Attend: Glover, Hamm, Head, Heintz, Jacobsohn, Miller, Van Kan

Absent: Asmus, Bal, Connors, Gorski, Shelly, Squire

Guests: Chris Lupton, Cathy O’Bryan, Sandee Sieberlich, and Bex Quigley (ERO)

1. Approve minutes. MSC-minutes approved as written.

2. DoIT's Engage Program (http://engage.wisc.edu/)–Chris Lupton

• Develop best practices
• 2 year cycle
• Collaboration with faculty to evaluate effectiveness of teaching and learning technologies.

3. Campus Email/Chat/Calendaring (ECC) Group- Cathy O’Bryan and Sandee Sieberlich

• Wiscal coming to the end of its natural life-span
• Taking a new look at entire collaborative suite
• Many vehicles in place for feedback to be included in RFI
• Committee architects from across campus
• Solutions for faculty/staff and students may be different
• Migration timeline one reason for extended changeover timeframe
• Big three- chat, email, calendar

See handouts at end of document

4. Network Connected Devices Policy Discussion -Bob Glover

• Security main issue
• Domain
• Consistent use
• Many PI is WCER use Mac based “time capsule”
  • Set up to act as wireless
  • IP collisions
  • IP accessible
  • Multiple users/same IP (party line)
• Engineering has policy on devices (see attachment)
  
  • “Mac address restriction” (MAC = Media Access Control)

5. Wrap-Up - Issues Dan will continue to pursue
Security Letter -- still pursuing, though also planning meeting with chairs over the summer, and Identity Finder will be a point of discussion.

Hardware Replacement -- continue to work on a model to present to ITPAC for discussion. The goal is to standardize this entitlement where appropriate.

Manifesto -- There are a number of items to complete, including one subcommittee formed to discuss start up resources

SSCC Policy -- Establish a policy on the use of this system for people not affiliated with the School. Email Letter -- Send a letter to DoIT stating that this committee believes backup is part of the entitlement service for providing email

Passwords -- Connect with faculty/staff using old/insecure passwords and ask them to change them, per campus policy

Lecture Capture -- Establish SoE policies that could layer on top of campus and DoIT policies

Adjourned 1 pm

Next meeting September

Minutes submitted by Tammi PM

Attendees:  Bal, Gorski, Hamm, Head, Heintz, Hoyt, Jacobsohn, Miller, VanKan

Absent:  Connors, Squire

Guests:  Brenda Spychalla, Brian McNurlen and Jan Cheetham

1.  Approve Minutes - Unanimously Approved

2.  APC - charge finalization

• Dan shared with the committee that the charege had been presented and approved with minor language clarification.  Basically adding IT into the statements to clairfy it wasn't the School but rather IT. See http://itpac.education.wisc.edu/page/ITPAC-Charge.aspx for final version.

3.  Security Letter (Infrastructure)

• Your perceived value?
  • Good, I like the concept that we're all involved and responsible (not Just MERIT)
  • Not sure the risks are understood (How long does it take to crack a weak password?)
  • We need more information on how to create and manage new/strong/multiple passwords
  • Make it easy to follow and comply with the policy
  • Recommend products available to CIO for folks with multiple passwords to manage (ex. Mac has built in functionality called keychain)
    • Claude pointed out a flaw with keychain - when a reboot with a disk is done, the system will ask if you want to recover your admin password - access to keychain is then available.
  • Products available for Windows are many and varied - some sifting and winnowing are called for.  Recommendations needed.
  • We want to minimize risk, elimination is impossible
    • Change passwords yearly?
      • Not required by University
      • Good idea?  Probably
      • Way around the "grandfathered" weak passwords
  • I feel this letter is not reflective of the strong policy voted on by the committee
  • The letter is full of good recommendations for those good citizens looking for guidance - any other thoughts?
  • Maybe a pointer to the article outlilning threats and solutions
    • Dan Jacobsohn asked the committee if they would be signatory's on a redrafted letter of security.  Helping illustrate the committee representatives' involvement on their SoED Department behalf.

4.  WiscMail vs. WiscMail Plus entitlement levels

•  
  •   Is this a service we should be offering?
  • Who should get access?  (Who gets WiscMail Plus now?)
• Both use the same infrastructure
• Provisioned at 200KB and 1GB respectively (additional storage available - up to 3GB)
• MERIT supports both
• Role based accounts available through WiscMail Plus domain only
• wisc.edu accounts are not backed up (most people are not aware of back-up issues)
• DoIT provides Bucky Back-Up Service for emergency recovery
  • 14 day window to resotre ($1.25 per acct)
    • very responsive to requests
    • No appreciable difference in cost between 7 and 14 day recovery time-frame
• WiscMail Plus domain houses 872 items for 423 users - includes 121 role accounts and 320 alias [no charge]
  • Monthly that translates to $680 account charges; and back-up for $2526.15=$3206.15 total per month (or $36,000 a year.  What is the value added to maintain for that cost?)
• Are there more economical ways to backup?  (we save money by not backing up)
  • Local back-up
  • Store on the individual machine
  • Folders on shared network
• Places responsibility on users to be educated on methods and back-up tools
  • How often do people lose things?
  • What are the risks of going without?
• Do we continue this way?
• Do we continue at all?
• Cost plays heavily into whether or not changes take place
  • Who is entitled to the service? (increased@education = increased $in backup cost)
    • If that # of users changes (+cost) from $36,000 to $50,000 that’s money out of SoE for the service
    • However there is a value in @education as a branding tool
  • Do we know anything about the relation between amount of data and the cost to back-up
    • Jeff used the example of his 10,000 e-mails
    • If the cost was more apparent or known perhaps even fewer would be saved…?
    • If we can’t reduce cost…?
    • Is the service worth providing?
    • Different users have different styles of use
    • Making users aware of cost and services provided may be key
  • How are things archived?
    
    • Locally on Hard Drive
    • Local folders on SoE share drives??
  • Archive vs. Back-up
    • Is there value in detailed user instructions to archive daily?
    • Less secure on the local drive
    • More secure on the network drive
  • Network Drive Storage: Cheaper?
    • $20,000 per month via Do-it
  • Dan pointed out this is an unusual way to provide a service since any changes w/in SoE would result in a loss of revenue for Do-it
  • So if back-up amount was scaled back would there be enough cost savings to warrant the change??

5.  Lecture Capture (Entitlement)

• The committee viewed the lecture capture video
  • Policy Questions
    • Who owns the recordings?
    • SoE back-up recordings?
    • Entitlement
• Rooms in SoE currently enabled with the technology are 150 & 196
• Further discussion tabled until next time

6.  Action Item Follow-ups

• Review status of action items from our discussion
  • [Dan] Pursue the addition of students to the group.  I will follow up with Jeff Hamm on this.
  • [Dan] Take action on the charge to make sure we are in compliance on grandfathered passwords -> See letter of security discussion item #3
  • [Dan] Figure out the number of computers in the School that are part of the entitlement (replacement lifecycle).  I've been working with Melissa Amos-Langraff on this.  It is more complicated than one might think on the outset...still in progress
  • [Dan] rewrite and resubmit sections of the 'manifesto' planning document-In progress
  • [Tammi -> Dan] Bring up the offer to work with the International Education Committee in a substantive way- Dan will meet with IEC Committee March 10th
  • [Bob, Peter, others] Form a subgroup to re-write/rethink item 4: "The School should develop a technology/infrastructure impact statement for each potential hire." In progress

7.  DoIT Academic Technology Group Service Offering

• Brian McNurlen and Jan Cheetham from DoIT came as guests and presented to the committee. They are both associated with Do-its academic technologies unit. The group who is responsible for Learn @UW among other things. They have both been involved with tying technology to research for many years.  Here’s a summary of their presentation from their hand-out:

• “Digital tools, new software, and cyber infrastructures are increasingly important components of research approaches in all fields. Many grants are awarded for the development of novel technologies that enable new types of discovery. Often, these proposals are strengthened by initial work demonstrating the potential of a particular technology for a given research approach. DoIT has an initiative underway to assist UW researchers with developing their ideas for novel technology approaches into a proof-of-concept stage demonstrating the feasibility of the approach as well as the availability of campus expertise for future development and design work for the project. Some examples of possible proof-of-concept projects include:
  • Data modeling for a database to enable data collection or data analysis by collaborators at multiple locations
  • Developing algorithms for searching across digital objects and methods for archiving these algorithms
  • Preliminary designs and usability analysis of digital interfaces for data visualization
  • Prototypes of tools for instructional approaches based on learning theory

• DoIT can provide a modest amount of design/development services to develop prototype applications and help write portions of grant proposals detailing development and design processes and costs. Please contact doit-grant-consulting@lists.wisc.edu for more information.”

• Jan gave some examples of projects they have been involved with including;
  • Project Bamboo
  • The Engage Grant
  • Citizen Scientist “Dead Animal Tracking” Project through the Nelson Institute
  • Workflow process for data-feeds with the “Weisel group” ???

Meeting Adjourned - 1:00PM

Next Meeting:  February 23rd - 11:30-1:00p

Present: Asmus, Bal, Glover, Gorski, Head, Heintz, Hoyt, Jacobsohn, Robinson, VanKan

Absent: Shelley, Squire

1.   Approve minutes from-October 26, 2010

MSC-To accept minutes as submitted

2. Charter- (choice # 3)       

ITPAC:

• helps determine SoE entitlement services, 
• collaboratively develops an actionable vision of future SoE IT services, and 
• debates and ultimately promotes policy decisions to member departments and units      

MSC-To accept Charter statement #3 as above.

3. 'The Manifesto' – tabled (MSC)

4. Discuss broadening membership parameters to include students.

a.     Surprised there are none.

b.     Offer valuable perspective

c.     Makes shared governance more consistent

d.     Both grad and undergrads

e.     Go through ASM (Associated Students of Madison)

MSC-ITPAC will include students in future, CIO will explore ways to implement

5.      Infrastructure: Connectivity, & Security

a.     Passwords

i.               How often changed

ii.              Enforced? (No)

iii.            Strong passwords needed

iv.            Withstand social engineering attacks

v.              Some non-compliant passwords “grandfathered”

vi.            Consequence we are out of compliance with U policy

b.     Ways to fix

i.      Automatic (sign in w/ weak password, shuttle user to change page)

j.      Remind all that w/in network it helps no-one to have weak passwords

k.     Helpful to have something to share within departments (perhaps a committee written blurb)

MSC-ITPAC directs the CIO to fully implement the University password protocol within the School of Education.     

6. Basic Services (SoE and DoIT entitlement services)

            a. affiliation gets you xyz

            b. 0 fee services

c. list of software

d. Merit seeks more clear governance from SoE over software available

e. Help with what is needed by most

f. How will services be apportioned?

g. Need statistics for usage

            i. Easier to see trends

MSC-To table this discussion due to lack of time

7.   Custom support, planning, and collaboration

            a. Support research outside WCER

            b. Software costs

            c. Web sites

                        i. Programming

                        ii. Administration

d. Automation

            e. Distance Education

            f. Bring customer up IT hierarchy

MSC-Adjourned