Upcoming Change to OneDrive Storage Limits

• October 22nd, 2024
• in Software News

The Office of Information Technology (OIT) is adjusting OneDrive storage for individual users. Starting October 30, 2024, OIT will reduce OneDrive storage capacity from 5TB to 250GB per user in compliance with Microsoft’s updated storage limits.

This change will only impact users whose storage is below the 250GB threshold. 

Power users—those nearing or exceeding the 250GB limit—will not be affected by this adjustment at this time.

If you believe you are approaching the threshold or have concerns about your storage needs, please submit a ticket with the IT Service Desk at itsd@ua.edu to discuss options and ensure your storage remains uninterrupted.

OIT AI Pilots: Exploring the Future of AI at the University of Alabama

• October 1st, 2024
• in Software News

As generative AI tools rapidly evolve, faculty and staff at The University of Alabama are facing new challenges and opportunities. While many AI tools are making their way into higher education, not all offer the level of data protection required to safeguard university information. To better understand the potential benefits and risks of these technologies, the Office of Information Technology (OIT) recently conducted pilot programs on two prominent AI tools: Microsoft 365 Copilot and Otter.AI. The goal was to evaluate their functionality, security, and feasibility for campus-wide use.

Microsoft 365 Copilot Pilot

The first tool under review was Microsoft 365 Copilot, which integrates generative AI into the Microsoft 365 suite. This AI leverages Microsoft Graph technology to tailor outputs based on each user’s data access permissions, adding an extra layer of security. All prompts are processed by a private instance of Microsoft’s large language model (LLM), providing an added assurance of data protection.

For this pilot, OIT engaged 35 staff members across various roles, including content creators, designers, and management, who used the tool for two months. Throughout the first month, short training sessions were offered several times a week to familiarize users with Copilot’s features. Surveys were also conducted at different stages of the pilot to capture feedback on user experience.

The results were mixed. While Copilot offered some helpful functionalities, such as email coaching for sentence restructuring and image discovery, the tool still had limitations. For instance, it often altered email tone in a way that was not always helpful, and written communications generated by Copilot required significant edits. Many users indicated that more training on how to prompt the AI was necessary to maximize its effectiveness.

From a security perspective, Copilot was approved for use without restrictions, making it a safe option for the university. However, the cost—$30 per employee per month—would need to be borne by individual departments. While OIT found some useful features, the overall return on investment (ROI) was hard to quantify, leaving departments to weigh the costs and benefits.

Otter.AI Pilot

Next, OIT assessed Otter.AI, a generative AI tool for virtual meetings that offers transcription, note-taking, and summarization capabilities. Similar to Read.AI, which was previously prohibited on campus due to security concerns, Otter.AI aims to make meeting management more efficient by generating notes and action items. It even includes an “OtterPilot” feature, which can attend meetings in place of an employee.

In this one-month pilot, 20 employees used Otter.AI, receiving training from both OIT and an Otter.AI representative. A survey at the end of the pilot revealed that Otter.AI’s transcription quality was fair-to-adequate, but there were some drawbacks. Users frequently had to identify speakers manually, and transcription quality diminished when multiple people spoke at once. Additionally, action items were sometimes incorrect, and Otter.AI struggled with accents.

Compared to Microsoft 365 Copilot’s transcription, most users found Otter.AI to be less reliable. The pilot concluded with a decision to allow the professional and business versions of Otter.AI on campus, but only with restrictions. Sensitive or restricted data should not be used with the tool. The free version of Otter.AI was prohibited due to security concerns.

Moving Forward with AI at UA

The AI pilot programs provided valuable insights into how tools like Microsoft 365 Copilot and Otter.AI might fit into The University of Alabama’s technological ecosystem. While both tools showed potential, they also highlighted the importance of thorough training, understanding limitations, and assessing security risks before implementing AI solutions on a broader scale. OIT remains committed to exploring innovative technologies while ensuring the protection of UA data.

As generative AI continues to advance, these pilots mark the beginning of a thoughtful and informed approach to integrating AI tools into the university’s operations.

Otter.AI Pilot

• October 1st, 2024
• in Software News

OIT assessed Otter.AI, a generative AI tool for virtual meetings that offers transcription, note-taking, and summarization capabilities. Similar to Read.AI, which was previously prohibited on campus due to security concerns, Otter.AI aims to make meeting management more efficient by generating notes and action items. It even includes an “OtterPilot” feature, which can attend meetings in place of an employee.

In this one-month pilot, 20 employees used Otter.AI, receiving training from both OIT and an Otter.AI representative. A survey at the end of the pilot revealed that Otter.AI’s transcription quality was fair-to-adequate, but there were some drawbacks. Users frequently had to identify speakers manually, and transcription quality diminished when multiple people spoke at once. Additionally, action items were sometimes incorrect, and Otter.AI struggled with accents.

Compared to Microsoft 365 Copilot’s transcription, most users found Otter.AI to be less reliable. The pilot concluded with a decision to allow the professional and business versions of Otter.AI on campus, but only with restrictions. Sensitive or restricted data should not be used with the tool. The free version of Otter.AI was prohibited due to security concerns.

Microsoft 365 Copilot Pilot

• October 1st, 2024
• in Software News

The first tool under review was Microsoft 365 Copilot, which integrates generative AI into the Microsoft 365 suite. This AI leverages Microsoft Graph technology to tailor outputs based on each user’s data access permissions, adding an extra layer of security. All prompts are processed by a private instance of Microsoft’s large language model (LLM), providing an added assurance of data protection.

For this pilot, OIT engaged 35 staff members across various roles, including content creators, designers, and management, who used the tool for two months. Throughout the first month, short training sessions were offered several times a week to familiarize users with Copilot’s features. Surveys were also conducted at different stages of the pilot to capture feedback on user experience.

The results were mixed. While Copilot offered some helpful functionalities, such as email coaching for sentence restructuring and image discovery, the tool still had limitations. For instance, it often altered email tone in a way that was not always helpful, and written communications generated by Copilot required significant edits. Many users indicated that more training on how to prompt the AI was necessary to maximize its effectiveness.

From a security perspective, Copilot was approved for use without restrictions, making it a safe option for the university. However, the cost—$30 per employee per month—would need to be borne by individual departments. While OIT found some useful features, the overall return on investment (ROI) was hard to quantify, leaving departments to weigh the costs and benefits.

Upcoming AiM System Upgrade: What You Need to Know

• October 1st, 2024
• in Outages, Software News

The Office of Information Technology (OIT) will be performing an essential upgrade to the AiM system this October. Please take note of the following details to prepare for the scheduled downtime.

Upgrade Schedule:

• Start: Friday, October 18 at 5:00 PM
• End: Sunday, October 20 at 9:00 PM

During this window, the AiM system, including AiM Mobile and all reports or interfaces that rely on AiM data, will be unavailable. It’s essential for each department to review how this may impact your specific applications and workflows.

We recommend that department heads and team leads notify any employees who may be affected by this downtime to ensure minimal disruption to daily operations.

Questions or Concerns?

If you have any questions or need further assistance, please contact Jim Smith, Director of IT Operations Support and Process Development, at 205-348-5374 or via email at jhsmith7@ua.edu.

Thank you for your understanding and cooperation as we work to improve the AiM system for everyone at UA.

Auto-Archiving of Emails for UA Accounts

• September 25th, 2024
• in Software News

As part of our ongoing efforts to improve and maintain our email services, The University of Alabama’s Office of Information Technology will begin auto-archiving emails over two years old for all students, faculty and staff. This decision was made after a successful pilot with alumni, retirees, OIT staff, and the IT Forum.

Starting October 10, 2024, any email older than two years will be automatically moved to a new “Online Archive” folder in your inbox or other folders. This change is designed to help you manage your inbox more efficiently while ensuring that your important messages remain accessible.

Key points to note:

• Auto-Archiving Process: Emails older than two years will be moved to the “Online Archive” folder. This process will be a phased approach so you may not experience an immediate difference.
• Access: You will still have full access to these archived emails. They are not being deleted, only moved.
• Search: You can search within the “Online Archive” just as you would with your primary inbox.

For more detailed information about this update and how to access your archived emails, please visit the OIT Knowledge Base.

If you have any questions or need assistance, please do not hesitate to contact the IT Service Desk at ITSD@ua.edu or 205-348-5555.

Mobile Application Management Deploying to UA Faculty

• September 9th, 2024
• in Software News

OIT will deploy security enhancements to protect UA data on Microsoft mobile device applications starting September 16. 

OIT will use Mobile Application Management (MAM) to protect UA data in University email addresses connected to Microsoft applications on mobile devices. 

Security enhancements include: 

• User authentication via PIN or biometric data, such as fingerprint or facial recognition, will be required to open Microsoft mobile apps connected to UA email accounts. 
• If a mobile device is lost or stolen, OIT can remove UA user data remotely. If data is removed, it will still be accessible from other devices and can quickly be restored to the original or new mobile device by logging into the apps again. 
• Restrictions will be placed on how UA users can store UA data on personal mobile devices. For example, users won’t be able to backup data to a personal account (i.e., iCloud). 

These MAM security enhancements do not apply to any personal accounts in Microsoft mobile applications. OIT cannot see or track personal information or data outside the UA user’s Microsoft account. 

How to Setup 

The setup process differs for iOS and Android devices.  

For both device types, upon opening a Microsoft mobile app for the first time after September 3, you will see a notification prompt that says, “Your IT Administrator is now helping you protect work or school data in this app.” 

iOS Users

 iOS users will be prompted to create a PIN within Microsoft apps connected to their UA email. After that, each time you open the app, you will be prompted to enter the PIN or use a biometric login, such as facial recognition or fingerprint to launch the app. 

Android Users

Android apps do not have a management layer that is needed for UA to put restrictions on UA data storage, etc. Because of this, you will be prompted to download the Intune Company Portal app. Once the app is downloaded and you have logged into it using your myBama credentials, you will be prompted to create a PIN. After that, each time you open a Microsoft app such as Outlook, you will be prompted to enter the PIN or use a biometric login, such as facial recognition or fingerprint, in order to launch the app.  

Note: When installing the Intune Company Portal app, your Android device will prompt you to grant or deny certain permissions for the app. The permission prompts, which are generic and the same for all Google apps, don’t necessarily reflect what the app will actually do. All permissions can be denied and the app will still work as intended to protect UA data. For details on what each of these permissions mean, see the FAQ on OIT’s mobile application management web page. 

For FAQs and more information on these security measures, visit OIT’s mobile application management web page.

Banner and Related Apps Unavailable August 18

• July 29th, 2024
• in Software News

OIT will perform upgrades to the Banner platform starting Sunday, August 18, 4:00 a.m. until 10 a.m. The following related services will be unavailable during the upgrade period:

• Banner Student Self-Service, including course registration (ability to register for new courses or drop courses); viewing student records such as transcripts, grades, and financial aid; updating personal contact information
• Banner Employee Self-Service, including monthly leave reporting and viewing leave balances
• MyBama, DegreeWorks

If you have any questions or concerns, contact the IT Service Desk at 205-348-5555 or itsd@ua.edu.

myBama Upgrades – August 10

• July 29th, 2024
• in Software News

myBama will be unavailable Saturday, August 10 from 7:00 a.m. until 8:00 a.m. for minor upgrades. A myBama maintenance page will be available with links to essential services during the maintenance timeframe, and all services will be restored upon completion of the upgrades. If you have any questions or concerns, contact the IT Service Desk at 205-348-5555 or itsd@ua.edu.

How OIT Resolved a Critical Incident with Crowdstrike and Enhanced Security Protocols

• July 24th, 2024
• in Outages, Software News

On July 19, 2024, at 4:09 UTC, The University of Alabama’s Office of Information Technology (OIT) faced a significant challenge when a defective Crowdstrike update caused a widespread disruption across campus systems. Crowdstrike, an industry-leading platform used by UA to protect servers from cyber threats, had released a Rapid Response Content update for Windows systems, which inadvertently caused many machines to crash and enter an endless reboot loop.

OIT personnel were alerted to server outages around midnight and swiftly mobilized a cross-functional team to investigate. Working through the early hours, OIT employees from the systems and security teams collaborated with Crowdstrike support and conducted independent research to find a solution. By 4:00 a.m., most systems had been restored, and the team continued to work with various campus units to resolve the remaining issues by 10:00 a.m.

What We’ve Done to Prevent Future Incidents

While OIT Security had previously set Crowdstrike to defer sensor updates for critical systems, this setting applied only to major sensor version updates, not to the nightly content updates responsible for this incident. Following this event, Crowdstrike has introduced new controls, allowing customers to defer content updates. UA has now adopted a staggered deployment strategy: updates are rolled out first to test systems, then to non-critical production systems, and finally to critical systems.

How Crowdstrike Has Enhanced Its Platform

In response to this incident, Crowdstrike has implemented a series of improvements, including:

• Enhanced software testing: Advanced testing techniques such as fault injection and stress testing are used to prevent similar issues.
• Improved resilience: Strengthening error-handling mechanisms in the Falcon sensor to manage content-related errors gracefully.
• Refined deployment strategy: Introducing a staggered rollout, with a small canary system deployment and increased monitoring of system performance during updates.
• Third-party validation: Engaging independent reviews to ensure the quality of development and deployment processes.

The proactive measures taken by both OIT and Crowdstrike underscore a commitment to security, ensuring that UA’s critical systems are better protected from future risks.