November 2022 Agenda
Meeting Date: November 8, 2022
Time: 10:30 am - 12:00 pm
Remote Attendance: Melanie Thornton, Craig Woolley, Mo Carney, Elahe Russell, Chad Brackin, Robb Brumfield for Andy Maverick, Tommy Smith, Kappie Mumphrey, Matthew LaBorde, Peter Trentacoste, Julie Perkins, Rudy Hirschheim
Presenters: Sumit Jain, Katie Bouey, Robin Ethridge, Eric Pergola, Stephen Beck
Others: Stephen Heyward, Susan Crochet, Lesa Jeansonne, Jason Normand, Ric Simmons
Absent: Sandi Gillilan, Alexandra Basse, Bret Collier, Jacqueline Bach
1. Administrative Announcements
2. Approval of the Minutes from the Meeting held on September 20, 2022
3. PM-36 Draft Policy & Standards [Sumit Jain]
4. Workday Student Project Update [Craig Woolley]
5. Security Operations Center (SOC) [Craig Woolley]
6. Encryption of Devices [Eric Pergola]
7. Modern Campus and AWS Connect [Kappie Mumphrey]
8. ITS ITGC Project List/Teams Telephony [Katie Bouey]
Updates: Sub-Committees & Working Groups
9. Research Technology Subcommittee [Stephen Beck]
10. Information sharing/Announcements [All]
11. Suggested agenda items for future meetings, including ITS topics of interest [All]
12. Next steps/Follow-up items [Chair]
November 2022 Minutes
1. Administrative Announcements
Craig Woolley announced that the Executive IT Governance Council has a meeting scheduled for November 29th.
2. Meeting Minutes Approval
September meeting minutes were approved with no revision. Motion to approve by Elahe Russell; second by Melanie Thornton.
3. PM-36 Draft Policies & Standards
Sumit Jain, ITS, discussed the Application Security Policy Statement, including Secure Application Development, Application Security Review, and Cloud Application. He stressed the need for implementing security in layers so that one vulnerable aspect does not impact the entire application. There was a brief discussion concerning security reviews on software being developed. Sumit also discussed the Network Security Policy Statement, including Network Architecture, Network Firewall Devices and Appliances, and Remote Access. He also discussed the Network Architecture Policy Statement, including Network Design, Zones, and Network Management. There was a brief discussion concerning feedback on the policy statements. Craig Woolley shared that he would like to obtain faculty input on the policy statements ahead of the Academic Affairs review process. Sumit discussed the Intrusion Detection/Prevention Systems Policy Statement as well as the Policy Statements on Remote Access, Wireless, and Cloud Based Network. There was a brief discussion concerning wireless access points as well as exceptions to the policies.
4. Workday Student Project Update
Robin Ethridge, ITS, gave a demonstration of the first Workday Student implementation tenant. She announced that the planning stage has been completed and the University has entered the architect and configure stage for Cohort 1 (LSU A&M and LSU-Eunice). She shared that Workday populated the implementation tenant with three years’ worth of baseline data including programs of study, course catalog information, course sections, student personal information, and matriculations. She also informed the Council that naming conventions are still being worked on. There was a brief discussion concerning the implementation timeline.
5. Security Operations Center (SOC)
Craig Woolley announced the planning phase of implementing a Security Operations Center (SOC) which will allow the University to proactively identify, manage, and remediate security events and incidents. He discussed the Security Information and Event Management (SIEM) software which will generate an alert that activity has been detected. He stated that SIEM sends messages to an outsourced Managed Detection Response (MDR) who evaluate the ticket and determine whether the incident is actionable or a false positive. He also shared that playbooks can be set up to perform certain tasks automatically. Craig announced that in keeping with the Defense priority of President Tate’s Scholarship First Agenda, the SOC would employ LSU students with the MDR company providing the same training they provide to their employees. He added that the University will receive a discount proportionate to the number of incidents solved by students in the SOC, and the students will receive valuable work experience. Craig shared that the SOC will be set up in a way that can be replicated throughout the state and at other Higher Ed institutions. He also shared the possibility of offering enhanced Endpoint Protection Services, Academic Engagement, and Research Engagement.
6. Encryption of Devices
Eric Pergola, ITS, gave an update on Encryption of Devices. He shared that devices must be encrypted in response to an LSU Internal Audit finding regarding compliance with specific regulations such as FERPA and GLBA. He shared the project timeline which began alpha testing on ITS devices in July 2021 and began offering encryption as a service to departments in July 2022. Eric also discussed System Center Configuration Manager (SSCM) software being offered to departments which allows management of desktops across campus on the LSU domain. Eric stated that SSCM must be installed on devices in order to push encryption to those devices. He announced that 63% of devices on campus have SSCM installed as of October 2022. He shared that department-specific reports can be generated and made available to Technology Support Personnel (TSPs). He added that TSPs will have the ability to generate a report to retrieve encryption keys, and stated that they will only be able to access information for their respective departments.
7. Modern Campus and AWS Connect
Kappie Mumphrey, LSU Online, shared that Continuing Education currently uses Jenzabar to register and pay for courses. She announced that Jenzabar is being replaced by Destiny One, which will go live on November 29th. She added that their contact center software will be switched to AWS Connect. Craig Woolley added that three other units have already switched to AWS Connect.
8. ITS ITGC Project List/Teams Telephony
Katie Bouey, ITS, reminded the Council that once a user gets migrated to Teams Telephony, they will see a dial pad on their Teams client, as well as their assigned phone number. She also briefly discussed several features of Teams dialing and shared statistics regarding equipment purchases. Katie announced that the project is 15% complete with nearly 1500 phone numbers deployed and 18% of faculty and staff migrated. She also shared which departments have already been migrated and which departments have upcoming rollouts. Katie shared that Mainframe Data Transition, Reports, and Decommission is taking place alongside Workday Student and announced that LSU is utilizing a master services agreement to have demonstrations of different products conducted for the Identity Access Management (IAM) project. She shared that the goal is to have procurement for the selected product take place in fiscal year 2023, with implementation in fiscal year 2024.
9. Research Technology Subcommittee
Stephen Beck, Chair of the Research Technology Subcommittee, announced that the group met at the end of October. He shared that the subcommittee has representation from faculty and staff who are both supporting research and conducting research. He stated the subcommittee is focused on campus issues pertaining to research such as infrastructure requirements and availability of tools for researchers. He added that the subcommittee will also begin to identify technologies that are becoming impediments. He also shared that they concluded the meeting by identifying things that they though were working really well such as the High Performance Computing (HPC) facility and library efforts in support of data management planning.