CTAB Minutes

Campus Technology Advisory Board

CTAB Minutes
Friday, February 11, 2011
Campus Center 114

Attendance:   Scott Roby, John Kane, Chris Hebblethwaite,  Brenda Farnham, Jane Winslow, Mark Springston, Steve DiMarzzo, Abby Wiertzema, Dan Griffin, Joe Moreau, Mike Pisa, Dave McQuin, Paul Taylor, Nicole Decker, Tyrone Johnson-Neuland, Mike Flaherty, Natalie Sturr,  Pat MacNeil, Marcia Burrell, Tim Yager, Pat Pacitti

Agenda Approved

December 10, 2010 Minutes Approved

Applications and Equipment - Natalie Sturr
·         Images for Faculty and Lab computers ready for next year
·         Please get your comments and ideas to Natalie by March 1, 2011
·         Nicole gave a nice overview of Office 2010 roll out project
·         Discussion about computer rights and responsibilities
·         Next Meeting will be March 9, 2011 at 8:00 am in the CELT Conference Room

By Laws - Dave Bozak (Joe Moreau)
·         Need to select SCAP representatives for next year
·         Need to review department representatives
·         Marcia is her second year as chair and is at the end of her term
·         Joe will contact Dave to get prepared
·         Marcia commented that all of the above is on the May agenda

Adhoc on Tech Plan - Mike Flaherty
·         Meeting on February 14, 2011
·         Suggested on looking at tech plans from other campuses
·         Framework document has gone to Provost Council
·         Joe will be meeting with President's Council to update them and to get some additional direction and input

Education Committee - John Kane
·         Minutes to be posted soon
·         Discussion about E-book readers, Spring Workshops to be offered, portal status and Winter Breakout
·         Winter Breakout attendance was the largest ever
ITC - Mark Springston
·         Need to move forward with SCAP so that it can be done earlier
·         SCAP reps need to be elected later this spring
Discussion - Computing Technology Rights and Responsibilities - Part 1
·         Committee has work hard but need to take a step back and review the policies that protect the network on campus and make sure users are able to do their jobs.

·         Privileges
·         Levels of privileges - low, higher, administrator
·         Primary components
·         What users can change

LANDesk is not a privilege; it is used to update computers by self-service applications, auto push out applications and to remotely access computers to repair problems.  This saves the CTS staff a lot of time and effort.

Primary Issues

What should a user's privileges be set at

·         How should it be determined
·         Who will make the decision of the level of privileges
·         Why is this an issue?
o   It is a security issue for our vulnerability in combating malware.
o   Malware infiltrates and attaches our network.  Malware is now coming in the auto execute format. Previously a user would have to do something to activate the malware.
o   Just viewing a page can infect our network - this is known as a "drive by" infection
o   There can be compromised address books and email can be generated and sent out and we feel safe opening the email since it is from a friend and follow a link that is malicious
o   This also happens on social media sites
o   The best antivirus software can stop all malware attacks
o   This is not just an annoyance
o   Malware can render a machine useless and a loss of date
o   20% of the help desk tickets reported are related to malware
o   The purpose of malware is to commit a crime, steal personal information to be used for identity theft or to sell to others
o   Verizon data breach report
o   Sophos reported 95,000 pieces of malware last year
o   The average data breach cost $204 per records

Questions and Comments
·         Steve DiMarzo - when downloading Clean Access for his Mac there was no requirement for an antivirus software.  Paul Taylor commented that we are waiting for information from the vendor
·         Mike Flaherty - is it easier for malware to attach to a Windows-based computer than a Mac computer?  Joe commented that this is mostly a Windows problem
·         Scott Roby - questioned whether department lab computers that the department maintains themselves should be better informed and need more information to maintain them.  Paul commented that those maintaining the labs do have administrative rights and yes should be kept update more consistently.
·         Marcia Burrell - While she understands that CTS is trying to balance all, she is not comfortable with someone outside of her department making the decision on her usage of her computer to do her job.  If she cannot do something on her work computer why can't she just bring her personal computer to work and do it that way?
·         Joe Moreau - while we have allowed personal computers in the past the answer forth going should be no.
·         Marcia Burrell - what is the difference between having wireless access to do things.  Paul commented that when wireless one doesn't have access to everything.  There are firewalls to protect the network.  This goes for Faculty and Staff connecting via wireless as well as students connecting by wireless
·         Tyrone Johnson-Neuland - personal machines are a different issue and need to have a different policy and need to be put into a different area of the network that will have restrictions.  CTS maintains the campus machines
·         Mike Flaherty - the concept of plugging directly into the wall into the network, wireless and VPN all need to be discussed further so that everyone understand them
·         Natalie Sturr - Faculty and staff machines there is a concern of people being able to do their job and not having to wait 24 hours or a week before someone is able to respond to the requested need
·         Scott Roby - need to understand wired, personal and VPN
·         John Kane - are most breaches not caused because of phishing scams.  Joe Moreau, not any more.
The second part of the discussion will be during the next CTAB meeting

Campus Technology Services - Joe Moreau

CIT 2011 Conference will be at Oneonta campus from May 24-27, 2011

o   Abstracts have been reviewed

o   This will be the 20th anniversary

o   Encourage all to attend

o   Many ways to pay for your attendanc

LakerApps Updates

o   There have been requests for additional resources

o   Google has included consumer based systems to be available to us

o   There are a few gotcha's that SUNY counsel needs to review

o   While our contract now is good the new resources come with an additional agreement that is more in favor of Google than us.  This agreement we have had no input on

o   There is also a statement that we need to get out ahead of that administrators will have access to email and we will want to make a statement that in no way we will access anyone's email unless asked to do so because of a problem or a legal issue

o   Scott Roby wanted to know if our counsel has reviewed.  We will rely on our SUNY counsel to resolve any issues that we may have with the new user agreement as they will get further with Google than we will as a campus separately.  There are other colleges that are going through the same thing

o   There will be some new things that CTS will roll out

Ending Comments
·         We will review and revisit the questions and comments about malware at the next meeting
·         There however will be no one size fits all

Next Meeting will be March 11, 2011, 8:00-9:30 in 114 Campus Center

Respectfully submitted,

Deborah J. Haynes