Office of Information Technology 2013-2014 Annual Report: Leading IT

WPAwardwinners

Expressing their WolfPack Pride, 2014 Office of Information Technology/University Award for Excellence nominees and winners (picture with Dr. Marc Hoit, Vice Chancellor for Information Technology, second from right), are: front row (l-r) Kristina Kelly, SPA award winner; Amy Tawes and Josh Snapp. In the rear (l-r) are: Karen Horne, SPA award winner; William Brockelsby, EPA award winner; and Bill Coker. Photo by John Black

 

CONTENTS


ABOUT OIT


NC State’s Office of Information Technology (OIT) provides campus-wide computing, information and communication technology services in support of the university’s academic and administrative goals.

OUR MISSION
To provide nimble, effective, efficient, and collaborative IT services, solutions and strategies in a timely and helpful manner that assist the university, state and nation in achieving their strategic goals.

OUR VISION
Be the IT organization that people seek out as a partner for providing visionary strategies, creative solutions, objective information, and effective and efficient services in order to help them achieve their mission and goals.

OUR UNITS
With a staff of 268 and a budget exceeding $48.5 million, OIT has eight units:

  • Business Services
  • Communication Technologies
  • Enterprise Application Services
  • Infrastructure, Systems and Operations
  • Outreach, Communications and Consulting
  • Security and Compliance
  • Shared Services
  • Technology Support Services

Back to top ↑

A MESSAGE FROM THE CIO


It has been more than five years since I arrived at NC State, but it seems like yesterday when I first met with the directors to discuss how to transform the newly formed Office of Information Technology into a united, supportive and agile organization that supports the university’s mission. We have come a long way since the summer of 2008.

In fact, we have completed a full cycle — a three-phase strategic planning process to improve the use of information technology as a driver for change. We began this cycle in 2008 by focusing first on how we operate as an organization and work together as a team. We created new mission and vision statements as well as internal goals and strategies that became our Strategic Operations Plan.

Our work continued with the formation of a new campus IT governance structure, a first step to align campus’ IT objectives with those of the university. And finally, this year, with our campus partners, we released the university’s first IT Strategic Plan that will help lead campus IT innovation, cyberinfrastructure management and collaboration.

OIT has had many more accomplishments in the past five years. We’ve worked to make the campus infrastructure more resilient and tackled some very large projects — from retiring the mainframe, unifying our single storage infrastructure, improving the wired and wireless networks to implementing Google Apps for Education, overhauling the Student Information System, and rolling out VoIP technology. The work has been enormous and never ending. As I reflect, I am in awe of the brilliant work performed by our staff to master the complexity of these projects as well as our four current priority projects —  identity management, data marts, security upgrades to meet Payment Card Industry-PCI) and other security standards; and critical disaster recovery capability.

It’s important to note that all of this work has happened in a constrained funding environment. State budget reductions have impacted both the university and OIT resources; however, the university is supportive of our efforts and continues to invest in IT resources to enable improved campus operations and activities.

Looking back, I am proud of OIT’s achievements and the collaboration, support and well-deserved strong reputation of our team!

Dr. Marc Hoit
Vice Chancellor for Information Technology
and Chief Information Officer

Back to top ↑


PARTNERS IN INNOVATION: A STRATEGIC PLAN FOR IT AT NC STATE, 2014-2020

stratplan

OIT employees Everette Allen of Outreach, Communications and Consulting (fourth from left) and Kerry Digou of Security and Compliance (right) discuss ideas with campus IT staff to help formulate the IT Strategic Plan.


This spring, NC State adopted its first strategic IT plan — Partners in Innovation: A Strategic Plan for IT at NC State, 2014-2020 — that provides the framework for the campus community to achieve the IT environment necessary to support the university’s mission.

The final phase of Dr. Hoit’s vision for a holistic integration of information technology into the university environment, the IT Strategic Plan culminates more than a year of gathering information from a broad cross-section of the university community and development by IT governance groups.

This effort, led by a strategic planning process team, resulted in a set of eight IT Guiding Principles and six IT Strategic Goals that will help guide every IT decision-maker on campus.

The IT Guiding Principles lay out how IT decision-makers intend to operate individually and as a community.  They include:

  • Alignment: Our IT decisions will align with NC State’s strategic plan.
  • Resources: We will allocate campus cyberinfrastructure resources based on providing the greatest value and benefit for the NC State community.
  • User Focus: User needs will be a key component in all IT decisions.
  • Collaboration: We will work within and across organizational structures to meet strategic goals and identify opportunities for innovation and improvement.
  • Transparency: We will be transparent in our decision-making and resource use.
  • Innovation: We will value innovative and creative thinking.
  • Data Stewardship: We will provide a secure but accessible data environment.
  • IT Knowledge and Skills: We will value technology skills development for the IT community.

The IT Strategic Goals set out six focus areas to prioritize IT efforts between now and 2020, the same time period as the university’s strategic plan. The IT goals are divided into three categories:

Innovate

  • Lead IT Innovation: Foster world-leading technological innovation to support teaching and learning, research and outreach.
  • Leverage Data: Enhance the access, usability, security and utilization of data resources to advance research and decision making.

Manage

  • Maintain and Enhance University Cyberinfrastructure: Provide a core IT infrastructure, including hardware, software, people, and facilities, that is secure, resilient and adaptable to meet the current and anticipated future needs of the university community.
  • Optimize IT Resources through Governance: NC State will use IT governance processes to acquire, develop and allocate IT resources — both finances and people — needed to provide the robust IT services required to achieve the university’s vision and strategic priorities.

Collaborate

  • Cultivate a Collaborative IT Culture: The university will foster a culture in which the IT community works effectively across boundaries to address IT challenges, assisted by an effective IT governance structure.
  • Foster Connectedness of Communities: Provide tools and technology-rich physical and virtual spaces that support meaningful connections across university communities.

Each of the goals have at least three strategies, developed as starting points to help achieve the goals.

The work to begin implementing the new IT strategic plan will begin in earnest this next fiscal year. Dr. Hoit has appointed Greg Sparks, director of OIT Communication Technologies, to pull together a team to champion this next implementation phase of the plan. Updates and progress will be documented on the IT Strategic Plan website for each goal.

This fiscal year’s Annual Report aligns OIT projects and services with the six goals and strategies of the new IT Strategic plan and the university’s mission and vision.

Back to top ↑

INNOVATE

Goal 1: Lead IT Innovation
Foster world-leading technological innovation to support teaching and learning, research and outreach.


IMG_4943-S

ComTech receives grant to create network autobahn
In a very “tight” budget year, OIT sought external funding to enhance the campus network infrastructure. Its reward — a $499,890 National Science Foundation (NSF) grant for its sound proposal to develop a new network autobahn to deliver high-volume data transfers to NC State researchers.

The network infrastructure and engineering grant will help finance network switches at strategic points in the campus network to eliminate bottlenecks and increase access layer bandwidth to support big data and analytics. This new network architecture will provide immediate benefit to researchers, staff and students across diverse disciplines who are generating, processing and sharing more data than ever before.

Currently, the university offers 10 or 100 Mb/s network connectors in most campus buildings. With the new funding, some researchers will receive 1 Gb/s network connections, and network uplinks to additional campus buildings will be upgraded to 10 Gb/s.

The new network will leverage agile techniques like software-defined networking (SDN) to meet current and future needs of the campus community. SDN administrators can completely control network traffic via a software interface without having to manually touch individual routers and switches. SDN will allow NC State to construct a dynamic “Virtualized Science DMZ” to allow researchers their own slice of the campus network, uninterrupted by other campus network traffic.

This project creates a roadmap that allows the university to extend these agile and high-bandwidth services progressively to a larger variety of campus researchers as data transfer needs grow and evolve. By extending SDN capabilities, in partnership with the North Carolina Research and Education Network (NCREN), the university will provide SDN-capable connections to other regional universities and the Internet2 Advanced Layer 2 Research Network, ultimately improving the ability to conduct leading-edge research. Grant participants include NC State CIO Dr. Marc Hoit, principal investigator, and co-principal investigators Greg Sparks, ComTech director; Will Brockelsby, ComTech lead network architect; and Dr. Rudra Dutta, professor of computer science.

NC State recognized as innovator in new networking technology
NC State recently received $10,000 for using software-defined networking (SDN) to change the way it provides network access to university resources.

NC was one of eight recipients selected to receive the 2013 Internet2 Innovative Application Award, which recognized proposals of “new and advanced applications that can help lead the transformation of Internet2 campus research, science and education by taking advantage of SDN and 100 Gigabit capabilities of the Internet2 Innovation Platform.”

In a lab environment, OIT developed open source software leveraging SDN to replace a portion of its expensive, complex and proprietary network admission control system for campus wired network ports that are part of the Nomadic computing environment. Available in conference rooms across campus, these ports allow campus users to move large quantities of data across the network.

The new SDN network admission control application aims to provide an efficient, customized, enriched “Bring Your Own Device (BYOD)” experience for campus users and visitors. The university can securely verify users’ access to the network and route them to the most pertinent digital resource based on their role, work and/or discipline. For example, a visiting particle physics expert could have his identity and device recognized and immediately routed to the institution’s dedicated physics network, cloud and other digital resources.

The award will be used to develop a test center that will help the university network incorporate devices that are part of the “Internet of things” and to develop devices that might be beneficial to the university.

University explores software-defined networking to provide research opportunities
NC State is partnering with regional organizations to explore software-defined networking to conduct leading-edge research.

MCNC upgraded an optical network connection between NC State and the North Carolina Research and Education Network (NCREN) from 10 Gb/s to 100 Gb/s. MCNC operates NCREN, one of the nation’s first statewide education and research networks. With the additional bandwidth, OIT has provisioned a new 10 Gb/s Ethernet circuit to run over NCREN to access a regional SDN testbed currently under development.

A joint effort involving NC State, MCNC/NCREN, Duke University, UNC-Chapel Hill, and the Renaissance Computing Institute (RENCI), the testbed will be used to transfer large research data sets and permit regional experimentation with SDN technologies. It will eventually allow institutions to dynamically construct research circuits across the networks of multiple universities and national labs.

Eduroam pilot available
eduroam_trans_200pixOn June 20, OIT Communication Technologies launched a pilot of eduroam (educationroaming), a fully encrypted wireless service for the international research and education community. It is essentially a new wireless SSID (service set identifier) that allows NC State students, employees and guests who have “home” certificate-based credentials to have secure Internet connectivity both on the NC State campus and while visiting participating institutions. They will seamlessly connect to the eduroam network when visiting those institutions, without needing guest credentials. The technology of eduroam is based on the 802.1X standard and a hierarchy of RADIUS proxy servers, which allows user authentication to take place between eduroam participating and home institutions.

OIT’s long-term goal is to make eduroam the primary SSID on campus. The current “ncsu” SSID will still be available for those who can’t use the new service, and the “ncsu-guest” SSID will remain available for campus visitors. (Image courtesy of eduroam.org)

IPv6 summer pilot
This summer, OIT plans to deliver IPv6, the next generation Internet protocol, over its multiprotocol label switching (MPLS) infrastructure. MPLS gives OIT the ability to define entire virtualized network architectures for units and colleges, data centers and cloud computing environments over the campus network. Distance Education & Learning Technology Applications (DELTA) will participate in one of the customer-facing IPv6 test pilots this summer to shape the policies, configurations and documents deployed to campus.

OIT will ultimately leverage IPv6, the successor to IPv4, as a tool to facilitate education, research and extension initiatives across the State of North Carolina and beyond.

Roll over 8.0211n wireless
5G Wi-Fi or Gigabit Wi-Fi? Whatever you call it, 802.11ac. technology is the new Wi-Fi protocol positioned to be the successor of the 802.11n wireless networking standard.

OIT has upgraded controllers to support 802.11ac technology to meet increasing demands. More than 107,000 unique devices utilized NC State’s wireless infrastructure last year. The new technology offers faster data speeds than 802.11n and a broader range of Wi-Fi networks.


power_on_0

Last fall, OIT completed the Wake on LAN pilot project with the College of Natural Resources and the Office of Sustainability. The project allows students, faculty and staff to remotely power on certain devices (server, desktop, etc.) dynamically when needed. Its deployment date will be depend on feedback from campus IT support community.


phones

Say hello to “On Campus at NC State” mobile app
OIT announces the availability of On Campus, the new mobile app that puts campus information at the fingertips of current and prospective students, employees and visitors. Compatible with the iPad, iPhone and iPod Touch (at iOS 5.1 or later)and Android (at 2.3.3 or higher) devices, the app is available in the App Store and in Google Play. Here are some of the things you can do with the app:

  • Find people on campus by searching the directory
  • Check out events on the campus calendar
  • Find buildings using an interactive campus map
  • Keep up with what’s happening in the news at NC State
  • Discover what’s on the menu at numerous University Dining locations


VCL iOS app is on the way
An App plus the VCL equals one powerful connection!

And, it’s almost here.

In the spring of 2012, an idea to develop an iOS application for interaction with the VCL was born in a cloud computing class in NC State’s Department of Computer Science.

Last fall, the students released the project to OIT Shared Services to get the application ready for production. The app will allow university iOS users (iPhone, iPad, and iPod Touch) one more way to access the VCL, NC State’s cloud computing system that provides 24×7 remote access to high-end lab computers and software.

OIT worked extensively on the project and hopes to release the iOS VCL app this fall in the Apple App Store.

WolfPrint FollowMe Printing enhances student printing environment
NC State students can now print from their iPhone, iPad and other iOS devices to any of the Followme Printing printers around campus. WolfPrint FollowMe Printing uses virtual printers that hold the print job unti it is released at an authorized real printer. Students have up to 12 hours to pick up their printouts. This service was previously available from a Web browser and on Apple OS X (e.g., Mac laptops) devices.

Alert us!alertus
To warn the campus community of imminent danger, OIT and Environmental Health and Safety implemented the new Alertus desktop notification service. This is the latest Wolf Alert communications tool.

In a dire emergency, Alertus will flash a message about the situation to the screen of a networked computer. The software is installed on all OIT-managed Windows and Mac computers (including managed desktops, classrooms and labs) and is available to be installed on all university Windows and Mac computers. Students and employees may download the free software to their personal computers, but it is only activated when they are logged onto the campus network via WiFi or Ethernet connection. OIT maintains the central server running the notification software and administers software distribution.

It’s a wrap!
Software clickwrap agreements require a user to click “I agree” or “I accept” before software or hardware can be installed. Recent court decisions have made it clear that clickwrap agreements are legal and binding contracts and are, therefore, subject to university contracting policy, which prohibits many software clickwrap agreements.

To address this situation, the Office of General Counsel gave OIT Software Licensing Management (SLM) authority to perform risk assessments of and approve all campus clickwrap agreements. SLM has reviewed a total of 411 clickwrap agreements and has provided a whitelist of software campus can use without further inquiry. (Image courtesy of The Bulletin)

Additional Highlights:
Financial System – Implemented significant enhancements to the Travel Authorization and Reimbursement Request modules to support more self-service functions and the implementation of the new business operations centers on campus. Also implemented the electronic Prior Approval Request (ePar) functionality, a standalone Java application, in a new module built in the Project Modification Request (PMR) System.

Amazon Web Services and the Elastic Compute Cloud – Working to integrate with these services to rapidly expand VCL services if needed beyond the capacity available on campus.

Back to top ↑

INNOVATE

Goal 2: Leverage Data
Enhance the access, usability, security and utilization of data resources to advance research and decision making.


dataprivacysmaller_0

Keep It Private!
2014 is a good year for you to resolve to protect your personal and business data on mobile devices! Data on mobile devices grow everyday and you can access almost everything from these devices: email, bank accounts, Google docs, shopping websites, pictures, videos and Facebook and Twitter accounts. The features that make your data so accessible can also make your device vulnerable to cyber attacks.

In January, during Data Privacy Month, OIT launched its “Keep It Private” campaign, which shone a light on mobile device security so you can properly protect your data assets and the university’s data assets. OIT security staff offered two sessions on mobile security for the Android and iOS devices, two mobile security checkpoints, security videos and links to resources.

Framing Data Sensitivity
The university’s data are among its most valuable assets. In order to meet applicable federal, state, regulatory and contractual requirements, the campus community needs to protect university data from theft, compromise or inappropriate use.

Because the management of sensitive data can be a complex and highly interpretive task, OIT published the Data Sensitivity Framework to support the revision of the REG 08.00.03 – Data Management Procedures that:

  • explains how the university defines what data are sensitive and need to be handled with extra care,
  • describes the flow of authority for all university data, and
  • characterizes five new levels of data classification:
    • Purple: Ultra-sensitive,
    • Red: Highly sensitive,
    • Yellow: Moderately sensitive,
    • Green: Normal, not sensitive, and
    • White: Unclassified.

The Data Sensitivity Framework enables handlers of university data both to assess its sensitivity level and secure it accordingly from risks which may include, but not be limited to, unauthorized destruction, modification, disclosure, access, use, and removal.

Principal Investigator (PI) Portal Phase 2
OIT worked on Phase 2 of the Principal Investigator (PI) Portal, which allows NC State research faculty to view human resources and financial information related to their projects.

In Phase 2, OIT added integrations into the HR System to provide more detailed payroll information via drill downs, and detailed cost-sharing information via a new tab on the PI Portal. OIT has been working with the Office of Contracts and Grants, the University Research Committee (URC) and the Research Support Council on this project.

Human Resources System improvements
OIT implemented a newly redesigned Onboarding Portal using the Activity Guide within the Human Resources System. The portal, which replaced the SmartERP workflow/forms system as a cost-saving measure, helps new employees get “plugged” in to NC State with benefits enrollment, policy acknowledgments, online training, parking permits and WolfPack One cards, direct deposit setup, etc.

In partnership with Facilities, OIT designed and implemented support for room/location data to be loaded from FM:Interact, a new Web-based system for space management in the University Architect’s Office. Other HR improvements included a design for the new Graduate Appointment module and the new Additional Pay module.

Class Search
As a student, you can spend a lot of time deciding what courses you plan to take, but once you do, it won’t be as difficult to locate them within the new improved Class Search!

OIT and Registration and Records have upgraded Class Search, the university’s online schedule of classes, so that anyone — student, faculty, staff or university guests — can search by term (e.g., 2014 Fall Term) and retrieve a list of all offered classes. You can narrow your search by course number, course career, start and end times, and even by instructor.

Class Search is one of many functionalities that OIT has added to the Student Information System this year. Other enhancements include Graduate School “NextGen” Admissions module, support for the UNC General Administration (GA) World Language Exchange, the Graduate Student Support Plan module, support for the new GA student data mart, and a new Athlete Eligibility Verification module.

It’s not the same 2-Step!
Whether you called it 2-Step Verification or 2 Factor Authentication, it’s there to protect you. The Google Service Team enabled last year this additional layer of security for users of the university’s Google Apps domain. Once activated, this security measure requires you to log in with your password and an additional security code that is delivered to your mobile device via text, voice call or mobile app – hence, two factor! This security code is provided to you when you log in to your Google account from a device, application or browser you haven’t previously used.

Additional Highlights:
Hosted Casper Suite Enterprise Service – Moved the campus OS X and iOS management service to a vendor hosted model atnc.jamfcloud.com. OIT continues to work on an innovative, UNC system wide cooperative for cost and work sharing with the hosted Casper Suite implementation.

SAS Business Intelligence Platform – Implemented phase II of the Advancement data mart and phases I and III of the Graduate Admissions/Enrollment data mart using the SAS Business Intelligence Platform, completing the migration from Business Objects to SAS.

Hyland’s Onbase Imaging System – Began the migration from the Singularity document management system to Hyland’s OnBase platform, completing Accounts Payable, Purchasing and Human Resources. Moved Financial Aid module from a vendor-hosted platform to an NC State-hosted platform.

HPC Users – Procured new storage array to support partner storage for HPC users and working to transition from old storage system to the new array. This will allow researchers to store and manipulate their data.

Optical Mark Reading (OMR) – Processed 195,000 test/quiz sheets.

Back to top ↑

MANAGE

Goal 3: Maintain and Enhance University Cyberinfrastructure
Provide a core IT infrastructure, including hardware, software, people, and facilities, that is secure, resilient and adaptable to meet the current and anticipated future needs of the university community.


mobile2

On the Brickyard, Darren Fallis of OIT Security and Compliance, center, talks with iOS device users at the Mobile Device Security Checkpoint held last October during National Cyber Security Awareness Month.


Stimulating the “brain” of the network infrastructure
When people say OIT is the backbone of the university, they are usually referring to our information and communication technology infrastructure. But we’re so much more! OIT provides campus-wide resources that are available to everyone at NC State or that serve as the foundation for other technology systems and services. It’s the university’s two aging data centers — the infrastructure’s brain center — that house these mission-critical systems, applications and data and it’s up to OIT to keep them all operational.

This year, OIT implemented various improvements to both data centers. In January, OIT embarked on a seven-month power and cooling renovation in Data Center 2 to help mitigate risks of future outages. The project, which is expected to be completed in August, involves:

  • Installing a backup supply of chilled water to reduce the data center’s reliance on a single primary source of cooling.
  • Installing an independent backup generator to reduce the non-data center loads on the existing generator.
  • Replacing the remaining air cooled climate control units with water cooled units to reduce data center power consumption for cooling.

In Data Center 1, OIT extended the “island of improvement” to include two additional sections of improved IT equipment space. Sections of the data center will be upgraded, and then racks of servers will be moved to the improved “islands” with minimal downtime. When completed, the new areas will consume all available power and cooling in the center.

Kaspersky is here?
When OIT researched new antivirus solutions to better protect you and the university’s systems and data, a new name popped up – Kaspersky!

Available to campus for free, Kaspersky replaces Trend Micro and comes in two versions:

  • A personal version (for Windows and Mac) to be installed only on personally-owned devices that will be connecting to NC State’s network. You may install this software on up to three personal devices.
  • A campus version (for Windows and Mac) to be installed only on university-owned devices.

As part of its continuing efforts to keep the campus network secure, NC State requires approved antivirus software to be installed and kept up-to-date for computers connecting to the campus network.

Oracle Identity Management
OIT continues its work to implement Oracle Identity Management (OIM), which will enable the efficient sharing of resources within and beyond NC State. A key factor in rolling out a new identity management environment is to have a single source of reliable data that will help streamline the deployment of new university processes. User identities will be in place, and the system will provide access to information to (and about) an individual only when necessary.

Since May 2013, OIT has completed requirements definition, design review and installation/configuration of all OIM environments. OIT is also in the process of developing test scenarios and test cases, refining the overall project plan and completing the cleanup of the legacy environment required for conversion to the new system.

Do you have reservations?
The NC State Virtual Computing Lab (VCL) has assisted both students and faculty with instruction and research support since its inception in 2004.

Developed by OIT High-Performance Computing (HPC) and the College of Engineering, the cloud computing system provides researchers and students with 24X7 remote access to high-end lab computers and software without having to step inside the walls of a campus facility. The system’s infrastructure also provides high-performance computing for campus researchers.

As of May, the VCL has recorded approximately 136,445 reservations, using more than 1,180,000 million hours by 12,369 unique users.

Research Computing resources at the ready
The High Performance Computing (HPC) group provides NC State students and faculty with entry and medium-level high-performance research and education computing facilities, consulting support and scientific workflow support. This year, the HPC service delivered 13 million CPU hours to 136 projects and 427 unique users.

Campus wireless rollout
Last August, OIT completed the Bowen Residence Hall full wireless pilot and is making plans for ubiquitous wireless in all residence halls by fall 2016. Approximately 50 percent of residence halls will have wireless next summer and the remaining by summer 2016.

Helping the campus do!
From May 2013 to 2014, the NC State Help Desk has handled 33,272 calls with a first contact resolution rate of 80.98 percent. The Walk-in Center received a total of 3,281 visits between Aug. 15, 2013 and April 22, 2014, with 2,474 unique visitors. Freshmen accounted for 25 percent of the center’s help instances. There were also 377 hardware claims submitted to various vendors and 124 hard drives sold.

It’s all in the apps!
Google Inc. is changing the world around us – one app at a time. The Google Service Team introduced four new consumer apps — FeedBurner, Map Maker, Google Books and Google Places — in the Google Apps @ NC State environment, bringing the total number of consumer apps to 18.

How can you use these apps? Use FeedBurner to manage and distribute RSS feeds, Google Map Maker to add and update geographic information for Google Maps and Google Earth, Google Books to search and preview the full text of millions of books and magazines that Google has scanned, converted to text and stored in its digital database, and finally, Google Placesto edit or enhance information about your place of business or work.

Bye-Bye Windows XP
When Microsoft announced it would no longer offer security patches for Windows XP, OIT assisted the campus IT community in identifying computers running the 13-year old operating system and encouraged campus to upgrade to supported versions of Windows. OIT also established a separate network to contain mission-critical machines required to run unsecured operating systems to protect the campus network from exploits that target Windows XP and older operating systems.

Take Control CSAM-2013-Digital-Sign-05aYou know that cyber predators are smart, creative and dangerous. You also know that they surf the Web often in disguise, forever changing their strategies and tactics to attack and steal your account name and password, money, intellectual property, data and your identity. But did you know you can control your online experience?

OIT held the 2013 Cyber Security Awareness Month to “increase awareness and prevention of online security problems.” October 2013 marks the 10th annual event sponsored by the Department of Homeland Security in cooperation with the National Cyber Security Alliance. During the month, OIT offered a mobile device security checkpoint to run a quick diagnostic tool on campus users’ iOS and Android devices to see if they were protected against the most common risks. More than 500 people attended this event. OIT also offered six unique hour-long security awareness presentations for 150 students and employees.

PCI Progress
OIT, together with the Controller’s Office, is spearheading the university’s effort to ensure all credit card merchants and related IT systems achieve Payment Card Industry Data Security Standards (PCI DSS) compliance. Activities during this fiscal year include:

  • Attestation – PCI-DSS version 3.0 was released in November 2013 and became effective Jan. 1, 2014. Sunset for version 2.0 is Jan. 1, 2015, and 2015 attestation must be against version 3.0. The university’s goal is to be fully compliant with version 3.0 during the 2015 attestation.
  • Growth in merchant transaction –  NC State credit card transactions exceeded one million in 2013. The university remained at Level 3 for PCI-DSS compliance with University Dining as a separate Merchant Chain. PCI-DSS compliance levels are measured according to a merchant’s chain’s volume of transactions per year. Level 3 merchants process between 20,000 and one million Visa e-commerce transactions annually.
  • Training – OIT and the Controller’s Office developed mandatory PCI training classes, online learning modules, and forms to assist e-commerce and point-of-sale merchants with their required annual self-assessment questionnaires (SAQs) and annual attestation of PCI Compliance.
  • Monitoring – PCI DSS monthly compliance monitoring for credit card merchant accounts stayed fairly steady, changing from 263 to 278. An e-storefront solution was selected in order to consolidate service providers as much as possible.

Finding your identity
The university is the custodian of billions and billions of records, files, systems, and data, some containing sensitive information that need to be labeled as such and properly protected. OIT recently implemented Identity Finder, a tool to search across desktops and servers to locate sensitive information, such as credit card or Social Security numbers and critical research data.

Check!
In collaboration with Human Resources (HR), OIT has published the new System Access Checklist, a companion document to HR’s recently updated Employee Separation Clearance Checklist. During an employee’s separation, these documents help supervisors preserve access to the employee’s electronically stored information, systems and applications, which may include, but not be limited to: email, Google docs, items stored on departmental file shares, account names, encryption keys, and associated encryption passwords.

OIT announces new WolfTV cable system
wolftv brickIn December 2013, OIT completely overhauled the campus cable system, including installing new equipment, adding new channels and rebranding the entire system, WolfTV. The new WolfTV delivers all channels digitally in high-definition (HD) as long as OIT receives HD channels from its service providers.

For several years, OIT has been looking at ways to improve the existing analog system, which provides limited channels. WolfTV delivers a significant upgrade in quality — both picture and content — and better service at the same price point. Home shopping and local government channels are no longer available, and several new sports, movie and music channels have been added. A new cultural and informational channel, NC State on Campus, was also added, and WolfBytes Television was completely overhauled.

Additional Highlights
Virtualization and storage – Continued adoption of the centralized virtualization service (VMWare), with more than 900 virtual servers and computers (VMs). Bulk virtual file service is now used by all colleges, and 80TB storage is used by campus customers. Backed up over 1 Petabyte of data to an off-site location. Partnered with NCSU Libraries on installation of Isilon storage system.

Data Center – Continued transition to new data center network architecture based on new N7K platform. Implemented new load balancing architecture in data centers. Expanded data center architecture to allow for connectivity beyond the two on-campus data centers. Completed installation of additional fiber needed for backbone resiliency among major hubs and data centers.

Wired outlets and ports – Wired outlets grew from approximately 39,500 to 41,436. Available network ports grew from approximately 76,000 to 83,006.

Network uptime – Maintained 100 percent uptime for campus network backbone and Internet gateway year-to-date.

Network Operations Center (NOC) – Handled over 9,500 customer contacts including 5,043 phone calls and more than 2,100 work orders.

iTRACS – Completed phase 2.5, intra-building fiber, of the mapping of the physical data network. Started phase 3.1, which involves outside plant (OSP) fiber terminations.

UNC system IT Security Council Security Framework – Prioritized identified gaps in compliance with the university’s recently adopted framework (ISO 27002) for information security to help address areas of non-compliance at the university level.

Security roadmap – Began the process to facilitate university-level compliance with rules, regulations, laws and standards, including but not limited to: ISO-27002, PCI-DSS, Defense Federal Acquisition Regulation Supplement (DFARS), and National Institute of Standards and Technology (NIST).

Public record, litigation hold and eDiscovery requests – Decreased from 18 to 16.

Daptiv – Developed project management processes and reports to identify and prioritize OIT projects in progress.

Security incidents reviews/exercises – Conducted annual security HR/Financial/Student Information System access reviews and received 100 percent response. Reviewed 10 security assessments for security considerations. Revised and developed several procedures and guidelines for compliance with regulations and legislation.

Security vulnerabilities – Responded to a number of major phishing scams such as Heartbleed, Payroll deposit phishing scam, Internet Explorer security issues, and Adobe security issues.

Organizational resiliency – Progressed significantly on resiliency plans, defining restoration and recovery times for core services such as email, ERP systems, Web services, and hosted systems in the event one or more data centers were to become unavailable. Also successfully tested a solution for payroll resiliency.

Software Asset Management (SAM) – Enhanced processes to standardize against ISO 19770-1, a framework that allows OIT to demonstrate that it performs high-quality software asset management.

Phishing detection, prevention, mitigation, and recovery responsibilities – Continued to expand. Established Incommon SSL certificate service and issued 98 new certificates.

Software – Provided 16,481 software downloads (up from 12,935), significantly reducing physical media and duplication costs. Consolidated and terminated major license agreements, decreasing the total managed number from 142 to 116 and resulting in significant reduction in costs and resources. Increased licensing partnerships with colleges and departments by approximately $273,086.47, resulting in $1,822,161 in total licensing partnerships. Negotiated new system-wide site licenses for a hosted JAMF Casper license, a campus site license for Erdas Imagine, and a hybrid lower-cost agreement to license Acrobat Professional for much of campus.

OIT Managed Desktop – Added 22 Department of Biological Sciences’ machines to the OIT Managed Desktop service.

IT relocations – Assisted with the IT setup needs for a number of large moves, including the Talley Student Union, the new Oval Dining location at Centennial Campus, the Business Operations Center, and the NC State’s Intensive English program.

Printing – Completed the migration to PaperCut for Wolfcopy printer departmental billing. Approximately 2,381,902 pages were printed in the past year in the student accounted printing service. The transition to a new Windows-based printing environment is also underway for managed desktop clients.

Office 365 – Testing the online use of Office applications to give students, faculty and staff access to free licenses for personal use. Also in the process of building and testing a federated authentication system that will allow users to log in to Office 365 with their Unity IDs.

MarketPlace – Integrated a number of new MarketPlace vendors to increase purchasing cost-effectiveness across campus.

Kaba time clock – Implemented supervisor approvals within the time-keeping system and extended the service to all temporary employees.

Advance System – Completed much of the effort needed to upgrade the Advance System, the donor and alumni database for NC State. The target go live is August.

Higher One – Worked with the Controller’s Office to develop and award a request for proposal for an enterprise PCI-compliant eStorefront application. The target go live is August.

Non-credit management system – Completed the bulk of the work needed to issue and release a RFP for an enterprise non-credit management system. The release date is September.

Citrix – Completed refresh of Citrix infrastructure, providing remote access to applications and securing data center resources to support security, compliance and disaster recovery objectives.

Tivoli Workload Scheduler – Automated 63 vendor remittance processes and several complex student processes (saving time and reducing errors) that had previously been run manually and are now integrated with Tivoli.

Free training and education – Taught 134 classes on 35 unique topics with 587 unique users registered.

New Student and Employee Orientation – Conducted 17 student and 17 parent orientation presentations to educate students and parents about information communication technology (ICT) resources and acceptable use. Participated in 17 Information Fairs during the 2013 New Student Orientation and produced 11,000 copies of the Computing @ NC State newsletter.

Web Hosting Services –  Managed more than 120 paid Web hosting accounts (and an additional 25 for OIT use). Hosted WordPress and Drupal services continue to thrive with 17 paid hosted WordPress accounts and 31 paid hosted Drupal sites. There are currently 340 WordPress blogs. OCC is also starting migration to Drupal 7.

Communications – Published OIT News, the monthly IT e-newsletter for staff and faculty. Posted regularly on the OIT home page and from OIT’s Twitter account, with an average of 60 tweets per month, and a positive trend in the number of tweets retweeted and favorited. Participated in campus-wide campaigns, including: National Cyber Security Awareness Month, Wolfpack Welcome Week – Campus Crawl, Data Privacy Month and Phishing. Continued publication of the OIT Academic-Year Student Calendar.

Back to top ↑

MANAGE

Goal 4: Optimize IT Resources through Governance
NC State will use IT governance processes to acquire, develop and allocate IT resources — both finances and people — needed to provide the robust IT services required to achieve the university’s vision and strategic priorities.


Balancing IT resources
This fiscal year, OIT was challenged with balancing resources — both finance and personnel — in a constrained budget environment. Likewise, our campus’ unit and college IT departments also felt the effects of dwindling state-appropriated funding.

Budget Allocations
OIT’s budget for fiscal year 2013-14 was $48.5 million, with personnel accounting for 56 percent ($26,971,759) and operating cost accounting for 44 percent (21,547,067). In addition to this year’s budget allocation, OIT received $276,000 in enrollment change funding on a continuing basis. One-time funding included $1,360,000 for storage replacement and  $320,000 for high-performance computing sonas replacement. OIT also received $60,000 in continuing funds in Educational and Technology Fee (ETF) for multimedia accessibility and captioning, and one-time funding from ETF included $31,500 for Virtual Computing Labs and $85,554 for wireless.

Budget Reductions
OIT incurred a budget reduction of $1,183,981 in fiscal year 2013-2014, resulting in the eliminations of 9.75 vacant positions and one filled position. Impacts to campus included:

  • longer Help Desk and support response times
  • delays in upgrades and new services
  • restricted expansion of the enterprise imaging system
  • use of third-party providers for hardware maintenance
  • significant delays in Web application development
  • significantly decrease portfolio/project management tracking capability causing potential project delays
  • delayed OIT Web content updates
  • reduced information and training provided to campus
  • reduced support for the campus Linux environment
  • delays in delivery of new virtual computing lab requirements

This budget reduction limited the organization’s ability to handle projects critical to improving efficiency in business and academic functions and to provide strategic solutions to all campus units.

Looking forward, OIT hopes to maximize the new IT Strategic Plan and the campus IT Governance structure to provide the IT services necessary to accomplish the university’s mission, vision and goals.



strat-plan-table-group-180IT Governance at Work

Within the past year, those involved in the university’s IT governance groups have dealt with many issues and ideas from evaluating the usage of clickers to adoption of the new data sensitivity framework. The major role of the IT Strategic Advisory Committee(ITSAC) and Campus IT Directors (CITD) in particular has been their involvement in the creation of the IT Strategic Plan.

These two groups held their first joint meeting last summer to pull together the strategic issues that had emerged from the data-gathering process undertaken in the spring.

Over the course of several meetings, the university’s IT Strategic Plan’s Guiding Principles and Strategic Goals emerged. The IT governance subcommittees were also substantively involved in the process, joining ITSAC and CITD to define the overarching themes and then later to develop the strategies to carry out each of the six strategic goals.

The IT governance groups will play the leading role in overseeing the implementation of the IT strategic plan, with the Implementation Steering Team guiding the process.

This summer, work began to re-focus the ITSAC so it can better provide the strategic advice as university-wide representatives to help focus IT resources to most effectively achieve the broader university goals through the implementation of the IT strategic plan.

The IT governance structure and processes will continue to evolve into enable IT resources to be used collaboratively and efficiently to carry out the university goals. This process is an on-going partnership among all members of the university IT community.

Back to top ↑

COLLABORATE

Goal 5: Cultivate a Collaborative IT Culture
The university will foster a culture in which the IT community works effectively across boundaries to address IT challenges, assisted by an effective IT governance structure.


Making a Difference
IT Accessibility is a major challenge on NC State’s campus, but there are many people working to make a difference.

To encourage campus website owners and designers to make accessibility improvements to their Web pages, the University IT Accessibility Office, housed within OIT, sponsored not one but two challenges. Held last fall, the NC State 2013 World Usability Day encouraged website developers to address general usability by correcting the most website accessibility errors and to add a “skip to main content” link on at least 80 percent of their Web pages. This challenge ended with the correction of 416,196 accessibility errors.

The second annual NC State Global Accessibility Awareness Day (GADD), held this spring, recognized sites that improved overall accessibility by the greatest percentages and those that had the Accessible Rich Internet  Applications (ARIA) roles “main” and “navigation” added to at least 80 percent of their pages. Approximately 905,082 accessibilities errors were corrected in this challenge.

A total of 4.1 million accessibility errors were corrected in this fiscal year.

A new remedy?
OIT Technology Support Services Help Desk Services group and the campus IT governance group are evaluating possible replacements for the Remedy call tracking system, which has been used by dozens of campus departments and colleges since 1999.

OIT recorded a total of 826 Remedy users with the addition of 173 new users. Thus far, 97,754 calls were logged across all workgroups. Twenty-three workgroups and 59 new solutions were created, while five workshops and 573 solutions were retired.

Making a secure connection
OIT established the Campus Security Liaisons program to designate individuals at the college, department or unit level who will serve as security subject matter experts in four security topical areas: litigation holds, PCI-DSS compliance, compromised machines, and sensitive data.

Security liaisons will coordinate the exchange of information and practical operational knowledge with the OIT Security and Compliance team to strengthen cross-organizational communication and to share the responsibility for appropriately securing university information resources.

Additional Highlights
Web Services Team – Created to allow for discussion and planning by OIT employees who support and maintain campus Web services.

Co-Working Fridays – Organized an opportunity for campus Web developers from various colleges and departments to share their expertise on individual projects and challenging issues.

Back to top ↑

COLLABORATE

Goal 6: Foster Connectedness of Communities
Provide tools and technology-rich physical and virtual spaces that support meaningful connections across university communities.

BK2_fallshoot10-215

Multimedia Accessibility Grant
The University IT Accessibility Office secured $60,000 in Educational and Technology Fee (ETF) seed money to help finance video captioning for faculty who want to proactively caption video or who have an accommodation request.

Meeting with the Pack
If you’re a member of the WolfPack, you can meet with your contacts and other colleagues more efficiently now. OIT ComTech rolled out WolfMeeting, NC State’s new fee-based WebEx service, on April 14. An on-demand collaboration tool that combines audio, video and Web conferencing, WolfMeeting allows campus users to share information and expertise from their computer, phone or mobile device without the hassle or expense of traveling.

Color Contrast Analyzer for Chrome
The University IT Accessibility Office, housed in OIT, developed a free tool to help analyze textual color contrast in Web pages to meet accessibility requirements. It does so by treating online content as an image and performing pixel-by-pixel analysis of the image. The Color Contrast Analyzer for Chrome is currently being used worldwide.

Project Management Lite Internship
“Students first” is Student Affairs’ credo and ours! It means putting student learning and success in the forefront of what we do. This summer, OIT collaborated with the Poole College of Management (PCOM) to initiate the OIT Project Management Lite Internship to expose sophomores and juniors to real-world experiences right here, right now at a place they call home – NC State.

The program also provides cost-benefits measures for OIT by leveraging the talents of students embodied with new generational knowledge. Two participants have received internships and are working this summer in Security and Compliance and Enterprise Application Services. Intended to be a multi-semester and possibly multi-year program, the internship will continue to be evaluated to meet the needs of the campus community.

Go Links gets an upgrade
Go Links, NC State’s own short URL generator, was upgraded earlier this fiscal year. In addition to a new look for the Welcome page — redesigned to embrace NC State branding standards — there are several features that have been removed, added or enhanced for improved efficiency.

What’s Gone

  • The ability to “theme” a link, which added a toolbar to the top of the linked page when displaying it. The presence of a toolbar caused major printing problems as well as introduced a level of complexity when trying to display the linked page on a mobile device. All Go Links now go directly to the target URL specified in the Go Link.
  • The ability to add Google Analytics to a link. Out of 10,000-plus links, only 32 used the Google Analytics options, and some of those were test links created during the development of the Go Links application. Go Links provides its own statistics.

What’s New

  • The Link Directory function, which is used to find your own links, links shared with you, or all links.
  • The Top 10 Statistics function, which provides a quick snapshot of the top 10 referring URLs, the top 10 browsers used to access the Go Link, the top 10 IP addresses of the users clicking on the Go Link, and the top 10 modifiers used on the Go Link.
  • The Link Details layout has been simplified, making it easier to find what you’re looking for, and things that take longer to calculate and display, such as the statistics, have been moved to a separate section, making the Link Details faster to load for everyone.
  • Although most users won’t notice, the admin interface has been improved to allow easier search and management of the links, banned phrases, as well as investigation of invalid links that anyone attempted to create.

Additional Highlights:
ClassTech – Supported 186 spaces, including 24 service-level agreement spaces, ranging from baseline “110-type” classrooms and conference rooms to high-end spaces utilizing cutting-edge technology for rich-media capture. Completed an overhaul of the audio systems in the Hunt Library Auditorium to help improve audio quality and supportability and completed audio video overhauls of a number of spaces in the Park Alumni Center.

Onboarding – Conducted four Quick Start sessions and 43 New Employee Orientations, with 1,062 new employees attending.

Media and Student Services –  Continued programming of three local-origination cable television channels on the WolfTV cable system and will launch a fourth channel this fall. Partnered with 28 different groups, including the Campus Police, Office of Faculty Development, TEDxNCSU, College of Veterinary Medicine, and the National Intercollegiate Recreation Sports Association to produce video/audio content.

Campus Operators – Fielded more than 58,000 calls.

Back to top ↑

OUR PATHWAY TO THE FUTURE

OIT supports the goals of “The Pathway to the Future: NC State’s 2011-2020 Strategic Plan” through the following services. Details about these services can be found in the OIT 2013-14 Annual Report.

UNIVERSITY STRATEGIC GOAL 1:
ENHANCE THE SUCCESS OF OUR STUDENTS THROUGH EDUCATIONAL INNOVATION


  • Created, in partnership with the Poole College of Management, the OIT Project Management Lite Internship to provide experience and training for interested students.
  • Requested and received an increase to the Educational and Technology Fee (ETF), starting in the 2014-15 academic year, to cover wireless services and classroom capture.ncstateOARlarge
  • Trained and leveraged the talent of 12 student workers to cover events for Wolfpack Sports Television.
  • Overhauled the campus cable system, installing new equipment, adding new channels and rebranding the entire system WolfTV.
  • Completed the Bowen Residence Hall full wireless pilot and making plans for ubiquitous wireless in all residence halls by fall 2016.
  • Delivered Computing @ NC State newsletter to parents and a one-pager to students to educate them about IT resources and acceptable use.
  • Introduced four new consumer apps — FeedBurner, Map Maker, Google Books and Google Places— in the Google Apps @ NC State environment to provide flexibility and increased options for students, faculty and staff.
  • Enabled WolfPrint FollowMe Printing for students and staff who uses iOS devices.

Back to top ↑

UNIVERSITY STRATEGIC GOAL 2:
ENHANCE SCHOLARSHIP AND RESEARCH BY INVESTING IN FACULTY AND INFRASTRUCTURE


    • Completed the IT Strategic Plan for the university to provide a vision and framework for how the university’s comprehensive IT environment can best support and accelerate achievement of the mission, vision, and goals of NC State.
    • Secured a Multimedia Accessibility Grant to help finance video captioning for faculty who want to proactively caption video or who have an accommodation request.
    • Received a $499,890 National Science Foundation (NSF) grant to develop a new network autobahn to deliver high-volume data transfers to NC State researchers using software-defined networking.
  • Delivering IPv6, the next generation Internet protocol, over the multiprotocol label switching (MPLS) infrastructure to define virtualized network architectures for units and departments, data centers and cloud computing environments.
  • Added integrations via the Human Resources System to provide detailed payroll information and cost-sharing information via a new table of the Principal Investigator (PI) Portal, which allows research faculty to view HR and financial information related to their projects.
  • Performing power and cooling renovations in Data Center 2 and extended island of improvement to include two additional sections in Data Center 1.
  • Worked on the new Oracle Identity Management System to replace many legacy and manual processes.
  • Completed Wake on LAN pilot with the College of Natural Resources and the Office of Sustainability to remotely power on certain devices dynamically when needed.
  • Continued transition to new data center network architecture based on new N7K platform. Implemented new load balancing architecture in data centers. Expanded data center architecture to allow for connectivity beyond the two on-campus data centers. Completed installation of additional fiber needed for backbone resiliency among major hubs and data centers.

Back to top ↑

UNIVERSITY STRATEGIC GOAL 3:
ENHANCE INTERDISCIPLINARY SCHOLARSHIP TO ADDRESS THE GRAND CHALLENGES OF SOCIETY


  • Partnered with regional organizations to develop a testbed to transfer large research data sets and permit regional experimentation with software-defined networking technologies. The testbed will eventually allow institutions to dynamically construct research circuits across the networks of numerous universities and national labs.

Back to top ↑

UNIVERSITY STRATEGIC GOAL 4:
ENHANCE ORGANIZATIONAL EXCELLENCE BY CREATING A CULTURE OF CONSTANT IMPROVEMENT


    • Conducted an assessment of the effectiveness of all OIT communications, including websites, publications, social media, email, groups, and lists.
    • Conducted scans to detect accessibility errors on more than 380 campus websites, totalling more than 150,000 pages.
    • Collaborated with campus in the development of service teams to provide enhanced support for the System Center Configuration Manager (SCCM) service.
    • Developing standard operational procedures and workflows for cross-unit activities.
    • Created Central Integration Services to focus on the deployment and maintenance of Linux/Unix operating systems with particular focus on ongoing support for the Realm Linux environment.

 

  • Received a $10,000 grant to develop software-defined networking to change the way the university provides network access to campus resources.
  • Launched an eduroam (education roaming) pilot, a fully encrypted wireless service for the campus community.
  • Upgraded controllers to support 8.02.11 ac technology, resulting in more robust hardware to support increasing wireless demands.
  • Developed an iOS application for interaction with the VCL.
  • Developed “On Campus at NC State,” a mobile app for campus information.
  • Implemented Alertus, a desktop notification service to warn campus of imminent danger.
  • Performed risk assessments and approval of all campus clickwrap agreements.
  • Published new Data Sensitivity Framework and revised Data Management Procedures to enable handlers of university data to access its security sensitivity level and secure it accordingly.
  • Implemented a redesigned Onboard Portal using the Activity Guide within the Human Resources System.
  • Upgraded Class Search, the university’s online schedule of classes, to search by term.
  • Continued to make progress on Oracle Identity Management to help streamline the deployment of new university processes.
  • Continued plans for ubiquitous wireless in residence halls by fall 2016.
  • Rolled out Kaspersky as the new campus antivirus solution.
  • Spearheaded with the Controller’s Office the university’s effort to ensure all credit card merchants and related IT systems achieve PCI DSS compliance.
  • Implemented Identity Finder to locate sensitive information across desktops and servers.
  • Implemented a new System Access Checklist to help supervisors preserve access to the employee’s electronically stored information, systems and applications.
  • Enabled 2-Step Verification to add an additional layer of security for users of the Google Apps domain.
  • Moved the campus OS X and iOS management service to a vendor-hosted model.

Back to top ↑

UNIVERSITY STRATEGIC GOAL 5:
ENHANCE LOCAL AND GLOBAL ENGAGEMENT THROUGH FOCUSED STRATEGIC PARTNERSHIPS

  • Continued partnering with MCNC and other Triangle campuses to develop a comprehensive strategy for software-defined networking (SDN) across campuses.
  • Participated in the Moodle Accessibility Interest Group to improve the learning management system.
  • Hosted with Juniper Network a public/private workshop on software-defined networking, an emerging networking technology.
  • Implemented dedicated software-defined networking (SDN) circuit scalable to 100Gbs (10×10) as part of regional (NCREN) and national (Internet2) collaboration.
  • Continued to serve as a lead contributor to the Apache VCL project and used the software to deliver the university’s VCL service.
  • Continued efforts with the City of Raleigh and Wake County to increase broadband to the Triangle’s seven-county metro area via the Gig.U initiative.

Back to top ↑

RECOMMENDATIONS AND CONCERNS FOR THE FUTURE


Security and Regulatory Concerns

An increase in security and regulatory concerns, like the uptick in campus phishing attacks, the Heartbleed vulnerability, the unsupported Windows XP OS, and the rollout of new antivirus, continue to place high demands on staff resources, hardware and software. Other concerns include:

  • Third-party software patching is frequently delayed or not done, contributing to a significant portion of compromises on campus.
  • Porous Internet perimeter security policy results in constant exploitation of vulnerabilities from outside the university.
  • Security of Internet cloud-based IT applications is immature and fraught with issues.
  • Web application security continues to become more critical and complex.
  • Decreased funding for the portfolio project management tool has resulted in a reduced number of staff who can access the tool, which may inhibit OIT’s efforts to become more efficient and effective.

Recommendations

  • Vulnerability management tools, secure Web development training and secure configuration standards to detect and protect against the changing threat landscape.
  • Updated network perimeter policy to address new threats to mobile devices and OS X and to address threats from sophisticated data-stealing trojans and attacks on remote access systems.
  • Development and implementation of both identified and required security procedures and processes.
  • Identification and protection of highly sensitive data, including research data.
  • Investigation and mitigation of very high and increasing volume of new and more complex security incidents such as dictionary attacks on privileged accounts, creative targeted phishing attacks and advanced persistent threat attacks looking for sensitive data.
  • Increased funding for staff training on new IT security technologies and existing systems.
  • Support for new security services as the security staff’s workload continues to increase.
  • Mandatory security awareness training for all students, faculty and staff.

Physical Facilities Concerns
Data center capabilities and office space limitations in the Hillsborough building continue to be limiting factors.

Storage Concerns
Research storage is becoming a critical issue for several reasons. Existing and anticipated federal requirements for data security and retention will add to the effort required to maintain this storage. In addition, research computation on commodity Linux cluster, support for big data analysis, and general storage for research data that complies with retention requirements are all increasingly demanding additional storage capacity.

Staff Concerns
Critical staff and projects continue to be constrained by more aggressive schedules and increased workload. Other concerns include:

  • Lack of depth in critical technical positions, resulting in no backups for critical functions such as document management, SAS, non­credit, etc.)
  • Availability of resources for various implementations, upgrades and migrations, particularly management resources to oversee and coordinate the large volume of planned technical activities.
  • Ability to provide competitive salaries to recruit and retain the staff required to support complex scope of services, including customer and compliance requirements.

Recommendations

OIT should maintain:

  • engagement of central office leadership with evolution of enterprise systems.
  • maintain senior management commitment for sufficient resources for priority projects.

Back to top ↑

STAFF RECOGNITION AND ACHIEVEMENTS


Recognition
Will Brockelsby, Kristina Kelly and Karen Horne received the 2014 University Award for Excellence at the OIT division level. Nominees also included: Bill Coker, Josh Snapp and Amy Tawes.

patgaddy2.jpg

2014 Pride of the WolfPack Award winners were Damian Boyce, Pat Gaddy, John Garrett, Alvin Gilmore, Febbie Gordon, Lee Hargis, Greg James, Kristina Kelly, and Taylor Lundy.

John Baines, John Garrett and Sakinah Omar retired.

2013-2014 T.O.A.S.T. Award recipients included Everette Allen, John Baines, Rhonda Batts, Mardecia Bell, Brian Boley (2), Jeff Boone, Deborah Booth, Damian Boyce, Charles Brabec (2), T.J. Buffaloe, Matthew Castle, Bill Coker, Bobby Coleman, Carol Cook, Payman Damghani, Caffie Darden, Alvin Gilmore, Rhonda Greene (2), Tim Gurganus, Mark Harben, Lee Hargis, Jessie Henninger, Brandon Hill, Carol Hill, Ross Jernigan, Kristina Kelly, Tim Lowman (2), Vic Lynn, Neal McCorkle, Kevin McDonald (2), Katie McInerney, Shawn McIntosh, Mariela Montero, Jessie Moore, Jean Morris, Lark Mullins, Sarah Noell (2), Laverne Petitfrere, Chris Porter, Jen Riehle (2), Katrina Robeck, Vanessa Smith, Scott Stegar, Bert Stoner, Karen Tabron, Gerry Tibbetts, Charles Walker, Dan Waller, Ben Wilkus, Nick Young, and Zachary Zientek.

Major Appointment
Leo Howell was hired in April as assistant director of IT Policy and Compliance in Security and Compliance.

Professional Activities

  • Mardecia Bell completed her tenure as chair of the UNC IT Security Council for calendar year 2013.
  • John Baines presented “PCI-DSS Compliance Made Easier Through a Collaboration Between NC State and UNC-Chapel Hill” at UNC CAUSE 2014.
  • William Brockelsby presented the “NCSU SDN” strategy at the Internet2 members meeting.
  • Debbie Carraway is chair of the ITSAC-Infrastructure Governance subcommittee. She also completed a Graduate Certificate in Information Assurance, Security and Privacy from the University of North Carolina at Greensboro.
  • Cheryl Cleveland presented “PeopleSoft Environment Management” at the 2014 Oracle Alliance Conference and at the Campus Solutions Southeast Atlantic Regional Users Group 2013 Conference.
  • Charles Cline was elected to serve on NC State’s Staff Senate and also chairs the Active Directory Technical Working Group. He presented “Analysts, Engineers, and Architects: Technology Careers and the Cloud” at the NC Department of Public Instruction’s Business, Finance and Technology Education Summer Conference. He also led a session, “Microsoft Technologies in Higher Education,” at the national Microsoft TechEd conference.
  • Bill Coker presented “Can’t We All Just Agree? Clickwrap Agreements” and “Software Licensing in Lean Times” at UNC CAUSE 2013. He also became a certified Expert Software Manager (ESM).
  • Payman Damghani presented “From Boot to Root Pentesting Attack Vectors for Humankind” at UNC CAUSE 2013.
  • Wade Davis and Blake Kannarr presented “Commitment Accounting at NC State” at the Campus Solutions Southeast Atlantic Regional Users Group 2013 Conference.
  • Kerry Digou became a certified Internal Security Assessor for Payment Card Industry Data Security Standard (PCI-DSS) compliance.
  • Darren Fallis co-presented “Security at an .EDU: We Feel Your Pain and We Have Aspirin” at UNC CAUSE 2013.
  • Jack Foster presented “Communicating with Your Student Using Text Messages,” “Student Self-Service – Transfer Course Entry” and “Faculty Application Review” at the Campus Solutions Southeast Atlantic Regional Users Group 2013 Conference.
  • Alvin Gilmore earned the the Building Industry Consulting Service International (BICSI)’s Registered Telecommunications Project Manager (RTPM) certification.
  • Rhonda Greene completed a certificate of social media management.
  • Gwen Hazlehurst served on the Administrative Process Review Committee (APRC) and as the chair-elect for the General Administration Shared Enterprise Application Services Committee.
  • Marina Kelly and Lon Thomas presented “Using Business Intelligence to Reflect, Rethink, and Respond” at the University Professional & Continuing Education Association (UPCEA) South 2013 Conference.
  • Chris King presented “The Gift that Keeps on Giving: Are Student Workers Right for You?” at the 41st annual ACM SIGUCCS Management Symposium in Chicago. He also presented two papers, “The Dirty Hungarian Phrasebook of Tech Support” and “The Path to Google: Selling Ice to Eskimos” (both of which were later published) at the Service and Support portion of the same conference.
  • Greg Kraus served as EDUCAUSE IT Accessibility Constituent group leader and as Moodle Accessibility Interest Group co-coordinator. He also served on the EDUCAUSE Connect Program Committee and the NCSU University Diversity Advisory Committee.
  • Greg Kraus gave numerous accessibility presentations for EDUCAUSE Live!, Accessing Higher Ground, UNC CAUSE, the CSUN Annual International Technology and Persons with Disabilities Conference, Association on Higher Education and Disability (AHEAD), UNC-Greensboro and Equal Access to Software and Information (EASI).
  • Yessy Mendoza-Tate presented “Deep Dive: Building a WorkCenter” and “Talk About Journals:  Get some ideas, share your wishlist” at the 2014 Oracle Alliance Conference.
  • Yessy Mendoza-Tate and Ron Reed presented “Leveraging WorkCenters and Pagelets” at the Campus Solutions Southeast Atlantic Regional Users Group 2013 Conference.
  • Sarah Noell served as chair of the UNC CAUSE 2013 Conference.
  • Harry Nicholos served as chair of the University Copyright Committee.
  • Connie Reitfort presented “Enabling Education in the Digital Age” with Oracle representatives at the 2013 Educause Security Conference.
  • Tom Reynolds co-presented with members of the Purchasing Office “Enhancing ProCard to Deliver Card Account Management” at the Campus Solutions Southeast Atlantic Regional Users Group 2013 Conference.
  • Greg Sparks is serving on the ACUTA Regulatory and Legislative Committee and Cisco’s Public Sector Technology Exchange.

Back to top ↑

IMPROVING STAFF WORKING CONDITIONS


Charged with improving staff morale in the workplace, the Staff Relations Team (SRT) opened the floor to OIT employees during three scheduled open forums and a Town Hall Meeting.

The forums held last year offered staff the opportunity to discuss with Dr. Hoit and OIT directors various topics like employee morale, budget reductions, staffing, organizational culture, and other issues important to them.

During the town hall meeting held on March 28, Dr. Hoit discussed:

  • the upcoming IT Strategic Planning Process for campus, which will provides a framework for the campus community to achieve the IT environment necessary to help the university achieve its mission.
  • his five-year review findings and next steps, which included:
    • establishing the draft set of expectations and common management response guidelines (OIT SOP Best Practices) to address consistent standards of performance and ensure accountability across all of OIT. This draft was based on employees’ comments and suggestions from the previous open forums.
    • Administering a survey by an independent group that is designed to enhance understanding of key issues impacting OIT such as (1) deadlines and objectives; (2) accountability; (3) identifying and eliminating barriers; (4) retention; (5) morale; and (6) managing senior OIT officials.
    • Continuing to identify any additional strategies for addressing key issues discovered from the feedback.

Employees were also provided the opportunity to ask questions and talk about their concerns during the question-and-answer period.

In response to the Google Hangouts feedback shared during the OIT Town Hall, the SRT team helped to coordinate two workshops specifically for OIT staff to learn more about this platform and discuss best practices for conducting virtual meetings. Hangouts is Google’s free web conferencing tool that allows you to communicate with others via video, audio, and text messaging.

During this fiscal year, the SRT also sponsored several OIT recognition programs, such as the Totally Outstanding Attitude, Service and Talent (T.O.A.S.T.) Award, the Pride of the WolfPack Award, and the OIT’s University Awards for Excellence. The team participated in Google communities, and coordinated the OIT Lunch Bunch so employees can meet with each other.

Back to top ↑

STAFF DIVERSITY


Diversity lives within the heart of every person within the Office of Information Technology. It’s our individual differences, ideas and experiences that make us who we are personally and collectively as an organization. In OIT, we strive to create a culture that fosters mutual respect, values differences and promotes cross-cultural understanding among our current 254-member workforce (There are approximately 14 vacant positions.). It is our staff’s diversity that enables us to respond innovatively to IT challenges.

Our staff, comprised of 175 men and 79 women, are:

African American  28
American Indian  3
Asian  15
Hispanic  7
White  201

Back to top ↑