information risk & policy governance council - roadmap ... · expand the splunk service to...

Information Risk & Policy Governance Council - Roadmap October 2017 Strategy Activity Description 1H - FY18 (Jul - Dec 2017) 2H - FY18 (Jan - Jun 2018) 1H - FY19 (Jul - Dec 2018) 2H - FY19 (Jan - Jun 2019) Notes/Cross References

3.1 Support the protection of sensitive

information in compliance with

regulations and policy.

Institutional Data Protection

Research and evaluate data center architecture improvements to address

identified issues, position for future needs (Falsetti)

Develop the data centers architecture (Falsetti)

Implement the data centers architecture (Falsetti)

In-Arc

Improve processes for technology, software and cloud procurement, and for grant and contract review, to ensure appropriate security controls are in place

(Scott/Corey)

Enterprise Services

Enterprise Firewalls refresh/update (Beninga)

Implement improved security for managed client devices (Furst)

Investigate modern network security for client devices (Beninga)

Implement modern network security for client devices (Beninga)

Review developer security controls, processes, and procedures; revise standards and guidelines for campus developers (Furst)

Regulatory Compliance & Institutional Policy Compliance

Broaden the utilization of security awareness training, and explore additional user risk mitigation initiatives (Corey/Staal)

Complete the comprehensive review and update of IT policies. (Corey)

Evaluate policy gaps, and develop new policy as needed, such as DLP (Corey)

Update new employee orientation materials to include information about Two-Step login, awareness resources, and policy.

(Staal)

Compliance requirements for EU-GDPR, NIST 800-171, HEA, etc understood and planned

(Drews) Compliance plans implementation executed (Furst)

Assess enterprise data centers and ensure ITAR compliance, NIST 800-171 compliance

(Furst)

Evaluate BTAA cyber insurance RFP offering (Furst/Bathke)

Risk Assessment

Assess UI systems with sensitive data for compliance with security policy and standards. (HIPAA hybrid components; Credit Card systems) - (Lundberg/Corey)

Plan Enterprise IT Risk Assessment (Furst)

Execute Enterprise IT Risk Assessment (Furst)

Execute penetration tests on a minimum of 5 critical enterprise systems per year (Furst)

3.2 Improve the ability to monitor IT networks and

Log & System Monitoring, and Correlation

Implement improved DDoS protections, and flow capture method for networking -(Davis/Beninga)

InArc

Investigate options to upgrade/replace Intrusion Detection System -(Furst/Brenton)

Implement solutions to perform logging and monitoring of university cloud services in AWS and Azure (Beninga)

Evaluate needs for monitoring virtualized environments (Beninga)

DR/BCP Plan and execute an IT tabletop disaster

recovery exercise (Internet Threats) -(Drews/Furst)

Information Risk & Policy Governance Council - Roadmap October 2017 Strategy Activity Description 1H - FY18 (Jul - Dec 2017) 2H - FY18 (Jan - Jun 2018) 1H - FY19 (Jul - Dec 2018) 2H - FY19 (Jan - Jun 2019) Notes/Cross References

monitor IT networks and systems, and respond to

inappropriate activity and risk.

Security Incident Response

Evaluate and implement email hygiene solution for Office 365 (Scott/Lenger/Furst)

General Services

Expand the Splunk service to ingest additional log sources for security

correlation and alerting purposes (Brenton) Expand Splunk service to non-security partners (Brenton)

Develop long term strategy for tracking systems with sensitive data (replace USR) -

(Furst/Corey) Implement strategy for tracking systems with sensitive data - (Furst)

System Assessments Implement improved vulnerability scanning solution (Nexpose) to better meet campus

needs (Furst/Lundberg)

Implement new features of the Nexpose system for distributed use

(Lundberg/Furst)

3.3 Strengthen HawkID identity verification to meet evolving campus

authentication and external federation

service requirements.

Federation of Identity and Infrastructure Support for SaaS

Integrate two-step login with Shiboleth to support federated cloud application logins (O'Konek)

AD&S

Evaluate replacement of ADFS with Azure AD for Office365, to achieve business

continuity (Metzler/O'Konek)

Implement cloud based authentication for Office365

(Metzler/O'Konek)

InArc, AD&S

Enhanced (multi-factor) authentication solutions

Broadly expand utilization of two-step login for authentication to critical university applications (Academic Applications next) - (Drews)

3.6 Develop tools, services and processes to support secure usage of

mobile devices.

Device Management Implement device management for Google

ChromeBooks and for Android tablets. (Scott)

General Services

4.4 Ensure campus IT services meet accessibility

requirements for all users, including those

with disabilities.

Assessment tools

Implement udoit for canvas, evaluate tools for closed captioning (Corey/Weissenberger)

Research an improved web accessibility scanning/testing tool in conjunction with the BTAA ITAG (Corey/Weissenberger)

Implement web accessibility tool (Weissenberger)

Outreach & Awareness

Review and update the accessibility information resources available for campus

users and developers. (Corey)

Collaborate with accessibility counterparts at ISU and UNI, especially for software/services used by all three institutions (Corey/Weissenberger)

Reconvene UI IT Accessibility Technical Standards committee (Corey)

Academic Technology Advisory Council Roadmap, October 2017 Goal - Advance student success through faculty development, support and engagement, supported by IT systems and services. Strategy 1H - FY18 (Jul - Dec 2017) 2H - FY18 (Jan - June 2018) 1H - FY19 (Jul - Dec 2018) 2H - FY19 (Jan - Jun 2019 Beyond overlaps/notes

1: Support learning spaces and classrooms on campus

that engage students in active learning experiences

Implement plans and complete any renovations on new UCR additions - Clark

Revamp the support structure for learning spaces in order to support an influx of new UCR -

Clark

Explore Internet of Things for classrooms support, networking,

etc. - Clark

Overlap with InArc?

Re-evaluate the infrastructure/service

dependencies that supports classroom and ITC to better

understand how the network, sccm services and deployment scripts and policies affect our

deployments - Clark

2: New and improved strategies for student testing

Testing Exploration and Implementation: Review testing software and proctoring services

- Beck

Implement of review and recommendations - Beck

Explore an alternative testing facility for campus - Clark

Placement exam review and replacement for math and chemistry, in collaboration with Orientation staff - Beck

3: Expand training and support programs for online

and blended courses.

Explore Mastery Paths and make a decision whether or not to

implement - Beck

Explore and pilot opportunities to increase the use of etexts, including open educational resources (OER) - Beck

Page 1


4: Support the Unizin vision

Learning Analytics activities -Maggie is working with OTLT Research and Assessment to

develop a roadmap around this topic - Jesse

Engage campus partners and faculty regarding their roles in

supporting the Unizin vision and the potential benefits to them -

Jesse (shifted)

Influence the Unizin consortium to provide a digital learning ecosystem that best supports UofI students and faculty - Jesse and staff as appointed

5: Increase methods and data for tracking student success through the integration of IT

systems.

Scale EoS and other intervention applications - Russell

Develop a "path" or workflow for leading people to our

learning ecosystem data or for developing new opportunities with Canvas data - Beck and

Russell (shifted and reassigned July 2017)

Administrative Data & Systems

Work with AS&R to consider how our learning ecosystem data might augment new Excelling@Iowa (formerly MapWorks) survey -

Russell (shifted and reassigned July 2017)

Administrative Data & Systems and Research

Explore ways to leverage our new Unizin ecosystem, UDP and other systems for support collegiate reaccreditation reporting

concerns. - Beck and Jesse (shifted July 2017)

Administrative Data & Systems

6: Enhance teaching and learning by fostering the use of emerging technologies and evidence-based pedagogical

excellence.

DEO professional development workshop for NSF-IUSE;

communicate project to campus -Florman

Deliver courses through the Learning Design Collaboratory - Clark

Develop and support Learning Design Collaboratory Communities of Practice in alignment with the courses delivered - Florman

Page 2


7: Adapt IT services so students can more easily use those services how, where, and using the methods they

prefer.

Review streaming media market and tools - Beck

Implement improved streaming media service and tools - Beck

8. Develop strategies to promote and assess in order to change/improve teaching

practice.

Conduct study of learning analytics opportunities and begin reporting results. - Russell (shifted and reassigned July 2017)

Cross referenced with Strategy 4

Evaluate, assess, publish and disseminate outcomes of Learning Design Collaboratory courses -Russell

Cross referenced with Strategy 6

Glossary of Acronyms: ACE Assessing the Classroom Environment - Iowa's local student course AS&R Academic Support & Retention BOR Board of Regents CfT Center for Teaching CIRTL Center for the Integration of Research, Teaching and Learning DCE Division of Continuing Education DEO Department Executive Officer (aka department chair) EoS Elements of Success - the learning analytics dashboard project ICON Iowa Courses Online - local LMS NSF National Science Foundation OTLT Office of Teaching, Learning & Technology RFP Request for Proposal SoTL Scholarship of Teaching & Learning TILE Transform, Interact, Learn, Engage UDP Unizin Data Platform

Page 3

Strategy Activity Description 1H - FY18 (Jul - Dec 2017) 2H - FY18 (Jan - Jun 2018) 1H - FY19 (Jul - Dec 2018) 2H - FY19 (Jan - Jun 2019) Status Depende ncy

Research interest groups & grant development support

In Progress

In Progress

Begin Evaluation of IT Services for Storing Sensitive Data (with ISPO) - G. Perez (See also UI Risk & Policy Roadmap)

Complete Evaluation of Relevant IT Services for Storing Sensitive Data (with ISPO) - G. Perez (See also UI Risk & Policy Roadmap)

In Progress

Service Management Implemented for Secure Remote Desktop and Research

Remote Desktop - G. Perez

Export Control & ITAR Technology Guidance Complete (with ISPO and Export Control) - G.

Perez (See also UI Risk & Policy Roadmap)

Improved self service tools All Research Services services enabled for self service - J. Hetrick

In Progress DNA

Data transfer node/service Improve usability and add functionality to

data transfer node/service - A. Harding

In Progress

Research Computing Council - Roadmap October 2017

Research technology compliance support

Consider HPC Major Research Instrumentation Grant - B. Rogers

Submission of more cyberinfrasturcture grants

Develop cross-disciplinary collaboration & provide Informatics enablement through staff and cluster faculty connections - B. Rogers

Support and advance the research enterprise

through IT

Deep Learning Instrumentation Grant Submission - B. Rogers

Develop and launch self service access management platform - J O'Konek (See also UI Risk & Policy Roadmap)

Page 1

Research Computing Council - Roadmap October 2017 Strategy Activity Description 1H - FY18 (Jul - Dec 2017) 2H - FY18 (Jan - Jun 2018) 1H - FY19 (Jul - Dec 2018) 2H - FY19 (Jan - Jun 2019) Status Depende

ncy

Compliant large scale storage Develop large scale data storage platform to accommodate level III data. - J. Hetrick In Progress

Google Drive Evaluate Google enterprise agreement, including availability of Google Drive (See InArch Roadmap)

Status? On ES/DNA

Training, marketing & community development

Develop strategic partnerships to increase research-computing training on campus - S.

Ramadugu

Finalize plan and begin implementation. - S. Ramadugu

Complete plan implementation - S. Ramadugu

In Progress

Internet of Things Complete Iowa Quantified Pilot - S. Kuhl Evaluate Iowa Quantified Pilot - B.

Rogers, S. Kuhl

Data management services Collaborate with Library on development of data management services. - B. Westra Beginning

HPC Add additional compute power to Argon

System - B. Miller Plan next HPC cluster - G. Johnson Install next HPC cluster - G. Johnson

In Progress

Identify and pursue new priority work areas for research

computing

Data and analysis throughout research lifecycle

Develop a plan that outlines the highest priority areas to address in data and analysis throughout the research lifecycle. - B. Rogers

Conduct pilots, develop more detailed plans, and develop funding mechanisms. - B. Rogers

Execute plan. - B. Rogers

Ad hoc - plans need to be developed

Cloud computing Pilot cloud services for Hadoop using Xsede -

S. Kuhl/B. Carsons Improve access to cloud services such as AWS for research/teaching

community. - B. Rogers

Ad hoc - plans need to be developed

Artificial intelligence & deep learning Develop training to support AI/deep learning on campus and pilot services that support this need. - B. Rogers

Develop and implement plan to meet AI needs on campus - B. Rogers Ad hoc - plans need to be developed

Explore grant mechanism with OVPRED

Explore with OVPRED new internal grant mechanism targeted at innovations with

technology in research - B. Rogers

Not yet started

Research computing structures

Develop improved structures in OneIT e.g. Faculty Research Support Group, to provide

staffing to ensure capacity for agility, innovation and future project success. - B.

Rogers with Collegiate IT Leaders

Not yet started

Page 2

General IT Services

General IT Services Roadmap, October 2017 Communication and Collaboration

Activity Description 1H - FY18 (Jul - Dec 2017) 2H - FY18 (Jan - Jun 2018) 1H - FY19 (Jul - Dec 2018) 2H - FY19 (Jan - Jun 2019) Beyond Overlaps/notes

Communications and

Collaboration

Skype for Business Telephony

Skype for Business - Phase 1: Continue to build out feature set, define full service. Migration of

early adopters, and those departments impacted by new building, construction, etc. (R.

Lenger)

Skype for Business - Phase 2: Continue migration of early

adopters; migration of departments whose business requirements meet the Skype feature set. (R. Lenger)

Skype for Business - Phase 3: Continued migration of departments to Skype for Business Telephony. (R.

Lenger)

Skype for Business - Phase 4: Continued migration of departments to Skype for Business Telephony. (R.

Lenger)

Email-based Fax Solution: Rollout a service offering for a cloud-based fax solution to reduce/replace the need for traditional fax machines. (R.

Lenger)

Migration to Exchange On-Line Protection: Migrate from Sophos anti-spam/anti-virus (on-premise) to Exchange On-line Migration (cloud).

Implement changes to ns-mx so that Sophos can be retired (R. Lenger) Email Routing and Protection Email Hygiene Evaluation Evaluate solutions for "advanced" email hygiene

solutions to better protect against phishing/malware/etc. (R. Lenger, Security)

Email Hygiene Implmentation: Implement advanced email hygiene

solution. (R. Lenger, Security)

Security?

Mass Mail

Mass Mail: Implement improvements to mass mail including automating approvals (workflow), using Dispatch as engine (provides HTML email,

metrics, etc.) and other user interface/process enhancements (R. Lenger, E. Hill)

Automatic Provisioning for O365 Accounts: Today all O365 accounts must still be manually requested. This effort will implement the automatic

provisioning of O365 accounts for students, faculty and staff. (R. Lenger, J. O'konek)

Office 365 Explore Two-Factor Authentication for Office 365: Identify options for

providing two-factor authentication for Office 365 accounts, explore technical considerations, impact on clients (mobile/desktop) and overall

user experience (R. Lenger, Security)

Security

Exchange Public Folder: Transition campus away from on-prem Public Folders to Office 365 solutions (R. Lenger)

Microsoft Teams Microsoft Teams: Microsoft Teams is a new application available in Office

365. It is similar in many ways to Slack. This effort will make it widely available across campus. (R. Lenger)

Yammer

Rollout Yammer: Yamme is another Microsoft collaboration tool available as part of Office 365. It is being used by a small population on campus, but is not widely available at this time. This effort will evaluate the feature set

and determine if it should be rolled out to campus. (R. Lenger)

Page 1

General IT Services


Microsoft Office

Microsoft Office Planning: Microsoft has announced that in order to connect to Office 365 as of October, 2020 will require either Office 365

ProPlus (the version of Office installed through O365) or a version of Microsoft Office in mainstream support. As of October, 2020 - Office 2016

(current version) will no longer be in mainstream support. (R. Lenger, T. Wolf)

Microsoft Office Migration: Migrate campus to Microsoft Office ProPlus and/or Microsoft Office 201X (the version after 2016) - must be done by October 2020 (R. Lenger, T. Wolf)

Hawk Alert/Rave

Hawk Alert Infrastructure: Change Hawk Alert process/infrastructure so that Hawk Alerts are created in Rave

and then appear on http://e.uiowa.edu. Effort will also move e.uiowa.edu to the cloud to

improve scalability and reliability. (R. Lenger, J. O'konek, M. Ahrens)

SharePoint Sharpoint Online Migration: Migrate from on-premise SharePoint 2013 to

SharePoint Online. On-premise SharePoint Business Intelligence (BI) solutions will remain on-premise. (D. Dirks)

Google

Google at uiowa.edu: Investigate ability to deliver Google service

(Gsuite, Gdrive, Hangouts, etc.) at uiowa.edu domain (T.Scott)

All

Qualtrics

Qualtrics Survey Tool: Current license expires in June 2018. Company is looking to significantly increase price while offering additional solutions. Effort it to evaluate the value of additional solutions, identify additional

funding, or possibly move in a different direction. (R. Lenger)

Page 2

General IT Services


End User Support Activity Description 1H - FY18 (Jul - Dec 2017) 2H - FY18 (Jan - Jun 2018) 1H - FY19 (Jul - Dec 2018) 2H - FY19 (Jan - Jun 2019) Beyond

Help Desk

Service Desk Creation Service Desk Branding: As part of OneIT End User Support, the ITS Help

Desk will transition to the OneIT Service Desk (J. Matthews, A. Coon)

Help Desk Service

End User Support Service Level Agreement (SLA): Development of an SLA defining the services offered

from the Help Desk, Desktop Support and Device Management (J.

Matthews) IT Support Tool: Develop and rollout

a tool that provides the ability to quickly identify who someone's IT support person is. (J. Matthews, S.

Potter)

Reports/Metrics Customer Incident Surveys: After a customer contacts the Help Desk

and/or Desktop support, they will receive a survey to provide feedback about the interaction and resolution. (J. Matthews)

Support Channels

Help Desk location in Pharmacy: As part of OneIT End User Support, the Help Desk location in Pharmacy is being transitions to the ITS Help Desk (J. Matthews, G. Schwartz)

Page 3

General IT Services


Desktop



Matthews)

Desktop Support Service

ETS Support Channels: Inventory the various support channels used by faculty/staff to request support across campus (e.g. email addresses,

phone numbers, web pages, etc.) (S. Potter) IT Support Tool: Develop and rollout

a tool that provides the ability to quickly identify who someone's IT support person is. (J. Matthews, S.

Potter) Device Support Lifecycle Best Practices: Document best practices and

checklists for all aspects of the Device Support Lifecycle (e.g. purchasing, imaging, printing, surplus, etc.) (S. Potter, J. Steil)

OneIT EUS OneIT End User Support: Complete implementation of OneIT End User

Support project to move all desktop support staff to ITS (T. Scott)

Inventory Management

(OneIT) Centralized Hardware/Software Inventory Tracking System: Select and implement an inventory solution that will be used campus-wide

for "typical" IT assets including computers, printers, monitors, etc. (T. Scott)

Windows 10 Windows 10: Migrate campus from Windows 7/8 to Windows 10 (Windows 7 support ends Jan. 14 2020) (S. Potter, J. Steil, T. Wolf)

Purchasing

Computer/Device Purchases: Devleop and document standard

purchasing processes and standards for purchasing typical IT equipment (e.g. computers, printers, monitors,

etc. (S. Potter, J. Steil)

Computer/Device Purchase: Continue to standardize/streamline purchasing process(es) across campus as the OneIT End User Support

project is implemented (S. Potter, J. Steil)

Security?

Reports/Metrics Customer Incident Surveys: After a customer contacts the Help Desk

and/or Desktop support, they will receive a survey to provide feedback about the interaction and resolution. (J. Matthews)

Page 4

General IT Services

Activity Description 1H - FY18 (Jul - Dec 2017) 2H - FY18 (Jan - Jun 2018) 1H - FY19 (Jul - Dec 2018) 2H - FY19 (Jan - Jun 2019) Beyond Overlaps/notes En

terp

rise

Clie

nt M

anag

emen

t

Power Savings (OneIT) Implement Desktop Power Management: Review and adjust (as needed) power management policies available for computers and rollout

to more computers on campus (T. Wolf) OneIT Windows Management

Service: Develop and document a standard/centralized Windows

Device Management Service for campus. (T. Wolf)

OneIT Windows Management Service: Rollout new Windows Management Service to each college/department; making

adjustments as needed. (T. Wolf) PXE/Netboot Service: Replace existing Mac Mini computers in CLAS with

central PXE/Netboot service. In addition, make service available to additional subnets across campus. (T. Wolf)

OneIT Central Casper Service: Migrate existing Macintosh and iOS Devices to the new OneIT Casper Service. (T. Wolf)

Casper/Jamf Pro v.Next: Evaluate the next version of Casper (renamed to Jamf Pro) including a new cloud-based version (T. Wolf)

Device Management Secunia CSI Patch Management: Evaluate the value proposition of

using a service like Secunia to provide updated packages for

common software packages. (T. Wolf)

Secunia CSI Patch Management: If evaluation is successful, implement

service to augment existing packaging efforts. (T. Wolf)



Matthews)

Passwordstate: Evaluate local admin password management solution to

increase the management and auditing of local administrator

passwords. (T. Wolf)

Passwordstate: Rollout local admin password management service to provide better management and control of local administrative passwords. (T. Wolf)

Password Management Passwordstate: Rollout shared password management service to allow groups to better manage service and admin passwords that are shared across workgroup members. (T. Wolf)

Computer Testing Images: Explore better tools/processes to delivers computer images that meet the uique needs and demands of computer

testing. (T. Wolf) Learning Spaces LST 2.0 Exploration: Effort to explore alternative to how the current

software load is delivered to ITCs and Classroom computers. Goal is to simplify technology, increase flexibility, and reduce time needed to deploy

each fall. (T. Wolf)

LST 2.0 Implementing: Implement changes to how software is delivered to ITCs and Classroom computers. (T. Wolf)

Reports/Metrics

Software Metering and Asset Intelligence: Investigate feasibility and usefulness of implementing a solution to track the usage of various

software titles across campus. Typical use case would be to understand usage better in order to match with licensing. (T. Wolf)

Software Metering and Asset Intelligence: Rollout software

metering across campus is determination is made that this

provide value. (T. Wolf)

Page 5

General IT Services


Software and Cloud-based Applications Activity Description 1H - FY18 (Jul - Dec 2017) 2H - FY18 (Jan - Jun 2018) 1H - FY19 (Jul - Dec 2018) 2H - FY19 (Jan - Jun 2019) Beyond

Cloud-based Services

Software Licensing

Microsoft Agreement

Microsoft Agreement: Renew year 3 of 3. All pricing is already

determined based on the current contract. (T. Schmidt)

Microsoft Agreement: Prepare for the negotation of a new Microsoft Agreement by reviewing current usage of Microsoft products and service

on campus as well as new programs/solutions available from Microsoft. (T. Scott, T. Schmidt)

Adobe Agreement

Adobe Agreement: Negotiate a new Adobe agreement to best meet the

needs of campus. (T. Scott, T. Evans)

Technology Review Process

Technology Review Form: Rollout Phase 1 of new technology review form based on universal workflow.

(T. Scott)

Technology Review Form: Implement additional enhancements

(e.g. reporting, metrics) for technology review form (T. Scott)

Software Licensing Web Site: Update web site to explain new technology review process and

requirements (T. Scott)

Lynda.com

Lynda.com Renewal: - Plan for and make a decision on whether to renew the Lynda.com service which currently expires in Januar 2019. Microsoft

purchase LinkedIn (which owns Lynda.com), which may have an impact on how this service is licensed/delivered. (T. Scott)

Qualtrics

Qualtrics Survey Tool: Current license expires in June 2018. Company is looking to significantly increase price while offering additional solutions. Effort it to evaluate the value of additional solutions, identify additional

funding, or possibly move in a different direction. (R. Lenger)

Page 6

General IT Services


Custom Solutions and Integrations Activity Description 1H - FY18 (Jul - Dec 2017) 2H - FY18 (Jan - Jun 2018) 1H - FY19 (Jul - Dec 2018) 2H - FY19 (Jan - Jun 2019) Beyond

Web

Analytics Tools: Develop and Implement Improved Analytics

Tools (R. Bolton) Custom Web Dev New "Intranet" as Service:

Investigate "Intranet " as a Service (R. Bolton)

New "Intranet" as Service: If decided to move ahead, plan and implement "Intranet " as a Service

(R. Bolton)

e.uiowa.edu

Rearchitect UI Emergency Web Site: Move UI Emergency Site to Cloud via

AWS and reconfigure with new Hawk Alert Infrastructure. (M.

Ahrens) Drupal 8 Upgrade: Investigate and plan move to Drupal 8 (R. Bolton)

Drupal 8 Upgrade: Implement plan move to Drupal 8 (R. Bolton)

Campus Drupal Service

Consolidate Doc Roots in Acquia: Develop Plan to Consolidate the doc

roots in the Acquia hosted Drupal Service (R. Bolton)

Consolidate Doc Roots in Acquia: Implement Phase 1 Plan to

Consolidate the doc roots in the Acquia hosted Drupal Service (R.

Bolton)

Consolidate Doc Roots in Acquia: Implement Phase 2 Plan to

Consolidate the doc roots in the Acquia hosted Drupal Service (R.

Bolton) Review Acquia Performance: Gather metrics, informatin and feedback to review the performance of Acquia as our hosted Drupal Vendor to make decision about renewing contract.

(R. Bolton)

Contract with hosted Drupal Vendor (Acquia): Pending outcome

of review, work on renewing contract with Acquia or

implementing alternate solution. (R. Bolton)

Wordpress

Campus Wordpress Service: Gather information and review campus

need to decide if a Campus Wordpress Service should be

Created (R. Bolton)

Campus Wordpress Service: Pending outcome of review,

potentially implement new Campus Wordpress Service. (R. Bolton)

Page 7

Preliminary Draft

Administrative Data and Systems Governance Council, October 2017 Strategy Activity Description 1H - FY18 (Jul - Dec 2017) 2H - FY18 (Jan - Jun 2018) 1H - FY19 (Jul - Dec 2018) 2H - FY19 (Jul - Dec 2019) Overlaps/notes

Support and advance student success through enhanced applications, analytics and reporting

solutions

Student Success and Outcomes

Academic and Curriculum Planning: Develop a suite of student and administrative tools in MyUI and MAUI that allows students to effectively plan their course work and efficiently navigate toward graduation. System will provide data needed for course offering demand analysis and classroom scheduling. These analytics will also be used to improve student outcomes by identifying institutional barriers to degree completion, to forecast course loads, and target areas for growth. (B Evanson, J Fell)

Excelling@Iowa Student Success Platform Support: Publish Excelling@Iowa student survey data and analytics to University Data Warehouse. Develop a Student Success risk analysis dashboard for Excelling@Iowa, Academic Advising Center, Collegiate Advisors and Administrators. Provide integrations between MAUI Advising & Student Records, Radar, and other systems to support other student success initiatives. (M Anson, B Evanson, L Ingram, D Martinez, A Rinner, B Tjelmeland, B Ulin)

Learning Analytics for Student Success/Canvas Data: The success of learning analytics strategies in the teaching domain depends on being able to summarize students’ outcomes in courses and track student success through MAUI, Canvas and other instructional application data. Deliverables include student and course-level dashboards of academic engagement and success through identified patterns of student activity measured through the data. (A Beck, B Evanson)

Academic Technology

Unizin Data Platform Integrations: Unizin’s new data platform is foundational for many internal and external academic and student success initiatives. It can be used as multi-source data platform to streamline queries, collaborative data analytics, and dashboards. There is potential to aggregate, de-identified data to explore cross-institution Unizin consortium data. (A Beck, B Evanson)

Academic Technology

Enrollment Management

Enrollment Management and Student Success Analytics: Extend and enhance the Enrollment Management Dashboard suite to support strategic recruiting, new application vision and collegiate admissions and financial aid planning efforts. Develop Enrollment Analytics including - Pipeline Retention Index, GPA predictors, and Identify Individual highly influencing student attributes for each index. Integrate Enrollment Analytics indexes with Excelling@Iowa. (M Noel, L Moeller, B Gage, A Beckett, B Ulin, G Brown)

Apply on Line 2.0: Streamline processes and refresh application with responsive interfaces that are mobile friendly. (B Gage, A Pyatt)

Data-driven University

Career Center Data Warehouse (DW) & BI Dashboard: Design Career Services DW module, develop extract transform and load process, develop dashboards for Colleges and Career Services. (J Cavey, B Ulin, A McKie)

Student Services & Residential Services Data Warehouse (DW) & BI: Develop Student Services DW subject area and develop a suite of Student Services dashboard suite including key student success indicators, such as participation in high-impact practices, retention, high-risk drinking metrics. (B Mills, B Ulin)

Collegiate Economic Analysis (CEA) Budgeting Toolset: Develop a toolset that assists colleges to better understand, analyze, and plan their economics (revenue, expenses, profit/loss statement). These reports and analytics will inform a new RCM-like budget model. (S Klatt, D Szysezycki, B Ulin, D Roach, A Pyatt, K Yows)

Revised 10/18/2017 1

Preliminary Draft


Support and advance the Research Enterprise through enhanced

applications, analytics and reporting solutions

Post-award Grant Accounting System (ePost)

ePost Sub award Module: Enhancements to better manage sub awards and tighter integrations with the Pre-Award and Purchasing systems. (A Haddy, J Heath)

ePost Cost Share Module: addition of cost share award management. (A Haddy, J Heath)

ePost Billing and Accounts Receivable module: This will add more robust billing and account receivable management. This might include tighter integration with SMART (electronic payment reconciliation). (A Haddy, J Heath)

Electronic Research Administration (eRA)

ARIS - Lean event and improvements: Conduct Lean event for the Animal Research Information System. Implement processes that will improve availability and timeliness of data for campus users, improve efficiency of administrative processes including ordering, receiving, and navigation through the system. (J Jimenez, J Lassner)

eDSP Sub-Award Editor Consolidation: Reengineer a process that currently involves four different offices and as many systems with a new, campus-focused, system that covers the needs of all of the administrative offices involved in managing pass-through funding awards. (J Jimenez, J Lassner)

eDSP - Reporting: Develop a DW subject area, standard reports, and dashboards. (J Jimenez, J Lassner, N Cook, B Ulin)

eDSP - Docusign integration Integrate Award management system with Docusign to allow for collection of digital signatures for external entities. (J Jimenez, J Lassner)

HawkIRB research system integrations: Integrate the HawkIRB system with various on- and off-campus research systems including EPIC research, iCart, JOC Billing, and CT.gov (M Kane, M Countryman)

Data-driven University

Space Utilization for Organized Research: Enhance Space Utilization Dashboard to show MTDC trends, and partner with VPR on strategic planning dashboard. (J Lassner, B Ulin, T Welter)

Research Profile Dashboard: Partner with RIS and VPR on strategic and operation Research dashboards (J Jimenez, J Lassner, N Cook, B Ulin)

Supp

ort

Tale

nt@

Iow

aIn

itiat

ives

and

ne

w U

nive

rsity

Hum

an R

esou

rces

visi

on.

Talent@Iowa Vision Talent Acquisition: Implement Oracle talent Cloud (Taleo) Talent Acquisition System to replace Jobs@Uiowa (A Bell, C Reardon) HR Transaction and Employee Self-service (ESS): Revise 1st Generation Self Service systems, e.g. HR Transaction System and Benefits Enrollment (M Kaplan)

HR System Automation Process Automation: Automate or Operationalize additional HR Processes to drive efficiency / consistency and reduce support (M Kaplan)

Data-driven University HR Analytics: Develop base analytics and BI dashboards including enhanced HR data model and KPIs (M Kaplan, J Troester, B Ulin)

Revised 10/18/2017 2

Preliminary Draft


Increase campus efficiency and

effectiveness through University

Administrative Systems Accounts Payable and Purchasing

Oracle - Governance, Risk, and Compliance: This product analyzes purchasing data to detect fraud and to ensure that campus is in compliance with purchasing policies. (J Heath, J Watkins)

PeopleSoft Vendor Portal / Oracle Supplier Network: This system will allow vendors to enter invoices to the University directly. (J Heath, J Watkins)

ePro 2.0 - Procurement: Phase 2 of the ePro/PREQs/eVoucher replacement application. One stop solution for ordering supplies from vendors and inventory. (J Heath, J Watkins)

ePro 2.0 - Payment: Phase 3 of the ePro/PREQs/eVoucher replacement application. Campus application for making payments to individuals and vendors. (J Heath, J Watkins)

Procurement Card and Travel (ProTrav) Data Warehouse: Develop data warehouse and data mart design to allow for a robust Pcard and Travel reporting and BI dashboards. (H Hoerschelman, B Ulin, J Watkins, D Wang)

Treasury Operations SMART (electronic payment reconciliation) Inter-Day Banking: Load information into SMART for same day transactions. This will

SMART (electronic payment reconciliation) - Holding account self-service: This will allow campus

Constituent Relationship Management (CRM)

CRM Phase I - Discovery: Explore a potential campus-wide CRM initiative including focus areas, data sources, constituent groups, use cases, potential benefits, best practices and peer mentors.

Parking and Transportation iPark Implementation: Implementation and customization of new Parking Access and Revenue Control System. (J Sayre, D Wang)

Facilities Management

Complete Rewrite of Build UI (BUI) system: Replace the legacy BUI with a web-based system that will consolidate functions such as the contractor site and document storage in addition to bringing the system up to contemporary technical standards. (L Finn, S Sawyer)

FM@YourService Customer Service Portal Phase II: Phase II is a significant increase in functionality and will allow for more customer self service including - checking work order status, workflow integration and replacing the current FMReqs system. A buy versus build decision will need to be determined. (L Finn, S Sawyer)

Campus Space Model: Develop a campus space model that will provide Campus Planning and FM to provide a decision making system to be used by the Campus Development Committee, colleges and administrative units the ability to do 'what-if' analysis to better plan for their space needs. System integrates space, pedagogy, enrollment and staffing to provide various modeled scenarios. (L Finn, S Sawyer)

Utility Billing: All campus utility bills are generated by FM staff and the process today is very manual. Implementation of a Utility Billing System to automate the currently manual process of generating utility bills for energy usage on campus will not only improve the efficiency of the process but also accuracy. (L Finn, S Sawyer)

University Libraries

Digital Asset Management Upgrade: Migrating Iowa Digital Library from a vended solution to an open-source platform. (S Julich, P Soderdahl)

APR/IRO Integration: Develop integration between the UI's Academic & Professional Record (APR) to UI scholarly works deposited in the Libraries managed Iowa Research Online (IRO) (S Malo, P Soderdahl)

Revised 10/18/2017 3

Preliminary Draft


Support for Collegiate Administrative

Initiatives

Support and advance student success through enhanced

applications, analytics and reporting solutions

College of Dentistry - AEFIS/MAUI/Canvas integration: We use AEFIS for course mapping for our upcoming accreditation. We map CODA (Commission on Dental Accreditation) standards to all of our courses so we know what we teach where. We are integrating this application with Canvas/ICON and MAUI data to keep the database in synch with the University authoritative source on courses. (L Garcia, C McBrearty)

College of Education - TK20 Evaluation System Implementation: Implement TK20 data system for evaluating students, courses and programs. (J Achrazoglou) Tippie College of Business - Assurance of Learning Database: Creating a database from Canvas data, MAUI data, and other sources for our accreditation with AACSB. (J Chaffee)

Carver College of Medicine - Liaison Committee of Medical Education (LCME) Dashboard Phase I - creating and educational data warehouse that aggregates data Carver College of Medicine - LCME Dashboard Phase II - continued about CCOM curriculum and provides access to this data to drive CQI efforts. Data enhancements to include Continuing Medical Education (CME) and sources include UI (HRIS, Canvas, Space survey), Collegiate data (student information, Graduate Medical Educations (GME) (B Knosp) assessment and evaluations) and external (AAMC, USMLE scores)(B Knosp)

Support and advance the Research Enterprise through enhanced applications, analytics and reporting solutions

College of Dentistry -Axium/EPIC/Progeny integration: This project is to integrate dental (axiom) and medical (EPIC) EHR data with our human sample (DNA, teeth, tissue) database, allowing us to do research across multiple data sets. (B Amendt, C McBrearty)

Increase efficiency and effectiveness through University Administrative

Applications

Tippie College of Business - Salesforce CRM Implementation: Utilize Salesforce CRM system to capture data about potential students, alumni, business and community partnerships, etc… (J Chaffee, F Pierce, J Courtney)

College of Pharmacy - UI Pharmaceuticals (UIP) Business Operations Database Phase I - Create a system supporting UIP business operations from sponsor intake through project completion, and invoicing. (R Yeates, S Barrett, S Bowers, G Schwartz)

College of Pharmacy - UIP Business Operations Database Phase II - Add invoicing, finished goods inventory, and shipping management capability to the system. (R Yeates, S Barrett, S Bowers, G Schwartz)

Revised 10/18/2017 4

Infrastructure and Architecture Roadmap, October 2017 Strategy 1H - FY18 (Jul - Dec 2017) 2H - FY18 (Jan - Jun 2018) 1H - FY19 (Jul - Dec 2018) 2H - FY19 (Jan- Jun 2019) Overlaps/notes

Data Center

Cloud Network and Services Access Ensure efficient network connectivity to Azure. (D Kelly)

Replicating our authentication Infrastructure in "the Cloud"

Architect Active Directory (AD) Domain Controller to support Azure. In addition,

architecting support for Amazon Web Services. (D Metzler)

Add Shiboth Identidy Provider (IDP) and Active Directory Federated

Services (ADFS) to a hosted cloud service (Azure and/or AWS) (J

O'Konek, D Metzler)

Google Cloud Suite Support for College of Education for the GOED domain for Gsuite (J O'Konek, D

Metzler)

Google Cloud Suite Develop a "Sandbox.uiowa.edu" as a pilot for

production services (J O'Konek, D Metzler)

Testing how the Google and Microsoft cloud services will interact with each other leveraging our Directory Serivce Authentication. (O'Konek, D,

Metzler)

Data Center Automation

Develop a training program for System Admins to adopt automaiton in the systems management (Neese,

Kelly)

Cloud Service Migrations

Develop a Roadmap to move the organization to a {Cloud First | Cloud Smart}. Define the above to as “All new applications will be the cloud

…” (D Kelly)

Pilot a conversion of XX services to a cloud based infrastructure (Iaas

or PaaS) (D Kelly) Develop a monitoring solutions to

inventory equipment, monitor utilizaton, alert on out of bounds

conditions and keep historical performance data on systems.

Work with College of Engineering and College of Public Heath to provide pertinent monitoring data to authorized Sys Admin. Work with ITS SST, Help Desk and

Network service to monitoring systems (S Soppe)

Storage Refresh Replace Storage arrays to provide high-speed, low-latency storage for Oracle and

Micrsooft SQL Server databases, virtual servers (VMware, Hyper-V Virtual Machines), (D Bronder)

HPC Installation Install new HPC cluster for Margulis research group (J Urich)

Server Refresh Migrate from standalone CLAS managed Dell VMWare based cluster to co-managed

ITS Cisco UCS Vmware (J Urich, D. Bronder)

Storage Refresh Migrate from CLAS standalone Netapp's to

ITS Netapp and CLAS managed virtual Netapp.(J Urich, M Weber)

OneIT Data Center Consolidation Migrate Netapp and VMWware clusters from 303 MLH to ITF (J Urich)

RHEL to CentOS migrations Start migrating systems from RHEL to CentOS

(J Urich)


Starexec $800k expansion Purchase two racks of expansion compute

nodes for starexec High Preformace Compute (J Urich)

Starexec storage refresh Migrate from standalone CLAS managed Netapp to ITS managed Large Scale Storage (LSS) dedicated storage (J Urich)

Server Refresh Replace aging Virtualization Platform at

Information Technology Facility (ITF) and Lindquist Center (LC) with a converged server

and networking infrastructure. (K Keyser)

OneIT Data Center Consolidation Complete OneIT Data Centers and Servers Consolidation project (G Falsetti, J Urich)

Data Center Information Management (DCIM) Implementation

Track and provide visibility to assets at enterprise data centers. (G Protheroe)

Remote access infrastructure Refresh Raritan PDU remote access infrastructure at Information

Technology Facility (ITF) and Lindquist Center (LC) over two budget cycles. (G Protheroe)

OneIT Data Center Consolidation Phase II: enterprise data center MEP

management and operations

Consolidate enterprise data center Mechnical Electrical and Physical (MEP) management and operations, including College of Public Health Building and the College of Engineering at the Seeman Centr (SC). May also include Department of Public Safety at University Capital Center (UCC) and Visualization Lab

Server Room at Pajajohn Bio Discovery Building (PBDB) (G Protheroe)

Data Center Linux offering Evaluate how we collaboratively manage Linux installations on campus servers. Optimize knowledge sharing

across community and delivery of secure updates to Linux systems. Review distros used on campus. (TBD)

Directory Services

HawkID Evaluate with Healthcare Information System

(HCIS) and campus a plan for a "Single ID" for all academic usage (G. Falsetti, J. Smith)

Consolidate all @UIOWA.EDU mail routing to a single domain that matches mail target with security principle (HawkID) (TBD)

Local Active Directory Migrations to central AD domain

Develop a plan to migrate Facilities Management Active Directory Domain to central management. (TBD)

Local Active Directory Migrations to central AD domain

Complete the OneIT mirgation to the centeral "uiowa.edu" authenticaiton domain. - Decommssion the "ENG" and "IIBI" domain in the College of Engineering.

Decomommission the "DENTISTRY" domain for the College of Dentistry and "COPH" domain for the College of Public Health (J O'Konek)

Google Cloud Suite Support for College of Education for the GOED domain for Gsuite (J O'Konek, D

Metzler)

Develop a "Sandbox.uiowa.edu" as a pilot for production services (J

O'Konek, D Metzler)

Testing how the Google and Microsoft cloud services will

interact with each other leveraging our Directory Serivce

Authentication. (O'Konek, D,

Account provisioning Move away from self provisioning of CLAS

Linux accounts via a web page to automated provisioning at first login. (J Urich)

Database backups Investigate backups hot backup solutions and more robust monitoring for Postgres/Mysql

(J Urich)

Enterprise Communications Telephony

Partner with Health Care Information System to Deploy a robust set of Telephony applications. Analyze campus needs and map to Skype for Business (SfB) features. Create a plan and timeline to migrate all voice users to SfB. (R Lenger, S Troester)

Strategy 1H - FY18 (Jul - Dec 2017) 2H - FY18 (Jan - Jun 2018) 1H - FY19 (Jul - Dec 2018) 2H - FY19 (Jan- Jun 2019) Overlaps/notes

Infrastructure and Architecture Roadmap, October 2017

Google chromebooks Evaluate and implement device

management for google chromebooks (TBD)

Campus Linux Offering

Wireless door locks for dorms Division of Student Life: Implement

wireless door locks for dorms (B Mills)

Virtual Desktop Infrastructure

Upgrade Vmware ESX Upgrade Vmware ESX environment to 6.0 to add support for Containers (M McLaughlin)

Mail server migration Migrate from legacy sendmail mail server to Postfix mail server (J Urich)

Fedora 26 migration Migrate 170 Linux workstations from Fedora

25 to Fedora 26 (A Cox)

Kibana upgrade Expand Kabona reporting by adding 50TB of storage and more compute nodes to Elastic Stack (J Urich)

Wordpres Move Wordpress instance to AWS (J Urich)

Core facility

Teaching Move Physics from self managed teaching

server to CLAS managed server hosted at ITF (J Urich)

Data center multi-tenancy

Architecture to update data center electronics

Develop a stratregy to support refresh electronic (TBD)

UofI Hostmaster Architect UIOWA.EDU Domain Name Service (DNS) domains to support cloud services (J

Ford)

Bring the group of UofI Hostmaster together as one team (TBD)

Centrally manage DNS/DHCP configuration system for voice and

data network connections

IPAM solution

College of Engineering network Plan the commbination of distributed

networking support into a single campus network service (D. Tang, G. Falsetti)

Combine distributed networking support into a single campus

network service (D. Tang, G. Falsetti)

State Hygenic Lab Network Plan the commbination of distributed

networking support into a single campus network service (F. Delin, G. Falsetti)

Combine distributed networking support into a single campus

network service (F. Delin, G. Falsetti)

Facilities Management Network

Edge electronic Consolidate unused newtork ports on

campus to reduce expenses and security exposure (C Meier, G Stumpf)

Develop a plan to refresh network electronics. Service Reivew of

campus Edge Network (G Falsetti, C Meier)

Classroom Video of Network

Evaluate how we collaboratively manage Linux installations on campus workstation. Optimize knowledge sharing across community and delivery of secure updates to Linux systems. Review distros used on campus.

(TBD)

Upgrade Virtual Desktop Infrastructure to support Windows and Linux. Deploy service for GPU computing using VDI. (M McLaughlin)

Develop a stratregy to support Multi-Tenancy to be reviewed by InArc (D Kelly)

Evaluate IPAM solution for Data Center and Campus IP Addressing (TBD)

Work with Facilities Management and the ISPO to support building automation on campus

Develop a set of standards for deploying High fidelity and low lantancy video over the network. College of Nursing is the pilot building (K Kaltsas)

Infrastructure and Architecture supporting

campus partners

Network services

Move chemistry core facilities away from BSD firewalls to LSA and CLAS managed Linux offerings (J Urich)

Glossary of Acronyms Column1


Distributed Denial Of Service (DDoS) Prevention for Campus

Work with I2 and Chicago OmniPOP to provide a DDoS service for campus (R Davis)

Remote Campus Support

Bring a group of campus support personnel to develop to do a needs assessment and develop an architeture to support remote

campus

Pilot remote campus architure that is sustabable at X number of locations

Aruba OS 8 Upgrade ArubaOS 8 and Implement Mobility Master Architecture (N Johnson)

Guest wireless Define and deploy a new "GuestNet" Wireless service for campus (N Johnson)

Physical Infrastructure

Port Consolidation Port consolidation forBiology Building (BB), University Capital Center (UCC) and Papajohn Bio Disovery Building (PBDB)

buildings on campus (C Meier, G Stumpf)

Dorm commissioning Commission Elizabeth Catlett Dorm (C

Keasler)

Iowa One Call Locate

Consoliation of Inforamtion Technology Services and Facilities

Management Iowa One Call Locate Service (G Stumpf)

Fiber Optic network Deploy a Campus Fiber Optic network to support campus needs (G Stumpf)

CoE commissioning Commission new addition to Seamans Center (G Stumpf)

New Golf Facility Commissioning Commission new golf facility (G

Stumpf)

Cabling standards Review cabling standards within

buildings (G Stumpf)

IT rooms: Power and HVAC Evaluate IT room configurations for Power & HVAC (G Stumpf)

DNS Domain Name Service AD Active Directory AWS Amazon Web Services LC Lindquist Center ITF Information Technology Facility MEP Mechnical Electical and Power CPBH College of Public Heath Building SC Seaman Center Shib IDP Shibolith Idenity Provider ADFS Active Directory Federated Services DPS Department of Public Safety PBDB Papajohn Bio Discovery Building HCIS Health Care Inforamtion Systems SfB Skype for Business DCHP Dynamic Host Configuraiton Protocol

information risk & policy governance council - roadmap ... · expand the splunk service to...

Documents