ITC Meeting

November 10, 2006


Present:††††††††††† Jan Fox, David Johnson, Tom Hankins, Dennis Anderson, Frances Hensley, Arnold Miller, Barbara Hicks, Jon Cutler, Gary Anderson, Terri Tomblin-Byrd, Monica Brooks, Carol Perry, Herb Karlet



Fox:†††††††††††††††† Minutes of September meeting accepted



Updates:†††††††† The movie has affected hits to our web site, and we are increasing bandwidth.We are already seeing a 30% increase in internet traffic over last year.This is a crystal ball situation, we donít know what to expect, and no one has ever had this type of exposure and marketing from a movie before.We are having ongoing meetings to keep up to date on issues.When the premier opens it will be one of our last days before Christmas break with online testing and grades, etc., but we are trying to protect the internal market first and the marketing piece will be second.

††††††††††††††††††††††† The Marshall web site will have a marketing envelope around it with the 6 things the institution feels that are critical.


I think this year we will see real legislation that causes the demise of WVNet.WVU wants the land around WVNet and I think that will be an issue.


Iím on the K12 advisory group for 21st Century Skills and Advisory group on Virtual Learning.There was a meeting a couple of weeks ago.Iím not sure they are up to par on the virtual piece and Iím not sure their kids are getting a good online experience.They are outsourcing to a group in Florida.Even with that, their online delivery course was not working and no one seemed to know it.They couldnít do tests or discussions since the first of the year.


K12, legislatively will ask for an additional 40 million dollars in their base budget to handle technology.



Johnson:†††††††††† Update on Vista Version 3 to Version 4:We are working to determine what the issues will be in the conversion.We had substantial problems with the migration utility.Blackboard pulled it off the market until they can fix the problem.There is no realistic option to migration.We will test in the Spring until the new utility is out.We will be involved in beta testing.

Our goal is to make it a true migration.If migration works the way itís supposed to work, it will be seamless.We will have the product up and running for professional development in the Spring.

The next issue we have to deal with is that Blackboard will eventually come out with a hybrid system in a few years.We have to look out for the new versions.We wonít be pulling any surprises on anyone.


Faculty evaluations Ė we have been using the Flashlight online evaluation tools from the TLT group, but that is no longer able to support us.Flashlight canít support what we are doing.We have installed a new course evaluation system and are in the process of integrating it in with WebCT working on the authentication and sign on.The faculty development committee has asked that we not worry about the technology evaluation and just worry about faculty evaluations this time around.



Cutler:††††††††††††† We are dealing with the usual staffing and time challenges.



Anderson:†††††††† It seems to a number of us that the Marshall Home page is pretty awful; itís static and uninviting and needs to be more student-centric.Per Jan: it is being turned over to Marketing.We do not have a web developer at this time.If this is turned over to Marketing, we will not be involved.

There are also timing issues involved in changes in navigation.We canít make changes mid-semester.

Monica agrees; she has difficulties using the phone book.



Miller:†††††††††††††† There are whole levels of security issues we are dealing with.We are continuing to tighten down the system.We are starting to evaluate equipment to help us evaluate the attacks to the system.


We are making changes to the network.We have finished the RFP for a new wide area network for ourselves and upgrade the amount of bandwidth going into the various sites.With the prices quotes we have gotten back, we will be able to quadruple our bandwidth; it is looking very positive.

We are already buying internet access off the new contract.On Friday we will be testing bandwidth in anticipation of the Movie premier hits.


The state is going after a new network and there are a variety of issues related to that.This will intermix with the contracts we are now putting in place.We donít expect it to be functional until the middle to end of next year.


We are still dealing with last minute changes in networking in the BioTech building.


The campus networking and wiring update is completed with this round of money.



Francis has issues with the disruption next Friday.Per Arnold:we will have to change the way we get to the internet and the way people get to us via the internet.We will try to hold off until late afternoon to accommodate pre-registration.In the best world, we will only be down for 15 to 30 minutes.It may be up and down during the afternoon.There is concern that students will be finishing up classes and we would have liked to wait until the following Monday, but vendors do not feel that they will be able to adequately help us because of vacations for holiday on their side.

This should not affect on campus access.



Brooks:††††††††††† We have done really well with our new librarians, Nat DeBruin, Archivist and Sabrina Thomas, Education Librarian; they have hit the ground running.

We have had some illnesses and I have had to work in the Music Library.I am really proud of our Library faculty because they are probably the only department that hasnít come to blows over the faculty merit evaluation system.


Jingping reported that we have problems with our federated search engine.We are going to have to pull it, try to get our money back and purchase something else.


Our Serials Solutions program is also a bust.Our homegrown system was better.


The Public Library Technology degree is going well.Judy Shear is using our ideas at her new Community College.


We have librarians working on marketing for library services on both campuses.We have librarians doing all sorts of projects.


Found new equipment that will convert cassette to MP3 and LP to MP3.We are working on getting the oral histories that are sitting in Old Main.


TECI Classroom Issue



Johnson:†††††††††† The idea of the TECI initiative is to take the centrally scheduled classrooms and equip them with Sympodium, screens, projectors and audio for a standard teaching classroom.TECI was scheduled for period of years to equip 83 rooms.The first 6 rooms went in last year and the funding for this year is allocated out of e-course funding.The rationale is that with technology in the classroom, faculty will be more likely to put classes online.$200,000 has been set aside to outfit a few more rooms and funding for a position.The more rooms we add will require more support.The goal was to fund 4 positions (we have a proposal for one position right now).The handout shows rooms that have been equipped and those centrally scheduled that are in line for equipment.The second page and on are rooms that are eligible for TECI.

The first page shows rooms that went in over summer.SH 154 is also a fully equipped video conferencing room.

Our installer, Seneca, has gone out of business so we are regrouping.


Donna Spindel put together a focus group to identify rooms that needed to be funded.I have had to go back in and narrow it down a bit.I also tried to look at department that has priority for the rooms to determine the departmentís use of technology.


At this point, we will have to look at where funding is coming from to reprioritize and select additional rooms.


The History department had outfitted two rooms in Harris Hall; they have turned those back over to be centrally scheduled rooms.


The Psychology room has to be fit into the support structure because it already has some technology.


There were 10 rooms installed by COLA, six are eligible for TECI, four are not.


We are very low compared to our peers in terms of technology classrooms.



Fox:†††††††††††††††† We need to have an ICON on the computer of TECI rooms so people will know what type of support they are going to get.In a TECI classroom you get immediate support and there is a whole structure involved.We need to be clear on what department is supporting the room if it isnít a TECI room.



Johnson:†††††††††† My area is now coordinating with Computing Service for support strategies regardless of who owns the room.

We are working to set up a new form of support structure for immediate support for TECI rooms in ITV; that will depend on support staff and approval of funding for positions.


We are looking at funding sources for additional rooms.We would like to put in the next phase of rooms during Christmas Break or Spring Break.The phase after that should be installed over the summer.


We will be able to centrally monitor the rooms so the technical support person will be able to sit at his computer to monitor and do preventive maintenance.There is a lot involved when resolving support issues.


BOC Security Privacy



Byrd:††††††††††††††† Handout:Strengths and Opportunities as defined by the Banner Oversight Committee.We continue to improve the privacy that we can guarantee the constituents we service.The committee began looking at security as it relates to privacy in some of the areas we felt that we could improve upon at this institution.This document identifies strengths we see from our point of view; and based on some of those strengths, where we had opportunities to improve on that.

In the middle of the table we have identified what we consider to be the responsible parties for those opportunities and the priorities based within that responsible party.We feel that it is within our oversight to deal with these and come up with processes and procedures to achieve the opportunity. The other ones we felt were things the institution should look at but could not identify a responsible party.

We wanted to bring these opportunities before this committee and get this groupís agreement and approval for responsible party as identified.We also need the group to identify responsibility to those indicated.


The Confidentiality Agreement included in current security policy needs to be reviewed again.Per Jan:we need to make the confidentiality agreement required for all new employees.


Confidentiality Agreement will be reviewed at the next meeting


Password expiration phase one is just a small amount of the overall Banner users.We notified 150 people yesterday that their passwords will be expiring.These are high level users as identified by the auditors.



Fox:†††††††††††††††† On issues where we donít have responsibility or priority, there is an issue of educating people who hold accounts and the removal of social security numbers from web sites that collect personal information.



Miller:†††††††††††††† I want to move that the need to address SSN as ID be moved up the list of priorities.There are old SSN is still visible in Banner.The new travel form asks for SSN.We need to make it an issue that SSN not be used on ANY forms.



Fox:†††††††††††††††† I propose that aAny new employee must have electronic signature and a couple of questions to prove they have read the Confidentiality Agreement BEFORE an account is granted to user.

They may not have Banner access, but they are exposed to confidential information.


It is agreed to allow BOC deal with their top 7 priorities.Voted and approved.


Jan:deal with shredding issue



Request to Tighten control of SPAM



Cutler:††††††††††††† Student groups are reporting more SPAM this semester.We are seeing a doubling of email junk mail and spam this year.75% of the mail we receive is junk.Computing Services has been implementing ways to filter SPAM.Anytime you filter any mail, there are concerns.We are using real-time black hole lists that contribute a list of known spammers and junk mail IP address that we do not accept.If an IP address is not on the list, we are forced to accept the mail.We are asking the ITC for blessing to continue to use reasonable methods to thin this out.We need to inspect words and contents in the mail and match up IP addresses with header information.If it doesnít match up, we can bounce or mark as suspect.

BOT Ė spammers are not using infected machines to send out distribution lists.Because these computers are not known spam machines, we cannot recognize them as spammers.Black list methods do not work.By they time they make the black list, they are no longer using that IP address.


Question for group:We would like to tighten down further on student email.Realizing that this is a sensitive issue, we need to improve communication and training to students for ways to avoid emails being blocked or marked as SPAM.

Vote to recommend Jonís request to tighten down on spam:Voted and Approved.


Incidence Response Plan



Miller:†††††††††††††† The issue is how we deal with a response to some type of incident.Basically, we are using the definition that was established betweenCarnegie Mellon and the [federal] government to deal with security problems.They define an incident as ďthe act of violating explicit or implied security policyĒ.This implies that we have a policy.Our Information Security Policy needs some expansion.These include attempts to gain unauthorized access to a system or its data; unwanted disruption or denial of service; the unauthorized use of a system for processing or storage of data or changes to system hardware/, software that we didnít do.†† There is a pretty big domain that we are talking about in terms of incidences that we have to respond to.We have to respond.Are we really talking about any related security breech or breech where there is an information security breech?


Issues we have to deal with:


1.      I have to be concerned with how I tie this to other processes on campus and incidents on campus, i.e. fire in building could leave things lying around that could lead to information security issues.

2.A bad information security breech can tie to business continuity issues.The assumption is that it goes to the top, gets dealt with and then filters back down to those who need to deal with the problem.Are we involving the executive group at a level where we donít need to?Do all security incidences need to go through the executive group? Or, do only subsets of incidences need their review?


I need some things in this policy if the security group is not going to be looking at every incident.

I would like to see discussion about whether we only want to tie to information security breeches or do we go beyond to all security breeches?

If you want us to make a stab in the dark at it, Iíll be glad to do that.


Our current manpower resources limit what we can look at to the best of our ability.


My assumption is that we want some sort of triage and slimming down of these parameters.



Fox:†††††††††††††††† The State of California has thought through issues about loss of information.This may be a good model to follow.


If we can define the items we want to move up the list we can do a triage at a certain level without involving everybody else, but if we canít identify items, we will have to look at individual issues and move them up the chain.


My number one personnel request would be a security person to deal with information security issues.



Miller:†††††††††††††† We are asking the ITC to determine if the security team proposed shouldsee all incidences, qualified incidences, or do only high probability criminal, breech of information incidences go up to the security team.


Provost or academic representative added to team.


Arnold will be allowed to define what would go to the security team and other matters be handled by department.Voted and approved


All items will be defined by the next meeting for review and vote in January.