final document
      • Some data needs to be updated due to shifts in the industry
      • There was a meeting with CDW and they will look at our current infrastructure and do a cost analysis
      • Discussion of what is included in proposal
  • Projects and Services
    • ACCC Projects
      • Standing projects were gone over
    • Exchange Online, Related Audit
      • The audit document and recommendations were presented
      • Discussion of transition concerns and existing mail options/servers
      • There was a meeting with Microsoft support to discuss issues that need to be fixed in order to move forward
      • Discussion of unit needs for transition
      • A session for Q&A will be held
      • There will be communication to the campus about the move
      • There was a request for a deadline for Oracle Calendar
    • Project ACCC0067 – Streaming Media Strategy
      • Being run out of the ITGC Education committee to clean up all streaming services
    • Duo
      • A presentation was given on Duo
      • Discussion of implementation and related concerns
  • Discussion Topics
    • HIPAA Data Sharing Between Colleges/IT Infrastructures
      • A request was made on instruction on how to share HIPAA data between colleges/outside while still maintaining compliant
      • Discussion of the UIC Security Program
      • Suggested a meeting be set for further discussion
    • Password Change Notification from ACCC
      • Concern was voiced about password change notifications
      • Suggested that the password change process and related issues be documented and shared

InfraSec 07.20.16 Minutes

Attending:

Kevin Shalla, Chris Barton, Julio Chavarria, Ed Zawacki, Allen Randall, Brian Ng, Ashok Bennett, Frank Cervone, Cynthia Herrera Lindstrom, Vinay Surpuriya, Jason Maslanka, Therese Molina, Ernesto Reyna, Bala Ramaraju, Kevin Price, Marcin Hiolski, Andre Pavkovic, Josh Naylor, Phil Reiter, Matt Miller, Lisa Blake, Heather O’Leary, Dean Dang, Ron Fernandez, Mark Goedert

  • Subcommittee Reports
    • Digital Accessibility
      • Meeting in August to discuss important topics
    • Risk Assessment
      • Looking at survey to send out for risk assessment
      • Working to realign risk assessment business goals
    • Security
      • Next quarter rollout and annual report are ready
      • Flowcharts created for incident response
      • Discussion of timeline
      • Discusison of scheduling and sharing trainings across campus
      • Concern voiced about high-level campus buy-in
      • Discussion of making training mandatory and consequences for those who do not comply
      • Further discussion of scheduling trainings and need for centralization
    • Digital Signage
      • New product almost ready
  • New Business
    • Contracts
      • Noted that UofI IT consulting partner contracts have not been renewed
      • Staffing portion of the contract mentioned
    • Two-Factor Authentication
      • Presentation on two factor authentication was given
      • Suggested solution for attacks on direct deposit was given a demonstration
  • Old Business
    • Web Governance Subcommittee
      • First meeting was held and will be reporting back to InfraSec
    • HR Resolutions
      • Appeals board formed and will begin hearing appeals for misclassifications
  • Projects and Services
    • ACCC Updates
      • ACCC updates were shared
      • Discussion of Exchange Online
      • Further discussion of various projects and statuses
      • Discussion of CrashPlan BAA and HIPAA concerns
      • Working to get the BAA signed as soon as possible
  • Chair’s Reports
    • Committee in state of transition, need to work to find direction
    • ITGC assessment in process
  • Discussion Topics
    • ITGC Assessment Update
      • Noted that a survey had been sent out to ask for feedback on ITGC process
      • Focus groups will be held in the fall for further feedback and how to best improve ITGC
      • Discussion of importance of IT governance and need for improvement
    • VM Price Increase
      • Noted that VM pricing for CUPPA has doubled, making it harder to afford
      • ACCC staffing issues were questioned
      • Noted that services will be supported and the staffing issue is being worked on
    • LeCT
      • Noted that the IT leadership group is looking to expand
      • Discussion on how to encourage people to get involved
    • Exchange Online License
      • Suggested that the license expired but they have reapplied for it
      • Discussion of licensing for Exchange mailboxes
    • InfraGard & CyberHealth
      • What each group is and are helpful with was mentioned
      • Information will be forwarded to listserv

InfraSec 05.11.16 Minutes

Attending:

Chris Barton, Jason Maslanka, Sandeep Dath, Marcin Hiolski, Ed Zawacki, Elizabeth Romero, Allen Randall, Frank Cervone, Mark Goedert, Ilir Zenku, Sarah Ritch, Mike Lund, Miguel Martin, Lisa Blake, Doug McCarthy, Brian Ng, Sandra Robinson, Kevin Shalla, Janet Shaw, Mike Kirda, Bala Ramaraju, Josh Naylor, Phil Reiter, Vinay Surpuriya, Dean Dang, Therese Molina, Heather O’Leary

  • Subcommittee Reports
    • Digital Accessibility
      • Working to improve accessibility of new uillinois.edu website
      • Continuing to work with athletics website vendor
    • Risk Management/Assessment
      • Discussed risk management aligned with business, bring in HIPAA liaisons
      • Discussed 2016 assessment in the form of a survey
      • Status report to Audits nearly complete
      • Waiting for update form Council on submitted action
    • Security Program
      • Annual report is ready
      • Creating flowchart diagrams for incident response procedure
    • Digital Signage
      • Package should be ready for installation by Fall
  • New Business
    • Web Governance Subcommittee
      • Proposed to create a new subcommittee under InfraSec to look at technical aspect of web and governance thereof
      • A draft charter was shared
      • Discussion of charter, incentives, and consequences
      • Discussion of need for this subcommittee
      • Motion to approve creation of this committee, with the exception of strike of section four, was passed
  • Old Business
    • HR Resolutions
      • A procedure will be created to handle HR disputes
    • Risk Management/Assessment
      • Noted that the ITGC proposals went out to the Provost, but no updates have been shared
      • Official feedback on the proposals was requested
    • Burwood Report
      • Cisco and Microsoft are still being considered
      • Discussion on Cisco upgrade
  • Project and Service Updates
    • ACCC Reports Site
      • Noted that the site is publically available to the university
    • Multifactor Authentication
      • There was a presentation on why multifactor authentication is beneficial and how it could be implemented
      • Discussion on possibly uses of Duo Safety
    • Rate and Funding
      • Noted that rate and funding is moving forward
      • Basic format of the plan was gone over
      • ACCC will meet with each unit to discuss rates
      • Discussion of inability of units to cut costs once plan is made
      • There will be an advisory board to annually review and make changes
    • Exchange Online
      • An update of the Exchange Online implementation plan was given
      • Discussion of encryption and other aspects of Exchange
    • CrashPlan
      • Two major risks were discussed
      • Discussion on concerns about availability and funding
  • Unit Spotlights
    • ACCC
      • A presentation on the ACCC org structure and services was given
    • AES
      • Review of the services AES offers, upcoming changes, and recent projects
  • Discussion Topics
    • Meeting Time/Day Change
      • Discussion on possibly changing meeting time to a more accommodating one
    • HIPAA Compliant Server Backup
      • Suggested that servers obtain something that is like CrashPlan
      • Suggested that a proposal be written up and brought back to the committee for an official vote
      • Discussed other possibilities for backup, HIPAA concerns, and associated risks
    • IT Leadership
      • Members were reminded to sign up for MOR Leadership conference
    • IAM
      • Noted that IAM implementation for UIC will be coming in October
  • Announcements
    • Central Symantec Endpoint Server
      • New pilot server is being worked on in AHS

InfraSec 03.09.16 Minutes

Attending:

Julio Chavarria, Miguel Martin, Jason Maslanka, Sandeep Dath, Chris Barton, Ed Zawacki, Marcin Hiolski, Kevin Price, Mike Kirda, Doug McCarthy, Mark Goedert, Cynthia Herrera Lindstrom, Brian Ng, Mike Lund, Sandy Robinson, Andre Pavkovic, Allen Randall, Marc Carlton, Josh Naylor, Therese Molina, Kevin Shalla, Dean Dang, Matt Miller, Chris Hollenbeck, Ernesto Reyna, Ashok Benet, Dan Pollack, Phil Reiter, Heather O’Leary

  • Subcommittee Reports
    • Digital Accessibility
      • Working on improving UIC athletic site for accessibility
      • Working to improve site accessibility design process
    • Risk Management/Assessment
      • Currently working on status update which should be available at April meeting
      • Also looking at the next cycle for risk assessment
      • Attempting to, with the help of ACCC, develop a survey to deploy in the next cycle for risk assessment
      • Also working with Dell and Secureworks for POC on vulnerability scanning
    • Security Program
      • The UISO annual report is almost complete, will be conducted using Qualtrics
    • Regional Sites
      • The subcommittee had difficulty finding appropriate membership
      • It was asked that the subcommittee provide a list of priority items to bring back to the committee
    • Digital Signage
      • Looking at new packages
  • New Business
    • Service Request Form | TechStarter
      • A presentation was given on a subcommittee from the Education committee to work on creating a form for people on campus to submit requests for new instructional technology services and the feedback they have received
      • It was proposed that, rather than just using this for Educational technology, it be expanded to the other governance groups
      • Committee discussed the potential of the form, how funding would work, etc
      • There were concerns that proposals may come to governance before colleges are on board with the idea
      • It was suggested to have a website where ideas submitted are presented to the public
      • Discussion of how to prioritize items that come in from the form and compare to existing governance priorities
      • It was suggested that there might eventually be a social component, where people on campus can vote for ideas to help prioritize
  • Old Business
    • HR Resolutions
      • There was a request submitted to the provost and Mark Donavan to set up an appeals committee
    • Burwood Report
      • A summary of the report has been compiled
      • A comparison chart of different unified communication platforms was went over
      • Discussion of how best to move forward on this initiative
  • Unit Spotlights
    • BPI
      • A presentation was shared on the business process improvement services which outlined the type of work they do and projects that BPI has helped with at UIC
      • The group also does trainings such as lean concepts and facilitation skills and are working on a long term facilitator training program
    • Pharmacy
      • College demographics, rankings, etc. were described
      • The IT structure in the college was also described with notes to their teaching and learning center, and some other initiatives
  • Discussion Topics
    • ITLW
      • It was noted that Urbana is putting together its IT Leadership Workshops for summer and fall and members were encouraged to nominate people
    • SCCM Staffing in ACCC
      • It was noted that a search had been done, but failed due to there being some problems with the HR hiring process and degree requirements
      • A new search is being opened
      • Committee then discussed HR degree requirements and possible changes that can be made
  • Project and Service Updates
    • SCCM Status
      • It was suggested that further review was needed on the process of sharing services with AITS
      • It was suggested that there are a number of technical things that would have to change to allow for off campus use of SCCM
  • Announcements
    • ACCC Maintenance Weekend | March 19-20
      • Basic email will be down at one point over the weekend, communications will be sent
    • HIPAA Policies
      •  It was noted that a draft of the HIPAA policies has been completed and will go out to legal counsel shortly, and would then be shared for feedback
      • Security portion is based on the UIC security program
      • Policies should be in place by mid-May
    • Rate and Funding
      • Meeting with leadership soon for approval, will then be presented to the committee
      • Crashplan has been included in the request

InfraSec 02.10.16 Minutes

Attending:

Attending: Jason Maslanka, Ernesto Reyna (on the phone), Cynthia Herrera Lindstrom, Elizabeth Romero, Lisa Blake, Frank Cervone, Marcin Hiolski, Phil Reiter, Mark Goedert, Allen Randall, Mike Lund, Vinay Surpuriya, Mike Kirda, Bala Ramaraju, Ed Zawacki, Kevin Price, Sarah Ritch, Sandra Robinson, Kevin Shalla, Chris Barton, Sandeep Dath, Brian Ng, Therese Molina (on the phone), Miguel Martin (on the phone), Andre Pavkovic (on the phone), Josh Naylor (on the phone)

  • Subcommittee Reports
    • Digital Accessibility
      • Vendor has been chosen for athletic website
      • Accessibility improvements will be the goal of the new year
    • Risk Management/Risk Assessment
      • Developing status reports to display where each individual college unit is
      • Working with vendors to discuss vulnerability assessment
    • Security Program
      • Working on UISO annual report
  • New Business
    • Telecommunications Standards
      • Discussion on networking issues
  • Old Business
    • HR Resolutions
      • A document was sent from HR for the committee to go over
      • IT Director responsibilities were discussed
      • An advisory committee is being formed
      • A letter to chancellor is being drafted for approval on committee members
  • Web Governance
      • Awaiting a charter to be presented
  • Unit Spotlights
    • SPH
      • Noted that UIC’s SPH is the only accredited school in that field in Illinois, making it the largest
      • Different kinds of IT within the school were mentioned
      • IT goals within SCH were described
    • Office of the Vice Chancellor for Administrative Services
      • Description of what this unit does and all of the services provided by it
    • Office of the Vice Chancellor for Student Affairs/Campus Auxiliary Services
      • Explanation of what this unit oversees
      • Three branches of this unit and what each handles were described
  • Discussion Topics
    • Pharos Beacon Issues
      • Pharos issues were discussed
      • Stated that all issues were currently being worked toward resolution
    • Laserfiche Document Management/Workflow System
      • Stated that document management/workflow systems are on campus and functional but not operational
      • Systems should be operational within the next month

Discussion on these systems

InfraSec 01.13.16 Minutes

 

Attending:

Sandy Robinson, Jason Maslanka, Lisa Blake, Kevin Shalla, Frank Cervone, Andre Pavkovic, Phil Reiter, Kevin Price, Ron Fernandez, Ilir Zenku, Cynthia Herrera Lindstrom, Miguel Martin, Allen Randall, Mike Kirda, Dean Dang, Bala Ramaraju, Vinay Surpuriya, Mark Goedert, Therese Molina, Josh Naylor, Marcin Hiolski, Ed Zawacki, Sandeep Dath, Chris Barton, Kelly Block, Ernesto Reyna, Ashok Bennet, Dan Pollack, Brian Ng, Lalo Camacho, Dale Morrison, Heather O’Leary

  • Subcommittees
    • Accessibility
      • Working with vendors on accessibility issues for athletics and others
    • Risk
      • Working on updating unit status, ACCC/AITS update to risk assessment, and proposals
    • Security
      • Timeline is being pushed back due to delays
    • Digital Signage
      • Group’s relevance was questioned
      • Group’s goals were discussed
  • New Business
    • Web Governance
      • Due to concern about governing UIC’s new webpages, a new group will be set up to create a charter
      • New charter will be brought to existing group for discussion
    • Burwood Report
      • Burwood report was discussed
      • Update will be in March
  • Old Business
    • HR Resolutions
      • A more detailed response to the resolutions was requested
      • An advisory group that includes an ITGC representative will be created to work with HR
      • Discussion on representative
    • Risk Management/Assessment Proposals
      • Proposals were approved by the council and will be sent to the provost
  • Chair’s Report
    • IT Governance Council
      • Risk proposals and bylaws were addressed
    • IPSC and HIPAA
      • Discussion on HIPAA liaison role as well as different policies
    • InfraSec Planning – Services and Gaps-
      • Discussion on different approaches to identifying gaps
      • Will be addressed at next meeting
  • Unit Spotlights
    • AITS
      • Brief overview of AITS was given
  • Discussion Topics
    • Office of Procurement Diversity Presentation
      • Brief overview of the procurement diversity office’s role at the university was given
      • Discussion on how to address diversity vendors and the RFP
    • Email Rejections and O365
      • Discussion on number of UIC accounts that have recently been compromised
      • Discussion on transition to Exchange Online
    • Data Privacy and Security
      • Discussion on policies and data ownership
    • SCCM
      • Discussion of responsibility and location of the SCCM shared service