Minimum Workstation and Software Site License Subcommittee Minutes

 

January 17, 2013
Meeting in LL-431 at 10 a.m.
Diana Osborn, Chair

ITS Update

• Lots of Blackboard building blocks added during winter break.
• 2 new lecture halls added behind storm hall.
• 8 remaining traditional classrooms.  93% general assignment classrooms have tech capacity today.
• Revamping some spaces during spring.
• Additional updates about items going on this semester.
• 89 fully online courses offered previously, now moving to program focus instead of course focus.
• BlackBoard workshops starting today in LL260.
• Also some accessibility items to assist faculty with ex: syllabus formatting.
• Working with idea of Adaptive release.  Have to get percentage correct on quiz before next information is unlocked.

The link for online registration of the ITS Workshops is: http://its.doattend.com

Linda Woods, the ITS Blackboard Administrator, is teaching most of the workshops: Blackboard, BB Mobile Learn, Respondus, & Respondus LockDown Browser. The Blackboard Grade Center workshop is 1/17/13 from 3-4:15 in LL-260.

Jon Rizzo will be teaching some of the BB workshops as well.

If a faculty/staff can not make it to the workshop, we encourage them to contact us so that we could set up a consultation (f2f or online). They can reach us at:

Blackboard Help Desk: 619 594-3485 bbhelp@sdsu.edu
FIT Center: 619 594-6348

Academic Affairs update

Did Zenworks training and moving to patch management for all department by end of fiscal year (July).

Security update

IDM Audit 2 findings (IDM = Identity Management Audit):
First finding: Next version of security plan will have guidance for assurance of identity. Following CSU standards.

Second finding: Felt passwords standards were weak as they were set at 2006/2007 and too many users have admin access. 

Modifying Security plan for passwords:

• Upgrade will be minimum must be 10 characters, and removing 3 sequential same characters.
• 8 character password would last about 15 minutes; a 10 character would last over 6 months.  Admin passwords will be 12 character minimum.
• Longer password only has to be changed twice a year.
• Audit felt ITSO should approve ALL exceptions.  Campus is not concurring with this part of the audit finding.
• Looking to close the audit finding by February.
• Areas with PL1 need to show evidence of compliance with password standards.

Not allowing user admin access is being changed to a MUST standard from a SHOULD.

Other security plan updates:

• Mobile devices - went from 2 paragraphs to 3 pages to encompass mobile devices from laptops, tablets to phone.
• User agreements; what to do and not to do, how to manage them, cloud connectivity, app directions.

Cloud computing - cannot use a cloud vendor without University contract.  Ex: DropBox not compliant.  Only Google Drive has been approved for cloud computing, but no PL1 or PL2. 

New surplus standard:

• Found that drives were kept and shredded to save labor of wiping. Also reusing drives in other equipment.
• Still do not want to track drives, so not computers will get turned in with drive. Contact ISO for exceptions or issues.

Note: Only have to wipe drives once, not 3 or 7.  Forensically proven to take pretty expensive equipment to recover data from there.

Next MWSSLS meeting will be February 21, 2013.

PLEASE NOTE: The statements found on the MWSSLS Home Page are for informational purposes only. While every effort is made to ensure that this information is up to date and accurate, official information can be found in the University publications.

Last modified on March 21, 2013
This page is maintained by the ROHAN webmaster