Information Technology Advisory Committee (ITAC)

1:30 - 3:00 pm - I. G. Greer Hall - Room 224
Persons Present:

Ex Officio members: Doug May (Acad. Computing Serv.), Jeff Williams (Chair, Info. Tech. Serv.)

Voting Members: Kevin Howell (Coll. of Fine & Applied Arts), Greg Lovins (Business Affairs), Tom Bennett (proxy for Lynne Lysiak, Belk Library), Emory Maiden (Coll. of Arts & Sciences), Tom McDonald (Hayes School of Music), Ed Pekarek (Coll. of Arts & Sciences), Dick Riedl (Reich Coll. of Education), Bill Ward (Academic Affairs)

Visitors: Steve Breiner (Instructional Comp. Serv., ITAC Recorder), Tony Grant (Dept. of Tech.), Michael Bennett (RCOE), Bryan Johnson (RCOE), David Earp (ACS), Oscar Knight (ITS Security Manager), Tom Van Gilder (Arts & Sciences), John Spagnolo (RCOE)

Preliminaries

Jeff Williams opened the meeting at 1:40 PM and greeted the attendees. He noted ITAC had acquired a number of new representatives and introduced them.

1) IT Security - audit follow-up, workstation management, operational procedures

Williams noted that increased emphasis on security requirements by State Auditors and on dictates of normal prudence, ITS would be implementing a number of projects to secure and protect our computer environment. He introduced Oscar Knight and David Earp to update ITAC on some upcoming projects.

Knight noted the group that recent requirements from the State Information Resources Auditors will require more intrusive scanning of all network-connected computers for such issues as “weak” passwords and null sessions (see http://www.lokbox.net/help/html/Security/NullSession.htm). Further, he anticipated needing to perform those scans at least twice per year. Williams noted that these scans will not shut down or reboot the machines being scanned, and asked whether there were other concerns ITS would need to address before beginning the scanning. Tom Van Gilder asked what was the definition of “weak,” referring to passwords. Knight responded that passwords with dictionary words, user information, and without digits and case changes were characteristic. Steve Breiner (ITS) asked whether regular users had been notified of the specific requirements for strong passwords. Doug May (ITS) responded that users had not yet been, but would be notified by e-mail. Ed Pekarek (Comp. Sci.) asked whether there were a link on the Appalachian Password Set page to inform users about various password-related issues. Williams stated that he would check with the Webmaster’s office to find an answer.

Knight suggested that the next time Appalachian undergoes an IT audit, we should expect much deeper scanning for vulnerabilities than has previously been the case. He mentioned that he expected the auditors to focus on previously unscrutinized issues like firewalls, identification devices, currency of virus scanners and definitions, and others. Auditors concerns are increasingly adding issues related vulnerabilities of internal origins (server to server, internal workstation to outside world) to the traditional focus on attacks originating from external sources.

Williams asked Earp to comment on application issues. Earp noted that the ultimate goal of the efforts being implemented were to prevent Knight (and auditors) from being able to find any vulnerabilities. Earp noted that addressing many concerns involved pushing automatic updates for operating systems (OS), virus scanning (VS) software, desktop productivity applications, and other software used on connected machines. He mentioned the recent implementation of ePolicy Orchestrator, which can detect and identify machines with out-of-date VS software or definitions and can establish baseline configurations and proactively identify problematic machines to prevent potential problems. He stated that the ultimate goal was to automate procedures to provide security, thereby freeing users from the necessity to do so and allowing them to focus on their jobs or studies. He mentioned that the ePolicy agent will help keep machines’ OS, VS, and applications updated and can enforce certain desired security settings and that Zenworks (a Novell workstation management tool) can provide software delivery services and updates, prompting proposed recipient to accept the updates at their convenience (until completed). Earp noted that ITAC needs to provide some guidance as to how deeply (for everyone? students? peripheral organizations? connected home machines?) such a policy need be applied.

Pekarek asked whether the new scanning policies would require all users to move to Windows. Earp replied in the negative; PCs running windows would be the earliest targets for the new policies, but that Macintoshes would follow, with Linux PCs possibly targeted somewhat later. Pekarek then proposed that negotiations occur before starting pushed updates or software to determine acceptable times of day for such operations to occur. Earp replied that the ePolicy agent allows the user to temporarily defer proposed updates if timing were an issue for specific updates, but that later, the “push” request would automatically reset to the original schedule.

Pekarek then asked whether there would be a university-wide movement away from FTP (file transfer protocol) toward secure FTP (SFPT). Knight replied that he would support that becoming an institutional standard as soon as possible.

Williams then suggested that as important IT initiatives begin to take shape, there needs to be an open, 2-way communication channel between ITS and the user community (as represented by ITAC).

Pekarek then noted, referring again to the idea of “pushed” updates, that Appalachian needs to better provide helpdesk support to address issues immediately when and if “pushes” somehow degrade access to services necessary for classroom or other time-sensitive applications.

Knight then reported that this very morning, an infected machine was brought onto campus and connected to the network, thereby bypassing our border protections. An intrusion prevention device (IPD) detected the problem reasonably quickly, but the occurrence points out the need to be more vigilant as threats become more pervasive. Breiner asked whether it might be possible to require a pre-connection scan of all machines on a first (after some reasonable interval) connection to the net, to check for current AV and OS updates, with an automatic refusal to issue an IP address if a scan shows problems or if the user refuses to allow a scan. He also noted that most users are unaware that the university will provide them with AV software for both their office and home machines - he suggested overcoming our historic lack of communication with users would help with some of the issues we face. Bennett asked whether there was general access to the software, to which Earp replied that only IPs on Appalachian’s subnets should have access.

2) ASU Communications Plan - including recent roll out of Email Distribution Management List

Williams noted the deployment of the Appalachian’s new Email Distribution Management (EDM) system to help users manage the email they receive from university-related sources. He mentioned that all users have been auto-subscribed to all lists under the EDM umbrella, but that they received an e-mail explaining how to unsubscribe from the optional lists.He mentioned that ITS is currently examining the feasibility of attaching a one-click unsubscribe link to each message sent out by the optional lists.

3) Planning for student lab / public workstation refresh (assuming new E&T is approved)

Doug May reported that ACS is encouraged by the possibility of formally establishing a refresh cycle for student laboratory and classroom computers. He noted that a mechanism for central purchasing would be a necessity for managing such a program on a regularized schedule. Williams noted that the UNC Board of Governors had rejected Appalachian’s tuition increase request and that approval of the E&T fee increase was not certain at this point. Presuming a stable funding mechanism can be established, Williams asked for suggestions and discussion on how to establish a fair distribution mechanism for refreshes. May stated that a “standard machine” would be the ideal, with mechanisms in place to allow for special requirements. Some questions with which May and ITS need assistance include: What should we do with existing machines which are outcycled? How can we handle requests for new labs? What is the appropriate refresh interval (noting in an aside that a 4 year cycle seems to be reasonable at this point)? How should the cycle vary for “special needs” situations? Faculty desk machines will require a separate discussion and a funding source other than E&T… how might that be handled?

Williams reported that, in conversations related to a formal lab computer refresh cycle, the provost had asked how many machines would be required. That issue is one on which an ongoing conversation needs to happen, with input from this group. Williams noted that after the March 13 Board of Governors meeting, where the E&T request will be decided, ITAC would need to discuss the implications of that decision.

A brief discussion of advantages of machine standardization occurred, during which Van Gilder mentioned that the College of Arts and Sciences had found that their efforts to standardized seemingly were working very well.

4) Other business

Pekarek asked that digital projectors also be considered in the refresh cycle and raised the issue of who should be responsible for routing maintenance, consumables, and damage. He noted that traditionally, departments had borne the costs of original purchase, bulb replacement, and replacement of units stolen or damaged by nondepartmental users (such as Conferences and Institutes or Camp Programs); he suggested that a more equitable mechanism for covering such costs be established. Bill Ward (Academic Affairs) stated that he was reasonably sure that when damage was demonstrably caused by nondepartmental groups who were given access to rooms by nondepartmental officials, that the sponsoring agency would cover the costs of damages caused during their stewardship of a venue. Pekarek proposed that outfitting and maintenance of technology-enabled classrooms should be a centrally funded, facility management responsibility.

John Spagnolo (RCOE) noted that his college had experimented with the user of mobile computer carts, outfitted with laptops, for enabling some classrooms with technology. Michael Bennett (RCOE) asked (referring to the earlier discussion) whether computers in labs at Distance Education sites had been included in the refresh cycle discussions. May replied that Appalachian had provided those machines in the past but that they were seriously aging and should be part of the discussion.

Williams announced that construction had begun at the Caldwell Community College “Alliance” site and Bennett noted that the site would be used mostly by RCOE.

Van Gilder asked whether wireless network access in academic areas can be funded by E&T monies. Williams mentioned that the original request for $2M in E&T increases had included $300K for wireless enhancements, but that only $1.2M had ended up in the final requested increase. He suggested that wireless access would need to be considered in a process which balanced that need with all of the other needs resting on those funds.

5) Adjournment

Williams bid the group to enjoy the falling snow and adjourned the meeting at 2:49 PM.

1:30 - 3:00 pm - I. G. Greer Hall - Room 224

Persons Present:

Ex Officio members: Doug May (Acad. Computing Serv.), Jeff Williams (Chair, Info. Tech. Serv.), Tim Huelsman (Fac. Senate)

Voting Members: Brian Brown (Student Services), Robert Brown (Student Govt.), Gabe Fankhauser (Hayes School of Music), Kevin Howell (Coll. of Fine & Applied Arts), Len Johnson (HRS/Chancellor’s Office), Emory Maiden (Coll. of Arts & Sciences), Ed Pekarek (Coll. of Arts & Sciences), Justin Pittman (Student Govt. Assoc.), Dick Riedl (Reich Coll. of Education), Dragan Stefanovic (Coll. of Arts & Sciences), Peter Wachs (Student Development), Bill Ward (Academic Affairs)

Visitors: Steve Breiner (Instructional Comp. Serv., ITAC Recorder), Tim Burwell (Academic Affairs), Tom Van Gilder (Arts & Sciences), Pamela Graham (Arts & Sciences), Doug Brantz (Fine & Applied Arts), Oscar Knight (ITS Security Manager), Greg Simmons (Instructional Computing), Jeff Church (Instructional Computing), Charles (Mick) Kreszock (Instructional Technology Ctr.)

1) Welcome, Introductions, and recent Activity

Jeff Williams opened the meeting at 1:33 PM, greeted the assembly and referred those present to the online posted minutes from the September 10 meeting. He recognized a number of new ITAC representatives, and asked the members to introduce themselves for the benefit of all present.

2) Discussion of Student E&T fee increase

Williams introduced Tim Burwell who reported that research begun last year indicated that the Education and Technology (E&T) student fees Appalachian were 15th lowest of the 16 UNC institutions and that that was the result of attempts to keep tuition and fees low during last year’s cycle. He mentioned also that there had been a proposal for a $100 increase last year. He stated that the combined student fees of $225, when considered with tuition, left Appalachian with a revenue level third from the bottom in the UNC system. His research showed that the E&T fees netted some $400,000 for Information Technology Services (ITS) use with the bulk of the additional E&T revenues (roughly $1.2 million) flowing to departments for various uses. Additional revenues accruing to ITS include $200,000 from summer school allocations and and additional $120,000 in distributed salary monies. He noted that Appalachian had been able to achieve quite impressive infrastructure improvements, due primarily to the 1-time monies resulting from the bond referendum passed in November of 2000, but that the bond funds had been depleted. It was clear, noted Burwell, that Appalachian needs to establish a more stable and reliable funding mechanism to maintain its progress and to achieve needed improvements in the IT arena.The conclusions of his analyses, including a realization that we will be involved essentially in zero-based state budgeting, led the administration to request the $100 per year increase in per-student E&T fees, mainly targeted to IT needs, to provide approximately $1.3 million to be spent for service categories that directly impact students. The request will go to the Appalachian State University board of trustees for consideration at their December meeting.

Williams noted that ITS had been asked during the consideration of the fee increase request to identify as beneficiaries those uses that directly relate to student education. Among the issues identified were establishing a regular 4-year refresh cycles for the 1800 computers maintained for use in student computer labs, maintenance and refresh of the IT infrastructure, and personnel issues that directly impact educational activities.

Tom Van Gilder (A&S) asked whether the proposed refresh cycles would apply to computer labs that were originally established by the colleges. Doug May (ACS) replied that all publicly accessible labs would be included, if the request were granted. Van Gilder then asked whether faculty machines were to be included and May replied that faculty machines were expressly not included in this mechanism and that this funding can only be applied in direct support of instruction. He further noted that other funding, notably from state allocations, should be used for refreshing faculty machines and the related infrastructure, since those uses are considered routine office necessities.

Robert Brown (SGA) asked what would be the net impact on students as a result of the fee increase. Peter Wachs (Student Development) answered that the increase in E&T fees from $118 to $218 per year should have only slight impact, since all other fees were remaining essentially constant.

3) Follow-up on IT audit - workstation management

Williams reported that, to meet the requirements of our latest audit report from the State Auditors office, Oscar Knight, formerly in the Network Support Services area in ITS, had been appointed to the newly created position of IT Security Coordinator and will report directly to Williams. He noted also that this, and other requirements of the audit report, had been addressed by November 9. Included in meeting those requirements was the deployment of a scanning mechanism for compliance certification of workstations — initial results indicate that from 75 to 100 workstations (computers) had completed the soon-to-be mandatory process. He noted that the scan process would be required for all servers and faculty/staff workstations (computers) every 6 months to verify the absence of vulnerabilities. Those machines with Novell workstation management will be updated routinely and automatically but standalone machines will need to complete a (fairly rigorous) manual process to achieve their certifications.

Williams then introduced Knight, who explained the auditors’ concerns with issue of “null sessions” and described how registry changes related to this (and to similar vulnerabilities) were fixed remotely using Novell’s remote Workstation Management capabilities. Williams added that the recent “Paypal Phishing Trojan” (see an explanation and examples) and many others like it make it only prudent to be very careful with our access and with the machines that connect to our network and the Internet.

Brian Brown (Stud. Serv.) asked what plans for future security were being considered. He proposed that items such as a standard, university-sanctioned, reasonably secure browser, spyware scanners and removers, and other security-friendly items be included in the standard university computer OS build(s). Williams replied that those things and others are under consideration. May noted that information related to security of the Appalachian builds is always being included and considered. Kevin Howell (F&AA) suggested that Appalachian look at the Pest Patrol® be considered as a particularly effective possibility for spyware removal.

4) Recent legal actions for P2P activity

May reported that the RIAA (Recording Industry Association of America) had been granted subpoenas ordering Appalachian to provide names and contact information for three Internet addresses allegedly conducting illegal file sharing of copyrighted materials from within Appalachian’s network. On advice of the university counsel the information was provided to the RIAA and the students implicated in the allegations were notified of the action. May mentions that the recent spate of legal action by the RIAA seemed to cast a wide net with some 700 alleged offenders being targeted at some 226 institutions. He suggested we can use these unfortunate events to help educate the university community, students, staff, and faculty, as to both the criminal nature of and potential problems resulting from illegal file sharing.

May noted that on November 4 the MPAA (Motion Picture Association of America) has recently announced action plans similar to those of the RIAA, having sent letters to campuses and individuals threatening legal action against file-sharing abusers. Williams noted that UNC President Molly Broad had testified before congressional committees in Washington, DC, about the issue, and supports efforts to curb illegal file trading and sharing. There are system-level discussions occurring to determine how to address the P2P (peer to peer) issue and that recent efforts at Penn State to curb illicit file sharing by promoting legal alternatives has not been particularly effective at reducing the undesirable activity. Brantz asked about actions the university might take, such as warning individuals, to help curb the activity. May replied that there was a delicate position the university must take in order not to subject itself to losing it’s “safe harbor” status as an Internet Service Provider.

Robert Brown asked whether there might be system-wide recommendations as to P2P coming out of the system-level discussions. May acknowledged that as a clear possibility. Williams mentioned that those groups were following the testing of software at UNC-Charlotte that can supposedly prevent unauthorized transfer of copyrighted material. He added that the university probably needs to take a role in attempting to educate the nonuniversity public as well as out community about P2P issues.

5) Workstation refresh - cycles, approach, etc.

Williams noted that it appeared that establishing a formal, routine refresh cycle for computers on campus would likely be most successful if based a formula using the numbers of employees using them, leaving the localized administrators to allocate “refresh credits” appropriately, rather than attempting to centrally identify specific computers (using FAS or individual assessment) for replacement. He mentioned that the current CIO of the State of North Carolina would likely retain the position and that he anticipates that the state’s efforts to devise a statewide inventory would benefit Appalachian.

6) Update on campus communications plan for faculty and staff

Williams reported that the Communications Committee, chaired by himself and Len Johnson (Human Resources), had devised a mechanism for establishing email subscription lists that facilitate university communications. He stated that the current flood of locally produced email (via the SUBSCRIBERS and FACULTY listserves) made it almost impossible to communicate when important issues arose. Too many people simply delete or ignore those messages, buried in the volume of email they don’t want to receive in the first place. To alleviate the situation, the committee has recommended establishing two email lists, one for faculty and one for staff, that would be used only for critical notices - this list would subscribe every Appalachian employee immediately on employment and would not offer the recipient an opportunity to opt out. All other lists would target specific audiences and subscribes to those lists would be allowed to opt out of them at any time. Messages from the “voluntary” lists would necessarily carry instructions on opting out in every message. The proposed system would collect all of the list options (opt in or out) on a single management page accessible to all employees. Williams mentioned that other modes of communication were being considered, particularly for emergency-related information, including outbound calling and automated systems. The new subscription system for email should be active by early Spring semester, 2005.

7) Other items

Ed Pekarek (Computer Science) asked about the status of the IT status report issued by the consultant who visited the campus this (Fall) semester. Williams replied that the Vice Chancellors had received and were considering the report and its implications next week (11/16) and that he expected to hear more about the results following that discussion. He noted that the IT discussion was part of a more comprehensive discussion that would be looking at multiple issues facing the institution and administration.

Adjournment

Williams thanked the the members for their efforts, wished them well, and adjourned the meeting at 2:32

1:30 - 3:00 pm - I. G. Greer Hall - Room 224

Persons Present:

Ex Officio members: Doug May (Acad. Computing Serv.), Jeff Williams (Chair, Info. Tech. Serv.)

Voting Members: Al Harris (Walker Coll. of Business), Brian Brown (Student Services), Robert Brown (Student Govt.), Tom Leonard (for Teresa Canton - University Advancement), Gabe Fankhauser (Hayes School of Music), Kevin Howell (Coll. of Fine & Applied Arts), Lynne Lysiak (University Library), Emory Maiden (Coll. of Arts & Sciences), Ed Pekarek (Coll. of Arts & Sciences), Justin Pittman (Student Govt.), Don Rankins (Registrar), Dick Riedl (Reich Coll. of Education), Dragan Stefanovic (Coll. of Arts & Sciences), Peter Wachs (Student Development), Bill Ward (Academic Affairs)

Visitors: Steve Breiner (Instructional Comp. Serv., ITAC Recorder) , Mary Beth McKee (Instructional Comp. Serv), Pamela Graham (Arts & Sciences), Doug Brantz (Fine & Applied Arts), Mick Kreszock (Instructional Tech. Ctr.)

1) Welcome, Introductions, and recent Activity

Williams opened the meeting at 1:30 PM and greeted the group. He passed around two draft documents related to the ASU Communications Plan under development by the University Communications Committee. He then asked the attendees to introduce themselves and to provide describe their functions at Appalachian.

Williams then commented to the group that the recent AppalNET server replacement had gone relatively smoothly thanked those who were involved in the effort.

2) Report on recent IT Audit and possible consequences

Williams reported on the recent IT audit of Appalachian by State Auditors Office during a three-week visit to campus. He commented that ITS had prepared for the audit through conference calls with other campuses who had recently been audited and by addressing issues uncovered during last year’s audit by outside IT consultants commissioned by IT Services. He reported that, based on “traditional” external attack scenarios, the audit team was unable to penetrate, or even probe any systems on the secure side of our internal network. After being unable to penetrate our border protections to even probe our secure systems, the audit team requested access to our secure network areas, normally reserved for trusted user access and server-to-server communications. They in effect “raised the bar” and probed into areas they normally don’t have time to consider. Once Network Services allowed the audit team to penetrate the protected network, the team discovered a number of issues that, while not posing serious threats of penetration from outside the secure network, were identified as potential weaknesses, were some attacker able to somehow penetrate our internal network. To help strengthen security on the secure side of our network, the Systems group were handed these vulnerabilities for investigation and resolution.

Williams and Wes Bunch (as representative of the Chancellor’s Office) worked together to develop reports and responses to address the concerns that were uncovered, and the ITS Systems group were able to resolve the most important issues quickly. The upshot of the auditor’s visit was a clean, “very good” public report, with a number of “private findings” that were to be addressed within 90 days of their issuance.

Williams did mention that, as a result of the “raised bar” related to security, the Appalachian community should expect soon to see requirements for more comprehensive, and possibly intrusive, scanning of all systems, workstation and server alike, for potential security vulnerabilities.

3) Discussion of general communications with faculty, staff and, students

Williams asked ITAC to begin serious consideration of how the university should approach developing a mechanism for rapid dissemination of important communications, particularly those involving emergent situations. He reported that, members of the Subscribers and Faculty listserve have received some 225 announcements in the last 30 days, and that its sheer volume of messages precluded its use as a “must-know-now” communication mechanism. He mentioned to the group that there was an ad hoc University Communications Committee that was examining options for important communications and asked that the group provide input on precisely what would constitute “importance,” and about who should be able to take decisions about initiating those communications. Williams suggested that a series of tightly targeted listserves might constitute part of a comprehensive system. Several issues are under discussion as regards critical communications, such as:

• what topics should give rise to these targeted lists
• which constituents should be targeted by which lists
• who should “own” (i.e., control) which lists
• which should be “opt-in,” “opt-out,” or mandatory

Williams then described current mechanisms for distributing critical information on issues like class cancellations, emergency procedures, etc., and suggested that ITAC begin consider suggesting guidelines for initiations of and decisions regarding those types of announcements for inclusion in a future University Communications Policy and Plan. Mick Kreszock (Instructional Tech. Ctr.) suggested contacting the Department of Communications (in Fine & Applied Arts) to tap their expertise and knowledge of corporate communications systems.

Brian Brown (Electronic Stud. Serv.) proposed guidelines for submissions to such “must-see” listserves suggest using web links in lieu of attachments, as has been the case in the past. Steve Breiner (Instr. Comp. Serv.) echoed the sentiment, proposing that requirements, rather than guidelines, be implemented as policy to restrict use of attachments. Pete Wachs (Stud. Dev.) suggested building a web form for submissions to such lists.

Kreszock asked whether it was possible to allow for “self-service” creation of listserves for departments or other campus areas to streamline the ability to communicate. Williams replied that users could now initiate the process of listserve creation based on their roles at the university… then clarified that, in the future, self-service initiation might be handled as a role-based application. Brown asked what was the mechanism for a user requesting establishment of a listserve and suggested that the Communications Committee adopt some form of naming convention for lists created for Appalachian. Doug Brantz (F & A A) asked whether lists might be created through an existing AppalNET mechanism. Breiner replied that the “Groups” feature in AppalNET was a tool initiated by users using a self-service request mechanism, but that AppalNET “groups” were a browse technology rather than a “pushable” one.

Robert Brown (SGA Student Rep.) asked whether group membership lists can be modified by the group manager, unlike the “class list” features in the Faculty Services areas within AppalNET. Breiner responded that the group owners had the complete ability to add or remove users as desired, but that adding a member issued an invitation to join the group that has to be accepted by the invitee.

Williams then mentioned the need to communicate with IT users about such things as planned outages in university systems for purposes of maintenance, repair, or software updates. He gave the example of the recent (on the Thursday prior to the Labor Day weekend) replacement of the university system hosting email services, thereby refining and completing the upgrade process begun in August. He noted that the timing was selected to minimize the impact on uses by performing the operation during a traditionally low-usage time, when most faculty and students were in holiday mode. Williams suggested that ITAC propose a list of the types of people who should be notified of such operations. Kreszock suggested that notification would not be necessary if ITS pre-scheduled times for non-emergency maintenance periodically during the year. Williams agreed to have ITS look at and pre-evaluate times for maintenance during the year that would minimize service disruptions.

Justin Pittman (SGA Student Rep.) asked why the daily SIS maintenance cycle occurred between seven and nine PM, when that was a time many students need to access their information in SIS. Don Rankins (Registrar) responded that that time frame selected because it was the time of the day with minimal usage. Williams remarked that the daily downtime was the result of our current SIS being a “legacy” system subject to constraints that should disappear when the Banner SIS system is deployed. Breiner mentioned that he had learned that the reason maintenance cycles were performed evenings rather than overnight was to eliminate the possibility that processing of a days events, absolutely essential to the next day’s system operations, could be restarted and completed overnight if the evening’s processing aborted for any reason. Initially running the processes overnight would not provide sufficient time, in case of a failure, to diagnose the problem and redo the processing in sufficient time for the next day’s start.

Williams gave another example of a day-long Internet outage that occurred just before the start of the semester. Williams explained that the outage was caused by a failure of off-campus equipment, not operated by Appalachian. Although a notice was posted on the ASU homepage about the outage, there was no estimate for the resolution of the problem since vendor couldn’t find the point of failure. Kreszock noted that Appalachian’s fully redundant Internet connectivity would soon be in place and operational.

Williams, referring once more to the auditor’s reports, stated that Appalachian would soon need to repeat the network registration of all network-connected faculty machines. He acknowledged the inconvenience that always accompanied this task, but stated it would have to happen anyway. He posed the question of how to notify faculty in such a way as to minimize problems leading to tech support calls.

In further discussion of essential communications systems and how to provide up-to-date information to employees and student, Rankins proposed a multi-line telephone notification system to replace the current one-line snow notification system. Breiner suggested that all web pages on university servers be required to list a creation date and identification of a responsible party. Kreszock expanded on that theme, suggesting that there be a default, automatic expiration for web pages if those dates are not occasionally reset by a responsible party.

Ed Pekarek suggested a telephone-based information system, employed as gateway to the helpdesk telephone hotline, to inform users of known problems with campus systems — such a mechanism might provide enough information to satisfy many users and to prevent the crush of calls that must be answered individually by the tech support team whenever a problem occurs. Doug May (Acad. Comp. Serv.) replied that ACS was exploring telephone system upgrades that would provide that capability.

Williams next mentioned the growing importance of documenting each user’s acceptance of Appalachian’s Computer Use Policy in order to satisfy state requirements, and the difficulty of causing this to occur. Brantz, in reply, suggested that acceptance of the policy be placed on the now required password change form as a prerequisite to allowing a user to update his or her access codes. This would essentially require an acceptance of the policy conditions every 90 days, that being the lifetime of passwords on our campus systems. Williams stated that he would pursue that idea with the appropriate persons in ITS.

Breiner suggested that ITS create a “new service request” mechanism that would allow users to make it known to IT Services that there were new services, software, or processes needed or wanted by users.

Bill Ward (Acad. Affairs) asked whether, given the growing stream of announcements, there were a “gatekeeper” for the existing campus-based listserves. Williams stated that the “owner” of a list has full control over both whether approvals are required to post and who can use or delegate the privilege to make such approvals. Williams mentioned that such issues as this would be topics addressed by the University Communications Committee and that any eventual actions or products of that body would be distributed to ITAC and other campus constituencies for discussion and comment.

Justin Pittman asked how events such as class cancellations that occur after the traditional 6:30 AM decision deadline would be handled. Ward replied that the local radio stations, departmental personnel, and university web page should be able to handle notification of students and staff.

4) User survey suggestions

Williams told the group that ITS was looking for surveys, preferably validated ones, for examining the use of computers in labs, software needs and wants, and other issues related to provision of IT services. He requested that any members having knowledge of such surveys please contact him with that information.

5) Other business

Rankins reported that a new version of SCT’s Web for Faculty product was in testing and that itt should streamline faculty and advisor access to the information they need. He mentioned that an evolving, long-term vision for the “Web for” products, AppalNET, and other electronic data services was the consolidation and integration of all of those services into a unified interface. The current proposed upgrades will increase performance and convenience, and will undergo significant testing before being deployed. Rankins further stated that his goal was to fully test and develop training for these systems before Fall break. In related developments, he noted that the Banner project is well under way. He stated that the Banner Implementation Committee would be visiting each administrative unit to discuss and answer questions about the Banner system during its projected three-year implementation schedule. Our older systems will be “spruced up” and patched to latest levels to prepare for the eventual freezing of those systems. After that point, with the exception of emergency actions, all discretionary energies and efforts will be diverted to the new systems. Williams noted that the campus implementation team had changed and that he expected information about the project to flow more smoothly as implementation proceeds. He noted also that the Banner web site, http://www.banner.appstate.edu/, will provide more timely and informative answers about the details of the Banner project.

Brantz asked if it is currently possible at Appalachian to set up a database-driven, user-maintained web site for a department or other campus unit. Wachs and Brown briefly discussed Student Development’s mechanism for doing just that, with automatic collection of appropriate information, announcements and web pages. The site mentioned uses a PHP-driven open source database for storage of that information and provides RSS (Really Simple Syndication) feeds to SD’s live web pages. Brantz suggested that centralized server capabilities for storage space and database access would be a highly desirable service for numerous campus groups.

6) Adjournment

Williams noted that the 3:00 o’clock hour was approaching, thanked the attendees for their input, and adjourned the meeting at 3:00 PM.