EDUCATIONAL TECHNOLOGY ADVISORY
COMMITTEE
ATTENDEES: Beth
Grobman, Scott Heffner, Judy Mowrey, Mike Murphy, Alex Swanner, Tim Woods
GUESTS: Bob Barr, Sharon
Luciw, Chien Shih
Convened: 12:31pm
1. APPROVAL OF THE MINUTES (Chien)
· Minutes
will stand approved as posted
2. GENERAL NEWS (ALL)
· None was brought up
3. TERMINAL SERVER &
TERMINAL ACCESS TO MAUI (Bob)
· Have decided to use the remote terminal access
On the whole this access is simpler to deal
with and provides full functionality for both MAC and PC users
Still leaves the option of using a web access
available
This access is not fully functional for MAC
users
In order for PC users to get full access,
you need to install a client plug-in in your browser
Can give MAC users and PC users identical
functionality and interface, which cannot be done with the web access
This will simplify training
Do not need a client on any ones machine,
only a small program that gives you remote terminal access, which usually
comes with your operating system
No response time difference between the web
access and the remote terminal access
Don’t have to worry about which browser has
been installed on a machine
Don’t have to worry about upgrades, no client
installations, except remote access program
Just as easy to access the remote terminal
from off campus, if you have the proper authentications and authorization,
as it would be to access over the web
The hassle for getting remote access from
off campus is the same for either machine
The off campus access will not be provided
until the district has a VPN (virtual private network), to provide data
security
· Bought
a new server, which is going to be the production database server for replacing
the current MAUI databases
· Currently
have a development server for testing as well as a production server
· The
project is starting to accelerate
Have gotten over a number of initial problems,
such as the issue of not being able to use our RDB database and having
to go to a SQL database instead
Would have had to do this in the long run
anyway
· Anyone
accessing the student database, can access 12 years of history all at the
same time
In MAUI, could only access one quarter at
a time
· Currently
Beta testing is going on
Have developed some SI & FR reports
Since MAUI & Hyperion approach reports
differently, were not able to make direct clones, like originally thought – which
would have made for less training
Have gotten through the following issues:
How to print forms
What should be printed on the page
How it should look
Should continue Beta testing through the
winter quarter and into the spring quarter
Second half of spring quarter will start
rolling out to any one who currently uses MAUI
Next phase will be to roll out to any one
who is altogether new – late May/June and during the summer
into the fall for classified staff
· Planning
on holding a workshop, during the opening day activities, for people new
to the Hyperion system
Might do two sessions – one for beginners
and one for more advanced users
· The
IdM relates to the VPN (virtual private network) but it also relates to
ETS’s ability to roll out the MAUI replacement
Currently are having to create accounts for
the data testers manually – which takes a little bit of work
Need to be able to give people authorization
based upon their job or their roll
4. HARDWARE/SOFTWARE STANDARDS (Sharon)
· Last meeting was January 29th
· Hot topics
· Currently not moving to any new calendaring system,
because the new EIS system will have a calendaring solution that will probably
meet the Districts needs
5. STS LAB PERFORMANCE (Chien)
· Since Duncan Graham brought this up and he was not present
at today’s meeting, the consensus was to hold off discussion on this issue
until the next meeting, or the next time he is present
6. SPAM UPDATE (CHIEN)
· The district
deployed Barracuda, a spam filtering solution, in January of 2004
Over the past three years:
Approximately 50 million e-mails have passed
through the spam firewall
About 36.7 million spam e-mails have been
blocked (about 80% of all the e-mails)
Tagged about 3.3 million e-mails as possible
spam
About 1 million virus e-mails have been detected
In general the current spam firewall is doing
its job by blocking about 80% plus of all spam that hits the districtbr
With about 20% of the spam e-mails still
getting through, the decision was made to look into further protection
· Used the following criteria to look for further protection
1) Has to be complementary to the current
Barracuda solution
2) A solution that has a minimum impact on
staff
3) Try to choose the most economical solution
based on the current budget situation
· Did
a survey and came up with two possible solutions:
1) Postini – supplied
by Google
2) Abaca – a
new solution that uses an interesting way to scan spam
· Found
a common ground to test the solutions for thirty days
Used the same type of user – top 30
users that receive the most spam mail within the district e-mail system
and used the same judgment criteria
1) Choose
a false/positive array
– mail that comes in and is blocked as spam, but is not actually
spam. Looking for the lowest array so that the real mail coming in
isn’t blocked
2) Also
looked at how the spam mail got through the first firewall (Barracuda)
and didn’t get blocked by the second filter
3) Collected
the users statistics on ease of use; how well the solution worked to
protect their mail
· The
one thing that Postini does, that Abaca doesn’t, is to route the districts
e-mail to their server outside – this gives them a storage copy of
our e-mails so if the district has a disaster, we can always get a copy
back
When comparing all the other statistics,
Abaca came out ahead
· Abaca uses the association methodology
It first analyzes your e-mail sending and receiving
patterns
It then determines who is most likely a spammer
· By
deploying Barracuda and Abaca in tandem, the filtering system works real
well
The rate of spam goes from 20% to 0.79%
· Postini
is about $40,000 per year
· Abaca is $20,000 per year
· ETS
is currently at the decision point to choose Abaca or Postini
· Abaca
has less of a training curve, than Postini
· Didn’t
find any latency when testing either product
· The
next step in the process is to brief senior staff, the first week of March
7. WIRELESS PROJECT (Sharon)
· The
next step is to get the connection going with our identity management
1) Have
to get our Aruba controllers to pass through the Radius box
2) The
Radius box gets a feed from the identity management
3) Have
the Aruba controllers and the Radius box talking to each other
4) Currently
testing the feed from the IdM into the Radius box
· Once
the above pieces are working, will set up some alpha testing with in ETS,
which will allow a connection to the wireless system using a login name
and password
– this will happen around the first of April
Next will move into a beta phase and ask
certain people in the district and on each campus, to test it out – May/June
time frame
Will get feedback from the beta testers
Part of the testing will be going into the
self-service areas to reset passwords and getting a friendly name
· By
fall 2008 will probably start rolling out wireless to individual buildings
Late this summer will need to have a conversation
with each college to reestablish their priority list
· Need
to make certain that any problems with the wireless are reported to the
Call Center
8. SECURITY POLICY (Chien)
· Chien
began with a review of what had been previously discussed
Directory Information - Control Records (p.
2)
Document that tells all the information regarding
the security information system, such as:
Who owns the computer
Who maintains the computer
Physical location of the computer
Responsibilities
– The Lead College Authority (p. 2)
Who should be the Lead College authority
on both colleges
This person would have the ultimate responsibility
for the security of the information in the college environment
This is the person you go to if anything
is wrong; if anything goes awry or if anything needs to be updated or changed
The general manager of data security within
the campus
System Manager (p. 3)
Manages a particular system
Could be from ETS, an administrator of a
particular system or someone from one of the colleges
This person documents everything
They develop the strategy on how to manage
the system; document the security policy; create, retain & secure
the control record; where they are, how they are maintained, who
has the password, etc.
Data Resource Manager (p. 3)
Manager that controls access of the data
security information
The owner of the actual content of the data
Has the ultimate control over granting access
to the data records; updates and maintains the content of the data
At the last meeting there was a discussion
over the definition of the responsibility; what the lead college authority
is; what the system manager is and what the data resource manager is
· Fred
has already incorporated some of the prior modifications into the new document
that was sent to committee members prior to this meeting
· The
next section of the document talks about the Incident Response Process
(p. 3)
First step is to isolate the system that
is affected – identify where the instance occurred
There is security information stored at the
server level; security information downloaded to the local level and there
are paper processes where personal information is stored on papers that
get filed
Second step is to notify the key persons
that need to be notified
Third step is to analyze the breach
Fourth step is to report the incident
Fifth step is to restore the system
Sixth step is to take action to notify all
the related users that are being affected
· One
of the things that has to be done is to follow the data trail
There seems to be a data trail from the core
system where data gets migrated, downloaded and taken away or printed out
· One
of the initial tasks given to Chien is to come up with a security audit
for which he is in the process of putting together a project plan
The project plan will start from the core
system to see where the secure related information goes
Will be able to trace from this point to
see what server the information is downloaded to; who has access to that
server; who has the security necessary to get this information to their
notebook, thumb drive, print out or even manipulate into different forms
· Currently
there is no update on the beta testing being done on data encryption solutions
The plan was to use the built-in tools with
windows and MAC
Sharon will need to get an update from Jose
Rueda and John Vandercook
· There
was no further discussion pertaining to the security procedures
9. OTHER ITEMS FROM THE COMMITTEE
· There
is an annual power outage on both campuses, every August, done by Plant
Services
Sharon usually makes an announcement of what
services will not be available
The power outage this past Monday, February
18th, was based upon the construction project for the visual
performing arts building, on the DA campus
There will be one more power outage associated
with this building but Sharon did not know when that would be
Sharon is hoping that she will be given enough
notification so she can inform everyone when it will take place
10. FUTURE AGENDA ITEMS (ALL)
· An
update on the encryption beta testing
· Some
direction as to how to proceed with the security procedures
At this stage is EAC going to recommend the
document?
Is it going to go out to a larger group?
11. ADJOURNMENT
· Adjourned:
1:38 pm
Next Meeting: March 19, 2008, 12:30 – 2:00, via video conferencing
