OIT News – April 2010

OIT News

Monthly news briefs, information and announcements
Office of Information Technology, NC State University
Issue 30, April 2010

:::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::
Follow OIT on Twitter @ncsu_oit
For the up-to-the minute reports on OIT systems, see SysNews:
http://sysnews.ncsu.edu
For help with computing problems, contact the NC State University Help Desk:
http://help.ncsu.edu

:::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::

01: Task force to recommend next generation e-mail systems for NC State faculty and staff
02: OIT moves forward with new e-mail anti-spam, anti-virus and archiving services
03: WolfWise implementation team to deploy GW 8 this summer
04: SAS 9.2 is now available
05: NC State recycles computers, electronics and more on April 21
06: Free and Open Source Software (FOSS) Fair is April 22
07: Stinson Collaborative Commons open house is April 28
08: Google Apps @ NC State information booth on the Brickyard in April!
09: OIT Lunch & Learn: “Green IT” on April 22
10: OIT Lunch & Learns:New Apple iPad” and “Mobile Web Applications” in May
11: SAR training scheduled for May 11
12:
ComTech schedules MySoft training sessions
13: OIT publishes central IT extended maintenance schedule
14: OIT to implement new process for removing employee security access

15: Security access certification for Human Resources and Financial systems due April 30
16: Adobe Reader and Acrobat are popular targets for security attacks

:::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::

01: Task force to recommend next generation e-mail systems for NC State faculty and staff
Vice Chancellor and CIO Dr. Marc Hoit has announced that the Office of Information Technology (OIT) is forming a task force to begin exploring the next generation of e-mail systems for NC State faculty and staff, with a planned deployment in the next 12 months.

Co-chaired by Dan Green of the College of Engineering and Chris King of OIT, the Next Generation (NexGen) E-mail Task Force will review the campus e-mail requirements and evaluate the suitability of Google Apps Education Edition to function as the NC State e-mail and calendaring system for faculty and staff. Existing IT governance committees will make recommendations on the resulting task force report. If there are deficiencies that make Google unsuitable, OIT will move forward to implement a Microsoft Exchange groupware solution to meet those needs. Click here to view full news release.

02: OIT moves forward with new e-mail anti-spam, anti-virus and archiving services
The OIT continues to move forward with plans for the implementation of new Google-hosted Postini products that will provide campus-wide anti-spam and anti-virus protection and central e-mail retention for compliance with legal requirements, such as public records and e-discovery requests. The OIT anticipates the rollout of these services early this summer.

The new anti-spam and anti-virus products, which will help guard against cyber threats, will replace Sophos PureMessage for Unity/Webmail and M+Guardian for WolfWise.

The new retention service will save e-mail for faculty and staff customers of both of these central e-mail systems for a period of 10 years. The new policy requires that any faculty and staff member who conducts university business via e-mail use one of the centrally hosted systems so that once the central e-mail retention system is implemented, they will have their e-mail retained. Regardless of the system used, faculty and staff have a legal responsibility to save copies of their e-mail.

The OIT also recommends that faculty and staff who may have been using Unity/Webmail or WolfWise for their personal e-mail to consider moving their personal e-mail to another non-university e-mail system so it is not retained in the business archive. There are a number of companies that offer free or low-cost e-mail including Google, Yahoo and most Internet service providers.

For more information, visit the Postini project Web site. The OIT will also hold educational and information sessions about these new products for faculty and staff members in the near future.

03: WolfWise implementation team to deploy GW 8  this summer
The WolfWise implementation team completed April 9-10 the upgrade of the Linux production environment to OES2 SP2, a new service pack that will provide more stability to the WolfWise environment. WolfWise is NC State’s implementation of Novell GroupWise for its single centrally supported calendaring and e-mail solution.

Beginning the week of April 26, the team will install GroupWise 8 (GW8) in its test environment with the goal of deploying it in the production environment this summer. The GW 8 deployment will apply back-end fixes for known bugs, improve IMAP stability, allow for ActiveSync (for mobile devices) and improve the performance of Windows, Mac, Web and Linux clients.

For more information about the WolfWise migration, visit the WolfWise Web site (no longer available).

04: SAS 9.2 is now available
The campus community can now access SAS 9.2 via the Software@NC State Web site by two methods: download and the Virtual Computing Lab (VCL).

The OIT Software License Management team anticipated the release of SAS 9.2 for distribution for months, but encountered problems with the size of the 32-bit distribution of SAS 9.2 exceeding 15 gigabytes, which can cause user errors and an extended download period. The SAS 9.2 distribution is much larger than its previous version, and SAS has removed the capability to create personal distributions of smaller, more usable sizes. SAS technical support has indicated that a solution would not be available until version 9.3 is released.

In the meantime, SAS is working to offer downloads directly from its Web site using its download manager, and the OIT expects to provide additional options for users to acquire SAS 9.2 very soon. If you have any questions or problems, please contact SAS_help@ncsu.edu.

05: NC State recycles computers, electronics and more on April 21
NC State’s Waste Reduction and Recycling (WRR) and Synergy Recycling will have a spring e-waste collection event from 10 a.m. to 2 p.m. on Wednesday, April 21 in front of the College of Textiles on Centennial Campus. Bring all of your unusable personal electronics to recycle.

What can be recycled? Pretty much anything with a cord:

  • Computers, laptops, mainframes and monitors (CRTs and flat screens)
  • Telephones, cell phones and telephone systems
  • Fax machines, office equipment, printers and copiers
  • Banking, financial and medical equipment
  • Electronic circuit boards and components
  • Stereo equipment, games, PDAs, rechargeable batteries, CD’s and DVD’s
  • Televisions (There is a $5 fee per television.)

All university owned electronics must go to Materials Support Surplus. For more information, visit the NC State Recycles Web site.

06: Free and Open Source Software (FOSS) Fair is April 22
NC State’s second annual Free and Open Source Software (FOSS) Fair will be held from 9 a.m. to 5 p.m. on Thursday, April 22 in Engineering Building II on Centennial Campus.

Sponsored by OIT Linux Services and the Department of Computer Science, the fair is an “unconference” type event where people share their project demonstrations and ideas. Come learn about the exciting open source projects on campus and help build the open source community. To get more information or to sign up for the fair, visit the FOSS Fair 2010 Web site.

07: Stinson Collaborative Commons open house is April 28
The campus community is invited to attend an open house for the new Stinson Collaborative Commons, formerly known as “The Laundry Lab,” from 2 p.m. to 4 p.m. on Wednesday, April 28. The Commons are located at 2341 Stinson Drive.

OIT staff will showcase renovations that facilitate the sharing of information and the collaboration of ideas. Amenities such as the media:scape collaborative area, which integrates furniture and technology; a whiteboard whose contents can be saved to a flash drive; and a charging station for various mobile devices are all a part of this newly refurbished space.

08: Google Apps @ NC State information booth on the Brickyard in April!
The OIT is hosting a Google Apps @ NC State information booth on the Brickyard during the month of April to inform students about the new university student e-mail service and to answer service-related questions.

OIT personnel will staff the booth from 10 a.m. to 3 p.m. on Thursday, April 22 (Earth Day) and from 11 a.m. to 1:30 p.m. on Monday, April 26, and Wednesday, April 28.

OIT launched the Google Apps beta service early April, and more than 4,000 students are currently using the service, which includes Gmail, Google Sites, Google Docs, Google Calendar and Google Talk. Students are encouraged to opt in to the beta service by visiting the Google Apps @ NC State Web site and requesting an invitation or by signing up for the service at the information booth. Students can continue to opt in to the beta service until the summer semester, when production services are anticipated to go live. OIT will create Google Apps @ NC State accounts for those students who did not opt in during the beta period. For more information about NC State’s implementation of Google Apps Education Edition, visit the Google Apps @ NC State Web site.

09: OIT Lunch & Learn: “Green IT” on April 22
Do you know what’s the biggest contributor to NC State’s carbon footprint, how EPEAT can help you make more sustainable computer purchases, or why screen savers should be a no-no? What is “Green IT” anyway, and how can IT professionals help NC State meet its obligations to reduce the campus climate impact?

Join Ron Bradley and other IT staff in a discussion of best practices and activities to advance NC State’s sustainability efforts. Presented by OIT’s Lunch and Learn series on Earth Day, Thursday, April 22, this workshop will be held from 12:15 p.m. to 1 p.m. in 216 Scott Hall. To register, visit Classmate.

10: OIT Lunch & Learns:New Apple iPad” & “Mobile Web Applications” in May
OIT’s Brown Bag Lunch and Learn series will present the following workshops in May:

  • Take “A Look at the New Apple iPad” from 12:15 p.m. to 1 p.m. on Tuesday, May 4 in 216 Scott Hall. Jason Maners, coordinator of Student Owned Computing for the College of Engineering, will discuss the possible applications and limitations of the newly released Apple iPad in an academic setting. He will provide a demonstration of the iPad and hands-on training. To register, visit Classmate.
  • “Get Started with Mobile Web Applications” from 12:15 p.m. to 1 p.m. on Tuesday, May 18 in 216 Scott Hall. Jason Casden and David Woodbury from the NCSU Libraries will discuss the ongoing development of mobile Web applications for the Libraries’ mobile site and will share tips and strategies for creating useful mobile applications that are accessible on all Web-enabled mobile devices from flip phones to the iPad. To register, visit Classmate.

11: SAR training scheduled for May 11
System Access Request (SAR) training for campus requestors and approvers of access to secured university data will be held from 9:30 a.m. to noon on Tuesday, May 11 in the ITTC Lab 2 of D.H. Hill Library. Please visit Classmate to view available classes and to sign up for training.

12: ComTech schedules MySoft training sessions
Communication Technologies (ComTech) is scheduling training sessions for its newly released version of MySoft, a Web application for campus personnel to request telecommunication services for their unit, college or department.

Completed March 23, the MySoft upgrade features a new intuitive visual shopping cart interface. Since the upgrade, more than 150 new work orders have been submitted via MySoft, and more than 100 people have been trained on the shopping cart system.

Training sessions are scheduled at 10 a.m. on Friday, April 23 and Monday, May 3 in Room 110 of the Avent Ferry Technology Center (2114 Avent Ferry Rd.). Seating is limited to 22 people per session. An online tutorial is available if you are unable to attend one of the training sessions, but the training sessions are recommended. To register, contact Jeff Boone at 515-6011 or via e-mail at jeff_boone@ncsu.edu.

13: OIT publishes central IT extended maintenance schedule
The OIT now has extended maintenance windows to allow more time for major system maintenance, such as data center improvements that require shutdown and movement of equipment, hardware replacement and infrastructure configuration.

The current maintenance window for the MyPack Portal and the Student, Human Resources and Financial systems is from 1 a.m. to 1 p.m. every Sunday and will remain intact. The extended maintenance window, which runs from 12:01 a.m. Saturday to 9 p.m. Sunday, extends the current maintenance window for the following dates: May 29-30, Sept. 25-26, Oct. 16-17 and Dec. 4-5. Prior to each extended maintenance window, notifications of system outages will be communicated to campus users. For scheduled system changes, please view the Change Management Calendar.

14: OIT to implement new process for removing employee security access
The OIT will implement on May 4 a new automated security access removal process for employees who leave the university or transfer to another department. This application will remove security access roles and row level security from the Human Resources (HR), Financial (FIN) and and Student PeopleSoft systems on the effective date of an HR Action after close of business (evening processing).

For those familiar with the System Access Request (SAR) application, this will be synonymous with entering a SAR Revoke request, but will happen automatically. Employee access to the MyPack Portal Self Service pages will not be affected by this process. Employees who transfer to a new department will need to have that department enter a SAR request to add the appropriate roles and row level security for their new position. This process is being implemented to ensure that all PeopleSoft security access is removed for employees who leave a position. In the past, employees who were terminated or transferred between departments might have retained access to a previous department’s HR, FIN or Student application data. This new process, approved by the primary university data stewards, eliminates the possibility of a transferred or terminated employee still having access to job functions and data they are no longer entitled to have.

15: Security access certification for Human Resources and Financial systems due April 30
The OIT Security and Compliance unit is requesting campus deans and vice chancellors review and certify their staff’s access to the Human Resources and Financial systems by Friday, April 30. The University Data Management Procedures require that each dean and vice chancellor review semi-annually (usually in April and October) their staff’s security access to university computer systems and that their staff’s security profiles be certified on an annual basis.

To review staff’s security access to the Human Resources and the Financial systems as well as the Student System, use the Web Security Reports or the MyPack Portal. In the Portal, select the For Faculty and Staff tab, Security Access – SAR and then Security Reports. The Security Reports now show both active and inactive employees who are currently assigned to a specific department and have access to the system. A second report, the Web Security Exception Report (available to division level approvers only), displays individuals who have security access to department data but are no longer in the department due to a transfer or termination.

The certification form should be completed and returned to OIT Security and Compliance by Friday, April 30. If you have any questions or concerns, please contact the NC State Help Desk at help@ncsu.edu or 515-HELP (4357).

16: Adobe Reader and Acrobat are popular targets for security attacks
Adobe Reader and Adobe Acrobat are increasingly a favored exploit target for e-mail attackers due to the increasing availability of vulnerabilities in these products and the continued widespread use and acceptance of PDF files. Attacks on Adobe Acrobat accounted for 80% of all computer security exploits during the fourth quarter of 2009, according to the ScanSafe security firm.

Accordingly, campus users should treat all PDF files with the same caution they would use with any other executable file type. You should not click links in any unsolicited e-mail message, particularly for PDF downloads. Never open e-mail attachments including PDF files when they are not expected or from an untrusted source. Never click a message to agree to install any software from a link received in an unsolicited message.

Enhanced security of PDF use can be obtained by disabling Adobe javascript in Reader and Acrobat and avoiding the use of browser plug-ins for those products. These aggressive precautions will not remove all of the vulnerabilities, however.

To avoid infection, keep patches of Adobe products up to date on your computer. The current version of Adobe Acrobat is 9.3.1, and you should be at that level (or higher) to apply the current available fixes from Adobe for many of these vulnerabilities. (You can check the version of your Adobe Reader/Acrobat product by clicking “Help – About Adobe Acrobat”.) Click on “Help – Check updates” in your Adobe Reader/Acrobat window and apply all updates found. You can also set an option to check and download all fix updates from Adobe every week by clicking on “preferences” in the Adobe Updater Window. Adobe just released the automatic Adobe Reader/Acrobat Updater tool to make it easier for users to receive the most recent Adobe updates.

Other PDF readers (such as Foxit) are also subject to exploitation, because some of the PDF vulnerabilities involve complex features of the PDF specification rather than faults in the source code. Also, some of these vulnerabilities apply across different computer architectures that use Adobe Reader/Acrobat products. So do not think you are safe because you run a non-Adobe PDF reader product or because your computer runs Apple Mac OS X or Linux operating systems. Apply the same safeguards described above with non-Adobe or non-Windows PDF tools, too.

For questions, please contact the NC State Help Desk at help@ncsu.edu or 515-HELP (4357).

::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::
Information about OIT News:
OIT News is an electronic news bulletin published monthly
Office of Information Technology
Box 7109
North Carolina State University, Raleigh, North Carolina 27695-7109
http://oit.ncsu.edu

To subscribe or cancel your subscription online go to http://lists.ncsu.edu

To subscribe by e-mail, send the following message to mj2@lists.ncsu.edu:
subscribe oitnews
To unsubscribe by e-mail, send the following message to mj2@lists.ncsu.edu:
unsubscribe oitnews
(These messages should be sent to mj2@lists.ncsu.edu, not to the OIT News list itself.)

For help with computing at NC State, contact the NC State University Help Desk:
help@ncsu.edu, phone 515-HELP (4357), or visit Room 101, West Dunn Building.

Send your comments or suggestions about OIT News to Rhonda Greene, OIT Information and News Services, at rhonda_greene@ncsu.edu.