CIO Blog

Governance Structure

CIO Blog: Governance Structure

CIO blog

This past summer and fall has been very a busy time for the University and for OIT. We have witnessed the transition of the Bryce properties to UA and the completion of many new facilities on the campus. We have increased our workload in all areas without an increase in staffing levels. This has placed a significant burden on all of us and has led to a focus being placed on operational capabilities at the expense of strategic visioning. It is time for us to balance the operational with the strategy most certainly at the executive team level.

In order to accomplish this we plan to focus on the build-out of the Annual Work Plan that will project our vision and strategy to meet the demands of the University’s technology requirements for the next 2 years. We had established a roadmap for the past 2 years and we have completed much of what we had set out to do. However, the ad hoc demands from across the campus can influence how we go about accomplishing our tasks. Instead of a straight path as we envisioned it is often indirect and in some cases circuitous.  Witness the replacement and extension of our fiber plant; it was influenced by the requirement to reach all athletic venues for support of our television station. We did accomplish what we wished to complete but rather indirectly. That is the nature of the IT organization. We must be resilient and able to accommodate even when we have established our plan.

It must be said that we cannot operate in a vacuum and for that reason the Governance Structure of the University (see Diagram) with respect to IT becomes very important. We have established a structure that involves the participation of many members of the University community and various interest groups. It is in the process of being revised. The IT Committee is comprised of faculty and staff from many areas of the University and represents a major committee for the development of and review of IT guidelines. ITAC represents the IT individuals in each of the Colleges or administrative areas of the campus. Associated with it are special interest groups, SIG’s, which provide input to OIT. For example, the Security SIG is very active and meets regularly under the guidance of Ashley and the Security Team. The Teaching Learning Committee, TLC, is very active and is focused on the technology and learning environment. Both the IT Committee and TLC are comprised of members that are appointed by the President. In addition, a relatively new committee related to IT and research has been formed. It will begin meeting shortly and is the Technology Research Advisory Committee. The Vice President for Research is supportive of this Committee.

Therefore we will not be planning in a vacuum as we build out the planning process for the next 2 years. It represents an exciting time to be involved in the build-out and support of IT for the University of Alabama!

 

One Community

CIO BLOG: ONE COMMUNITY

                    pic1

Digital Tuscaloosa The Connected Community Concept

Several years ago Tuscaloosa, Birmingham and Huntsville were hit by one of the worst storms in recorded history. A Category F4 tore through this area while Huntsville suffered from a Category F5.  All areas suffered significant damage and loss of life. Weeks after the storms Chancellor Portera requested that the Presidents of the three UA System Universities and the Mayors of each city met in Birmingham with myself and Lev Gonick (VP & CIO at Case Western University) to discuss the rebuilding with the possible incorporation of an advanced network infrastructure into the process. The concept of building what has been termed a digital city or a knowledge based community is not new. However, to be able to take advantage of disaster recovery for the build-out of the cyber infrastructure and incorporate the laying of fiber to the premises is new.

The meeting was well received but the changing of the guard within the University System led to the decline of interest in the possibility of becoming digital communities.

Several years have passed since the initial meeting. Last summer the Executive Vice Chancellor and I met with Mayor Maddox and several of his staff to discuss the reemergence of the “Digital Community” concept. It was decided that the Mayor would host a special luncheon and invite key stakeholders to discuss the concept and gain support for the initiative. Mayor Maddox convened a meeting with the representatives of the education, healthcare, government, legal, and, the UA System. President Bonner, Chancellor Witt, Executive Vice Chancellor Hayes and myself represented the UA constituency.

It was decided that we would jointly become involved in the initiative and that a team of individuals would travel to Cleveland, Ohio to visit with our counterparts who had been involved in the One Cleveland Project. This project is one of the models for the United States and led to the build-out of the cyber infrastructure to provide fiber to the residences, businesses, hospitals, clinics, schools, pharmacies, libraries and museums. The Symphony Hall and all government buildings were connected as well. It truly is a digital city.

Several weeks ago 14 individuals from various agencies, businesses, and educational institutions took an overnight trip to Cleveland to experience this digital city. We met with museum directors, the Mayor, members of Case Western University, the University Hospitals, the Cleveland Clinic, and teachers from K-12 school system. Emergency Management Services from all agencies were also present.

 pic2

 

So what does this all mean for Tuscaloosa?  What would be the benefits of becoming a connected community?

The vision of this initiative was derived from the following diagram, which is part of the Tuscaloosa Forward document.

pic3

 

This diagram translated into the following vision statement for the Tuscaloosa Forward initiative:

To courageously create a showpiece of quality of life through vital and unique neighborhoods that are Healthy, Safe, Accessible, Connected and Sustainable.”

 

 

pic4

 

 

 

 

pic5

 

The project is in its infancy but it is intended to continue to focus on its growth and development. Funding for this initiative will be through the National Broadband initiatives that provide assistance to communities interested in this enabling possibility.

 

I will keep you informed.

 

pic6

 

 

 

 

 

Risk Assessment

CIO Blog
Risk Assessment

Dear Colleagues,

Today’s IT environment is changing more rapidly than at any time before. In fact many of the technologies that we now take for granted were not in existence even 5 years ago. Consider the iPad and the wireless device
onslaught of these years since we installed wireless across campus. We built a high capacity infrastructure that is now crippled by BYOD. Everyone has more than one wireless device and they are all “on” at the same time. We have over 100,000 devices that connect to our network and that is rather troublesome. It affects not only our performance but is a significant security risk. This brings me to a point for consideration because not only has our IT infrastructure become more taxed but our security responsibilities have become much broader.

In order to address the security concerns OIT, last fall, hired Paco Diaz who came to us with an extensive IT auditing background. We immediately began the process of evaluation of our IT security risks through a process of Risk Management and Assessment. This represents a strategy to detect and prevent, or at least minimize the effects of serious risks associated with the management of information assets, proprietary information and intellectual property. The process is rather detailed and involves assessing and evaluating risks, implementing risk mitigation based upon severity, and measuring the results of the mitigation. It is a process that becomes an on-going part of the development of a critical security tool within our organization.

It is important for all of us to understand the value of this risk assessment. Failure of any institution to perform a thorough and honest risk assessment or to act appropriately on the findings of an assessment represents a breach of responsibility for the executive leadership of OIT as well as UA. One of the most critical elements of an assessment such as this is that it does not represent a direct cost but rather an indirect one; i.e. at least for UA. We have heavily invested in security and networking jointly as well as in our data centers. As an indirect cost it will weigh heavily on you, the staff of OIT. Documentation of processes, the development of policies and
procedures, and the implementation of these means a change in the culture and an added mandate from the Executive Team.

We have completed a first phase draft of the Risk Assessment tool and populated it with 302 risk scenarios that map into NIST (the National Institute of Standards) and CCA (Consortium for Cyber Security Action) critical control elements. These are the control elements defined by NSA, CIA, FBI, and SANS. We have also identified contributing and mitigating risk factors and the estimated mitigation efforts for the scenarios.

An estimate of residual risk is used to indicate how effective the mitigation is expected to be. The distribution of risks is indicated below and is based on the Risk Management process.

riskassess

Notice that the security, compliance, and operational risks are predominate and that many of these relate to the need for the establishment of enforceable policies and procedures.

Our assessment will be presented to the Property and Causalities Committee of The Board of Trustees for the February meeting. It is an exciting and demanding time and I know we are willing to be at the forefront on IT Security!

Time of Transition

CIO Blog
A Time of Transition

Dear OIT Team Members,

It has been several months since I have communicated to all of you regarding the organization, its initiatives, and the strategic direction(s) that will influence our future. All of us have been quite aware of the fact that two major objectives have dominated our efforts; the first related to the improvement of the organization and the strengthening of our skill sets, and the second to the strengthening of the cyber infrastructure, whether it be regarding the Banner upgrades, eLearning migration to a hosted environment, or network build-out and security. So we have focused and indeed focused very well.

Witness what has just been accomplished. The Disaster Recovery initiative was one whopping success! We are one of few universities in the country that has the capability of completely failing over to another site with the high availability and redundancy components in place and fully tested and documented. That became a concerted effort from all of you!
However, as we move forward we face new challenges brought about by the changing dynamics of the senior leadership of the University. We have a new President, and at this time are awaiting the appointment of two key executives. The Provost and the Vice President for Research are critical positions that will affect the direction of technology for the campus and most certainly alter our strategy in the future.

The Provost will significantly influence the academic component of The University. It will most certainly become more dependent on technology for eLearning and on-line capabilities. Student, faculty and staff expectations of what technology should provide to them will only increase and a new Provost will approach what this academic experience should look like. I would expect that multimedia utilization would be significantly enhanced as students transition away from the traditional classrooms to those that are “flipped” or driven by on-line content provisioning. In addition, in order to address the subject of academic continuity, as we have business continuity, courses must have content on-line. It opens up a new world for course delivery!

The Chancellor and the Board have stated that research will be a major priority for this University as it moves forward. The VP for Research is an essential position that must be filled by someone that has significant experience as a researcher and as an administrator, and has the contacts
with the granting agencies. Technology and the use of advanced cyber infrastructure such as HPC and Internet 2 are critical infrastructural tools for the collaborative research that must accompany these efforts as we progress toward becoming a major research University. That means that the infrastructure that we have built out for the University will be efficiently used and demand will push us to provide more capacity.

So hold on…. The ride is about to commence! Change is the norm!

OIT Continuity of Operations

A Bottom-Up Approach to Weathering the Worst

The events of April, 27th, 2011 left an indelible mark on most of us.  While the city of Tuscaloosa suffered terribly along with so many individuals, families, and businesses, the UA campus stood stunned but generally unharmed.   Such a near-miss was a heavy line underscore to the importance and urgency of work already well underway in OIT at the time.  That work is generally referred to as Continuity of Operations or Disaster Recovery planning and preparation.

For OIT, Continuity of Operations refers to our ability to keep as much of the technology as close to full operational status as possible in the face of whatever events may occur.  Disaster Recovery (DR) refers to returning to full and normal operational status for those systems as soon as possible after a disaster event occurs.  These two concepts are different but very closely related.   We have been considering them both over the last two years and have made significant progress in addressing them in meaningful ways.  To be brief, we often refer to the whole effort as DR.

Thinking the Worst
We started thinking about what should be done to be better prepared by considering the kinds of scenarios we might encounter, identifying the most likely disaster scenarios and their relative impact on IT systems and services.  While there are many scenarios that could damage a part of the campus network, those that would have the biggest impact would be events that involved the primary data center.   That facility houses the servers, storage, and primary network equipment that are essential to delivering IT and telecommunications services and applications across the whole campus.  While our general network projects are continuing to improve network resiliency across the campus through redundant connections, there has not been a general redundancy model for data center itself, making it the highest risk for disaster impact.

What Matters Most
We began planning by surveying the services and applications that OIT provides and supports.  Our approach has been to do this in a bottom-up fashion, looking at the most basic services first, those on which all other services and applications depend.  Starting at the foundation, a host of specialized equipment supports various services required for the network to operate.  We have included all of these foundational services as well as primary communications and messaging services (Internet, email, and VPN) in the first phase of our Continuity of Operations project.

We have also identified mission critical applications and determined the physical equipment (servers, storage, etc.) that would be needed to support them.  This equipment has also been included in our initial phase of preparedness work.

A Home Away From Home
The right solution to mitigating the kind of risks we have identified is to create an alternative base of IT operations somewhere outside the greater Tuscaloosa area – a DR site.  We wanted it to be far enough away to reduce the likelihood of the same event affecting both Tuscaloosa and the DR site but close enough that personnel could get to the site within a few hours if necessary.  Since our primary and backup Internet connection circuits currently run through a secured, environmentally hardened, DR colocation facility in Atlanta, it was most practical and economical to select that facility for our DR site.

Recently, we completed the implementation of the foundation equipment at the Atlanta DR site.  This includes three fully loaded equipment racks containing routers, switches, firewalls, load balancers, spam filters, servers, and storage.  The equipment has been selected and configured to support the full range of foundation services and to ultimately host mission critical applications capable of being hosted off-site.

Making it Work
Having the equipment in place is one thing.  Ensuring that it will actually work and provide the intended protections is an entirely different matter.  We are beginning now to set up and document the intricate network routing configurations required to enable a fail-over process of network and security functions.  Some of the services run in real-time redundant mode.  Others will require the execution of an automated or semi-automated procedure to transition them in an event.  We will be developing testing protocols for each layer of services.

Once the network transition is assured, we will begin deploying instances of the applications to the DR site and devising the procedures for operational fail-over and fail-back for them.  This work is expected to continue throughout 2012.

In the meantime, we are realizing benefits from the having the DR site in place.  It is already serving as the off-site backup location for our primary storage backup processes replacing a much less efficient tape backup model.  Our email services are also now protected by redundant services in the DR site providing improved operational reliability for that platform.  Later we plan to use the equipment at the DR site for application development and testing and possibly as a reporting platform to ease the load on local systems.

Emerging Technologies Make Learning Easier

From generation to generation, parents feel compelled to tell the rising youth personal reflections from their old school days. These struggles, whether embellished or endured, often involve comments like, “Back in my day we walked 30 miles through snow, to and from school, with 50 pounds of homework on our backs.”

Today’s generation of students will probably have a hard time convincing anyone they ever had to carry 50 pounds of homework, thanks to technological solutions such as e-Readers, which provide a lightweight solution to a “heavy” problem, or online lectures, which afford the opportunity for students to never set foot outside of his/her dorm room (relatively speaking, of course).

Technology has evolved in indescribable capacities year after year. Students are now able to harness the power of laptops, netbooks, recorded lectures, virtual classrooms and much more. Here’s a sneak peak at top, useful technologies for which students everywhere should be thankful (and it may give you some gift ideas for the holidays).

Laptops, Netbooks and e-Readers:

e-Readers, such as the Amazon Kindle, offer customized textbook rental periods, alleviates clutter created from piles of old, unused books and has a lightweight body for hours of comfortable reading and studying. Laptops and netbooks both allow students to take notes while simultaneously surfing the web to find real-time answers/information for vivid classroom discussions, group meetings and more. These luxuries combined provide students with more efficient ways of organization and overall relief for their academic lives day-to-day.

Tegrity

Tegrity is a class capturing system that instructors can use to record lectures for their students. Instructors are also able to capture the contents of their computer screens during lectures. Students can create their own Tegrity recordings, bookmark various content in a recorded lecture, and communicate with each other from inside a Tegrity course while watching recorded lectures.

DegreeWorks

DegreeWorks is a Web-based tool for students to monitor their academic progress toward degree completion. DegreeWorks allows students and their advisors to plan future academic coursework.

This tool:

  •   Provides real-time counsel for degree-seeking students
  •   Potentially speeds time to graduation and/or streamlines the process
  •   Gives intuitive web access to self-service capabilities
  •   Allows direct access to multiple related services and advice through hyperlinks to catalog information, class schedules, transcripts, help desk services, & FAQs

The list definitely doesn’t stop here! What are some of your favorite technologies for which you’re most excited about using? Tweet us at http://www.twitter.com/OITatUAor post on our wall at http://www.facebook.com/ITatUA.

Sincerely,

Dr. John P. McGowan

Vice Provost and Chief Information Officer

Back in the Habit

Clothes, supplies, textbooks…you name it. The list could go on forever. Preparing for heading back to school can jump from fun and exciting to overbearing and stressful in seconds.

Luckily, students getting back in the swing of things with classes will be able to enjoy useful technology resources and alleviate some of the stress. Here’s a peek at some of the things available to you:

ResNet

The Residence Hall network (ResNet) provides student residents with a high-speed connection to the University’s network and the Internet within UA residence halls. It’s available to all students living on campus.

To configure your connection, make sure your laptop is off and use an Ethernet cord to connect it to the ResNet jack (likely orange) in your room. Turn on your laptop and run your Internet connection or setup or wizard—ResNet is a Local Area Network (LAN) with IP addresses assigned automatically. You will be prompted to register your computer the first time you attempt to access the ResNet network. Use the network connection tool provided by the manufacturer of your computer or wireless card to connect to the open UA ResNet Wireless network. For more detailed instructions visit http://oit.ua.edu/oit/services/it-service-desk/resnet/.

Sidenote: Be sure to stay away from using your own wireless router on ResNet. This will degrade everyone’s wireless service.

IT Service Desk

The IT Service desk offers a variety of resources for students. The best part is customer service agents are staffed 24/7 to provide technical assistance! Services and assistance include, but are not limited to the following services:

  • myBama access
  • Bama, Crimson, and departmental e-mail accounts
  • Mobile device configuration (Android OS, iPhone, etc.)
  • Computer repair/maintenance/virus removal
  • And more…

If you’re having computer issues, never hesitate to reach out to our Service Desk representatives and see what support they can provide. After all, that’s why we’re here. Click here for an inside look.

Free Antivirus Software

Cyber security is an integral focus of our office. We want to ensure that you’re always winning the fight against hackers. The University maintains a site license for antivirus software for Windows and Macintosh workstations and servers. The license covers all University-owned computers as well as computers owned by University faculty, staff, and students—free of cost. Click here for system requirements and further details.

In conclusion, relax! Take a breather. Heading back to school isn’t as stressful as you think—especially when OIT is working around the clock to meet your technology needs. Good luck with classes and here’s to a great semester! For a list of technology resources, visit oit.ua.edu.

Sincerely,

Dr. John P. McGowan
Vice Provost and Chief Information Officer

Technology Resources for Summer Fun

Don’t let summer cause bad technology habits to roll in. Using your UA resources may be a lifesaver for you this summer while you’re taking classes at a local college or needing anti-virus software to keep the summer bugs away.

First, if you’re taking summer classes away from UA, make it a point to stay connected with your research resources and databases provided by University Libraries. To do so, you must be connected to the UA network. Even though you’re miles away, if you connect your laptop or desktop device to the UA VPN, these resources will be right at your fingertips. Before you can use this service, you must first register http://oit.ua.edu/oit/services/it-service-desk/using-the-ua-vpn/register-your-bama-account-for-vpn-access/ your myBama account for VPN access. If you run any of the following operating systems, text and photographic step-by-step instructions are available at http://oit.ua.edu/oit/services/it-service-desk/using-the-ua-vpn/.

  • Windows Vista
  • Windows XP
  • Mac OS 10.5 (Leopard) & 10.6 (Snow Leopard)
  • Mac OS 10.4 (Tiger) & 10.3 (Panther)
  • Mac OS 10.2 (Jaguar)

Second, if you and your friends are planning extended vacations on the beach, at yearly camp sites or on luxury cruise lines, be sure to stay alert when arriving home from long weekends. Summer holidays are popular times for computer viruses to spread. Many users have a tendency to turn off their devices when away on trips. If you fit this category, it may mean you’re not getting newly-released anti-virus patches or anti-spyware updates. We recommend you update anti-virus and anti-spyware scans before opening e-mail or going online after an extended absence. Eligible users have access to these services, free of cost, here at the University of Alabama. To obtain access, visit http://oit.ua.edu/oit/services/software-licensing/mcafee-virus-protection/.

Sincerely,

Dr. John P. McGowan
Vice Provost and Chief Information Officer

Message From Dr. McGowan

Dear Colleagues,

Thank you all for contacting your supervisors as quickly as possible after the storm. We have now accounted for almost all members of the OIT team. Supervisors are encouraged to continue reaching out to their staff and student workers until contact has been made. For those who have access to the Internet, please check OIT.ua.edu for updates and on Twitter @bamarelief. Unless notified otherwise, it appears we will return to normal operations on campus by Monday as power is beginning to be restored today. For those of you who have experienced damage, please take the time you need to recover. You are in our thoughts.

Our colleagues in Huntsville are also experiencing extensive power outages and damage. I was in Huntsville on Wednesday during the storm that passed through the area. While the campus did not experience significant damage, the Research Park has. It was reported that power was out across all of north Alabama due to extensive damage to the Tennessee Valley Authority power stations. This means people of the area, including our UAH colleagues, are having difficulty communicating and obtaining food, water, and gasoline. They may be without power into next week. Please keep them in your thoughts as well. OIT staff from UA are communicating with UAH team members as it is possible.

Our community will continue to struggle with the aftermath of the tornados. Your participation in relief efforts will certainly be appreciated.

Our thoughts are with all of you during this very difficult time.

Social Media…What’s the Big Deal?

We’ve all the heard the buzz about it. Social media have pretty much taken over many aspects of our social circles. Whether it’s academically, professionally, or personally, most of us have gotten a dose by now, in some form. You may have seen the article in the April 11, 2011 issue of Dialog detailing social media’s impact on departments here at the University of Alabama.

At the institutional level, social media are shifting the process of communication dramatically as we open more and more doors to connect with external audiences. Furthermore, instructors are also grasping the use of this tool as they effectively reach students through social, online methods of engagement. Here at OIT we recognize this fundamental shift, and our goal is to better equip UA instructors for social media usage across a continuum of sources. Let’s get to it by answering a few common questions.

1) Where do I start?
Facilitating the use of social media in instruction and modeling how they are currently being used is a key function in OIT. When making your very first venture into instruction through social media, it’s common to wonder where you should start. Our Faculty Resource Center (FRC) may serve as a great starting point for you. By providing help with instructional tools such as e-Learning, Tegrity, and Wimba, the FRC will help you embark on your social media journey with the necessary resources. This year the FRC’s Faculty Technology Showcase included social media presentations on Second Life, Web 2.0 technologies, real-time online teaching, podcasting, and more. These are some of the resources we can help you use.

2) Is it secure?
Information security is a permanent priority in OIT. We will provide you with the information you need to use social media securely. To promote campus security and cyber safety, we observe events such as Cyber Security Awareness month. Check out our cyber safety website for a few guidelines and more information at http://oit.ua.edu/oit/security/.

3) Now that I’ve started, how can I keep up?
It’s easy. Our Multimedia Services department is another great resource for assistance with social media use, helping you with new technologies and approaches. Providing fee-based services for custom Web development, site architecture, Web design and production, photography, custom application development, and streaming media, this department functions solely by staying on top of major trends and remaining actively involved in any major developments in the world of social media. With our help, you’ll never skip a beat.

Think you’re ready to take a step forward and implement social media in the classroom? Contact us today to get started!

Sincerely,

Dr. John P. McGowan
Vice Provost and Chief Information Officer