The Charge

On August 2, 2012, the Vice Provost of Information Services, Lois Brooks, formally launched a process to define Change Management and Incident Response practices for Information Services. The goal of change management is to increase awareness and understanding of proposed changes across an organization and ensure that all changes are made in a thoughtful way that minimize negative impact to services and customers, while the goal of incident management is to respond to incidents effectively.

The outcome of this process will be an operational framework that all parts of the organization will follow. A Change Advisory Board shall define roles and responsibilities; ensure documented processes for planning, execution, validation, documentation and communication; and develop response processes to unplanned outages.

The Process

Per VPIS direction, a task force chaired by Jon Dolan (Director, Network Services) and Kent Kuo (Director, Enterprise Computing Services) developed policy that:

• is based on the ITIL framework for service delivery;
• is informed by best practices at peer institutions;
• ensures that changes are not only well thought out and executed well, but documented appropriately for review toward process improvement; and
• ensures appropriate engagement and communication with OSU and external customers.

The Policies

Both the Change Management and Incident Response Policies were formally adopted on December 5, 2012.

Any change to an IT system shall be categorized as a Standard change, a Significant change, or an Emergency change, and units within Information Services shall follow both organization-wide defined processes and additional processes defined by the applicable unit within IS.

• Download the Change Management Policy (PDF)

The Incident Response policy applies to all service-affecting incidents involving IT services provided by OSU Information Services. This policy does not apply to Security Incidents, which are covered by the Information Security Manual section 502: Incident Response and Escalation.

• Download the Incident Response Policy (PDF)

Change Advisory Board

The Change Advisory Board convened in December, 2012 and began drafting appropriate processes for changes and incidents. As basic processes are defined, the CAB will begin performing its function as a change review body even as it continues to define and refine change processes.

For Academic Year 2013, board membership is as follows.

• Mark Baldwin, Enterprise Computing (two year term)
• Joel Burks, Network Services (two year term)
• Joseph Duncan, Shared Infrastructure Group (two year term)
• Mike Hinds, IT Communications Manager (ex oficio)
• Kirsten Petersen, Network Services (one year term)
• José Cedeno, Media Services (two year term)
• Chris Sinnett, Community Network (one year term)

Information Services is constructing a new communications data center on the west side of campus to house core communications infrastructure. This will enable us to establish redundant connections to key facilities and maintain network and voice operations should we lose Kerr Administration or other significant facilities in the campus core to earthquake or fire.

Network Services has been working with College of Agriculture (COA) to provide Architect Services to assist with the design of a new 2100 sq. foot data center located on Campus Way next to the new COA MATF building. The data center will be on the south side of a COA equipment maintenance structure. COA has hired engineering services for structure, power, HVAC, and lighting design. The timeline for tentative acceptance testing and handoff to Network Services is late Winter Term 2014.

This administrative page provides information about the project structure and processes. Information for customers can be found at oregonstate.edu/main/online-services/google-apps-for-osu.

The Charge

Information Services (IS) provides ONID email and file storage services for students and employees. Following an investigation by the Google Apps Task Force and subsequent input from campus groups, the Vice Provost of Information Services and the Information Technology Steering Committee launched the Google Implementation Project in January 2013.

For Phase I, the Implementation Team is tasked with enabling Google Apps for Education for all members of the OSU community. Implementation shall occur in the 2013 calendar year under the University's formal agreement with Google. The implementation is being made in consultation with key groups across campus and in consideration of evolving contexts, particularly the needs of users.

The purpose of the implementation is to:

• enhance collaboration among students, faculty, and external partners
• facilitate students' personal and team-based calendaring
• increase "anytime, anywhere" access to well-secured data
• help achieve lower operating costs for departments, where possible, and
• provide a foundation for future enhancements to security and OSU identity management

Project Scope, Phase I (through Dec. 2013)

Google Apps for Education

During Phase I, Google Apps for Education will be made available to OSU employees and students via CAS authentication, using existing ONID login credentials. Additionally, a six month opt in period will allow students and employees to provision Google Mail and migrate any email from the ONID email server to Google. A major outreach and training component will communicate the change to the community and documentation will be developed as needed.

Services Affected, Services Not Affected

Information Services will sunset the OSU-hosted ONID email service in December of 2013, at the end of Phase I. All ONID email that remains on the ONID server will need to migrate to Google at that time.

The @onid.orst.edu email address, however, is not changing as a result of migration. Rather, all @onid.orst.edu email will be delivered via Google Apps for OSU.

No other ONID services will be affected; access to ONID file space, ONID class groups, and other ONID services will be unchanged. No non-ONID services will be changed, e.g. Exchange-based email and calendaring services associated with @oregonstate.edu accounts will not need to be migrated.

High-Level Requirements

• Google authentication must use CAS / LDAP for security
• Must be able to provision accounts automatically
• Must be able to remove accounts as students leave or when deemed necessary
• Must recommend ADA compliant tools where native web interfaces do not meet ADA standards
• Must have support staff trained to be able to serve student, faculty, and staff

Deliverables and High Level Timeline

Implementation Team

The Charge

Greening IT is an initiative to reduce the environmental impact of information technology at OSU. The Greening IT group provides value to the OSU community through outreach education and reducing university expenditures in electricity, paper, HVAC, toner, and equipment purchases.

Lucas Friedrichsen, IT Manager with Information Services, is leading a broad task force to explore the interests, issues, practical concerns, and technical concerns associated with "greening" information technology. The group is comprised of members that have a passion for sustainability and reducing OSU's impact on the environment.

The Process

The task force uses the 80/20 concept to select topics that have the largest impact across the university. Using that mantra, committee members research problems or processes and develop best practices to share with the OSU community, the IT community, and beyond. For example, methods to reduce paper and toner usage by all members of the community is one of the first areas under investigation.

The current, ongoing topics are:

• Computer Lab Management
• Data Center Efficiency
• Paperless

Targeted communications will be emailed to OSU associates and posted to the website on a regular basis. Communications will be derived from industry and academic research and from projects that committee members lead.

Additionally, a website to educate the OSU community on steps that individuals can take to reduce their computing impact on the environment is now online.

Task Force Members

• Lucas Friedrichsen, Information Services (chair)
  • Education awareness campaign
• Brandon Trelstad, Facilities Services
  • Education awareness campaign
• Keith Price, College of Engineering
  • Computer lab management and power conservation
• Gabe Williams, Student Affairs
  • Data center efficiency
• Curt Onstott, Crop and Soil Science
  • Data center efficiency
• Brian Staffenson, University Housing and Dining Services
  • Paper usage reduction

Information Services has deployed a new HD video bridge for the growing number of HD videoconference units being deployed statewide. The new service is more robust and resilient than the older bridge and we are deploying tools that will allow customers to schedule conferences on demand.

The new bridge is currently in production and we will continue to migrate existing videoconference units into the system over the summer and into the Fall 2012 term.

Every student, employee, and OSU partner needs secure and comprehensive access to University systems. While ONID accounts are currently one way that community members access systems, Information Services envisions an environment where Single Sign On (SSO), inter-institutional trust and access, provisioning, and rights services extend across systems of record, differentiation, and innovation. This will allow members of the OSU community to succeed in their education and work and will reduce the University's risk by providing a way to reliably and quickly decommission access.

InCommon

OSU is in the process of joining the InCommon Federation, a secure and privacy-preserving trust fabric for research and higher education operated by Internet2. OSU researchers will thus be able to access online resources at trusted institutions using their OSU authentication credentials, and vice versa, thus facilitating inter-institutional collaboration.

As a part of this process, we are posting the InCommon Participant Operational Practices document so that all members of the consortium may see it.

Information Services is managing the following technical implementations in 2013. We will update the implementations and their projected dates on an ongoing basis.

Grid view | List view (accessible)

Projected Launch / Completion Dates

The Charge

Current business intelligence tools no longer meet the evolving business needs of the University. Thus, the University has decided to move from the current data warehouse solution to Ellucian software products ODS (Operational Data Store) and EDW (Enterprise Data Warehouse). In addition, Cognos, an IBM reporting tool, will be installed and implemented. BRM (Banner Relationship Management), RAP (Recruiting and Admissions Performance) and SRP (Student Retention Performance) will also be implemented.

Ultimately, Information Services shall implement the new products to ensure our customers have access to consistent, timely data for analysis and reporting. The existing Data Warehouse solution will continue to be supported for the next several years until the transition is complete.

Alignments With the OSU Strategic Plan

• RAP & SRP will assist with target goals of increasing First-Year Rentention and Six Year graduation rate by identifying students not meeting their goals
• RAP & SRP will assist with target goals of recruiting high achieving students and minority students by identifying and targeting these studen ts for recruitment
• ODS/EDW/Cognos will assist with improving the information infrastructure to support the University

The Process

Project managers and developers began by gathering requirements from stakeholders. Requirements gathering for Student & Financial Aid are completed. Requirements gathering continues for Finance (to be completed early 2013) and HR (to be completed Spring 2013).

Next Steps

• Report authors will receive in-house training (by invitation only) as follows:
  • Student & Financial Aid modules, training between October and December, 2012
  • Finance & HR modules, training between January and May, 2013
• Query Authors and Report Consumers will receive in-house training (by invitation only) as follows:
  • Student & Financial Aid modules, training between January and March, 2013
  • Finance & HR modules, training later in 2013
• A preview of the ODS metadata can be viewed at adminfo.ucsadm.oregonstate.edu:8872/metadata/ODS_index.html

Steering Committee

Information Services shall ensure that a broad array of stakeholders across our many colleges and campuses shall be represented by the Steering Committee. A complete list of members shall be published when the committee makeup has been determined.

Faculty Support Initiatives - Over the last year Media Services's Technology across the Curriculum (TAC) developed several key faculty support efforts and built the Faculty Collaboration Zone on the 3rd floor of Waldo Hall. Please see Faculty Development for details on these initiatives.

IPv6 - We have tested and deployed IPv6 in parallel with IPv4 in the new Multiprotocol Label Switching (MPLS) network core with OSU officially connected to the IPv6 global backbone. We are in the process of implementing the tools needed to support deployment throughout the enterprise and anticipate starting customer allocations in less than a year.

Media Equipment Checkout Consolidation - During the Summer 2012 term Media Services consolidated media equipment checkout for both faculty and students in Valley Library. This provides faculty with a wide range of media production resources to assist in creating media rich instructional content and improve presentations.

Mill Point Network Deployment – We are deploying OSU’s network to OSU Cascades and their new facility on Mill Point with a direct connection back to Corvallis so that OSU Cascades can be fully integrated into OSU’s IT environment with increased network capacity. Work has already been completed to install the circuits and full network configuration will be completed and the remodel of the new facility is completed by the end of the summer.

MS Lync Collaboration – We are implementing Lync chat capabilities at the end of summer. With Lync, our customers will be able to do instant messaging, audio chat and video chat, and will be able to share presence and availability information with their colleagues.

MS Exchange Upgrade - We are upgrading Exchange to 2010 over the summer. The new system will be more robust, will have higher quotas, and a better Outlook Web Access experience for non-IE browsers.

MPLS network core - We are well underway with the core network migration. The architecture has been finalized and implemented with multiple customers running in production. We are in the process of migrating firewall contexts and associated customers and anticipate project completion within a couple years.

Network Redundancy - We deployed redundant routers for servers in the data center and are in the initial stages of migrating customers. The new core has been designed with built in redundancy to allow zero-impact upgrades and automatic failover in the event of an issue. The campus border routers were recently tested and proved to provide redundant pathways for off-campus services and the Internet. We are planning a set of disaster recovery tests for the coming year that will validate our DR plans and identify areas that still need improvement.

Security Awareness Campaign Expansion - We have developed multiple efforts to improve awareness of best practices, laws, and common threats to our information. These efforts include targeted training with respect to safeguarding Protected Information (PI) and Personally Identifiable Information (PII).

Telecom Work Order System – We are in the final phase of implementing a new telecom work order system that will replace our older system that has reached its end of life and for which we no longer can receive support. The new system will have the ability for customers to initiate work orders directly, will allow us to share the details of work orders with customers, and will be fully online by the fall.

Travel and Expense Project – Enterprise Computing Services will help enable staff and faculty to electronically submit their requests for travel reimbursements. Projected completion is by the end of 2012.

The Charge

The greatest perceived information security risk faced by organizations is human fallibility. Mitigation of this risk is typically addressed by the implementation of policy and procedures, technical solutions such as firewalls and anti-malware software, and security awareness training. While the organization is in the process of addressing the policy/procedure and technical side of the human equation, a comprehensive security awareness program is critical to protecting OSU's data systems and community.

Dave Nevin, IT Manager with Information Services, is leading IS's security awareness campaign.

The Process

The initial stage of the Security Awareness Program is the development of a website. Committee members were identified to vet the content of the site. Information will specifically target OSU students, employees, and computing professionals. The student website launched on September 23, 2011; visit it at oregonstate.edu/be_aware. Information for employees and computing professionals will be added in 2013.

In-person training for personnel dealing with information classified as "privileged" began Fall Term during 2011 Training Days and will continue throughout the 2013 fiscal year.

Training, either in person or on the website, will concentrate on the following areas:

• Familiarization with the Acceptable Use and Information Security Policy and Procedure Manual
• Threats to and vulnerabilities of information systems
• How to identify and protect Protected Information
• Federal and State Laws regarding data, including copyright and personal privacy
• How, and to whom, to report security incidents
• Best practices as an end-user

Task Force Members

The task force that initiated this campaign was as follows. The initial task force has since disbanded.

• Dave Nevin, Technology Support Services (Chair)
• Jos Accapadi, Central Web Services
• Mike Altimus, College of Forestry
• Mark Cohen, College of Science
• Alec Dhuse, Network Engineering
• Tyler Pruitt, Student representative
• Paul Schoening, OSU Foundation
• Brian Staffenson, University Housing and Dining Services
• Doug Weir, College of Business
• Derek Whiteside, Enrollment Management

Information Services is participating in the Time and Attendance Software Project, a joint effort of nine OSU business units to replace the current paper-based process with a new web-based system.

The Charge

IS representatives are participating in the Project Implementation/Core Group to develop the new system. The core group is scoping the project, making key operational decisions, mitigating threats to project success, and coordinating the timing and implementation of the project. IS is providing project management, software hosting, and programming resources to the project.

The Process

The Project Implementation/Core Group ensures that all business units are represented and accommodated to the extent possible. During the fall of 2011, IS helped coordinate and participate in 25 requirements gathering sessions with both end users and business admins to ensure the vendor documented the diverse needs of the OSU community.

The vendor will customize the core implementation to speak to these needs. Additional custom development may occur per feedback from the community and project specifications.

More Information

Please visit the Time and Attendance Software Project website for information on the project background, committee membership, project processes, and the implementation timeline.