April 2023 Agenda
Meeting Date: April 5, 2023
Time: 9:00 am - 10:30 am
Remote Attendance: Julie Perkins, Craig Woolley, Tony Gonce for Chad Brackin, Melanie Thornton, Elahe Russell, Stephen Beck, Rudy Hirschheim, Sandi Gillilan, Jacqueline Bach, Kappie Mumphrey, Andy Maverick, Peter Trentacoste, Tommy Smith, Mo Carney, Bret Collier, Matthew LaBorde
Presenters: Sumit Jain, Katie Bouey, Robin Ethridge, Wen-Chieh Fan
Others: Susan Crochet, David Alexander, Jason Normand, Lesa Jeansonne
Absent: Alex Basse
1. Administrative Announcements
2. Executive ITGC Updates [Craig Woolley]
3. Approval of the Minutes from the Meeting held on January 26, 2023
4. Vote on IT Governance Policy Process
Resolution: IT Governance Council acknowledges the need to involve various stakeholders in review of IT Security Policies and Standards to ensure that appropriate feedback is collected and responded to prior to approval of any policy and/or standard by the Council. Therefore, IT Governance Council designates LSU A&M IT Governance subcommittees – Research Technology Subcommittee and Department IT Subcommittee, and Faculty Senate Executive Committee or its designee as reviewers of all current and proposed IT Security Policies and Standards. The feedback from these groups will be considered and addressed by LSU Information Technology Services prior to submission of policies and standards for IT Governance Council approval.
5. Internet Outage [Craig Woolley]
6. Adobe Contract Renegotiations [Craig Woolley]
7. PM-36 Draft Policy & Standards [Sumit Jain]
8. Workday Student Project Update [Craig Woolley/Robin Ethridge]
9. ITS ITGC Project List/Teams Telephony [Katie Bouey]
10. Moodle Faculty Survey Results [Kappie Mumphrey]
Updates: Sub-Committees & Working Groups
11. Education Technology Subcommittee/Moodle Survey [Jackie Bach]
12. Research Technology Subcommittee [Stephen Beck]
13. Information sharing/Announcements [All]
14. Suggested agenda items for future meetings, including ITS topics of interest [All]
15. Next steps/Follow-up items [Chair]
April 2023 Minutes
1. Administrative Announcements
Craig Woolley shared with the Council that ITS concluded a project with LSUPD that
installed virtual panic buttons in approximately 220 classrooms across campus. He
explained that if a faculty member is teaching a class and wishes to quietly contact
the police, they can hit the panic button and it will send a silent alarm. There was
a brief discussion on how to get the software installed in other locations.
2. Executive ITGC Updates
Craig announced that there is a meeting with the Strategic IT committee scheduled
for April 14th.
3. Meeting Minutes Approval
January meeting minutes were approved with no revision. Motion to approve by Andy
Maverick; second by Elahe Russell.
4. Vote on IT Governance Policy Process
Craig shared that the Department IT Subcommittee and the Research Technology subcommittee
has been giving feedback on the IT Security Policies and Standards and it was determined
that the policies needed broader faculty input before going through the Academic Affairs
process for approval. He stated that there was a concern that originally there was
no process defined for how a standard would get changed nor any mention of oversight.
Craig shared that based on feedback from various groups including Faculty Senate,
the language was changed to state that the IT Governance Council would need to vote
on any change to a standard and that the Council could designate the Research Technology
Subcommittee, the Department IT Subcommittee, and Faculty Senate as reviewers of IT
Security Policies and Standards. Craig also informed the Council that the IT Security
Policies and Standards would be presented to the Faculty Senate Executive Committee
in the afternoon. There was a brief discussion concerning including other groups such
as Staff Senate for feedback. There was also a discussion concerning the timeline
for reviewing standards and providing feedback.
|IT Governance Policies and Standards Process||Vote|
|Chad Brackin||Y (via proxy)|
5. Internet Outage
Craig shared a dashboard to illustrate what happened during the campus internet outage. He explained that prior to the outage LSU had only two recursive DNS servers with Kemp load balancers that normally receive approximately 1000 queries per second. During the outage, the servers were receiving approximately 30,000 requests per second. He explained that the load balancers were unable to respond to the high number of requests and ultimately timing out. He added that network segments were removed from the servers until the problem area was identified. When student Wi-Fi was removed, the problem cleared up. Craig stated that a temporary solution was to have all student traffic point to two additional recursive servers that were set up. He added that should another outage occur, ITS can capture the packets to investigate what is causing the issue. Craig informed the Council that there are plans to remove the Kemp load balancers and replace them with a far more robust solution by the summer. There was a brief discussion concerning a tiered setup with multiple DNS servers. Sumit Jain, ITS, stated that there was no evidence indicating that the issue was a compromised machine launching a denial of service, but added that some machines were discovered there were misconfigured.
6. Adobe Contract Renegotiations
Craig announced that LSU’s three-year agreement with Adobe for their Creative Cloud
products will expire in June. He shared that the University worked with Student Government
and the new three-year contract will cover students in addition to faculty and staff
with a lower price model. Craig added that the student portion would be paid for by
the Student Technology Fee and it would cover up to 15% of the student population.
He stated that if student usage rises above 15%, the University would pay the additional
cost. Craig also shared that he is working with the CIOs of the other LSU campuses
on making the agreement with Adobe system-wide, allowing the other campuses to cover
up to 5% of their students.
7. PM-36 Draft Policy & Standards
Sumit discussed updates that were made to four standards based on feedback from the
Research Technology Subcommittee and from faculty. He shared that additional feedback
was received that would be presented to the Department IT Subcommittee later in the
week. He discussed Policy Statement (PS) 121 Standard 3 – Applications Acceptable
Use. He stated that this standard was also shared with the Digital Resource & Content
(DRC) Committee to ensure that if the standard outlined any exceptions to the software
acquisition (IT100) process, the DRC Committee would be on board. He shared that the
standard was updated to contain specific language concerning the types of open-source
licenses that would be exempt from the IT100 process, which includes open-source software
utilized for individual, non-instructional use. Sumit added that future changes to
the standard may include language related to trial versions of software.
Sumit also discussed changes to PS-124 Standard 1 – Data Classification. He stated that the definition of data was updated to make it clear that the term “data” refers to all University data and not necessarily about and data that may reside on a user’s personal computer, smartphone, or other personal device. Sumit added that the definition of data was updated across multiple policies and standards. He also shared that research data classification language was added to all three columns in Appendix A to show that it can be Confidential, Private, or Public depending on how it is designated by the researcher.
Sumit discussed PS-125 Standard 2 – IT Asset Inventory Management. He stated the standard was updated to make it clear that only IT assets were included. Sumit discussed IT asset inventory tags, as well as the need to establish processes and procedures to document relevant information related to an IT asset. He added that “inventory management system” was removed from the standard since there are multiple ways different departments can meet documentation requirements. He also discussed the need to have a Disaster Recovery and Business Continuity plan associated with any IT asset determined to be a critical system.
Sumit shared that only grammatical changes were made to the Security Awareness standard.
There was a brief discussion concerning how often LSU employees will be required to
complete cybersecurity training. Stephen Beck briefly discussed the NSPM-33 federal
standard and how it could relate to the cybersecurity training requirement. He added
that there will need to be a policy and program in place related to the new federal
standard within the next 18 months. There was a brief discussion on removing the language
related to the frequency of training from the standard until other work happening
on campus has been completed. There was also a brief discussion on the mandate concerning
cybersecurity training and how the new federal guidelines will be applied.
11. Education Technology Subcommittee/Moodle Survey
Wen-Chieh Fan, Instructional Technology Consultant, gave a presentation on new functionality and planned updates to Moodle resulting from a faculty survey sent to LSU users and LSU Online users. He discussed the response overview which was made up of Moodle Support, Quiz Types, FTC Services, and My Course page. He shared that the majority of the responses were positive. He also shared the Moodle tools that were considered the most useful by users, which included Native Moodle Learning Activity, Communication, and Grading. He also shared which tools users felt were the most problematic, which included Gradebook and a lack of communication or training. Wen-Cheih shared suggestions on how to improve FTC services, including offering more training, increasing hours and availability, and offering Zoom and chat help. He shared the action items on improving Gradebook as well as Communication, and shared which improvements are already in-process, including building a new Moodle training course and working with Moodle Development on improving the My Courses page.
9. ITS ITGC Project List/Teams Telephony
Katie Bouey stated that approximately $210K has been spent on physical phones for the Teams Telephony project as well as approximately $36K on headsets. She shared that the migration is 47% complete with a target goal of migrating 200-250 phone numbers per week. She added that the University is on target for an August deadline.