Committee meeting - July 23, 2020

Carol Lu  
Secretary to the Committee  
July 23, 2020  
  
Present: Don Duff-McCracken, Jason Testart, Lori Paniak, Paul Miskovsky, Pratik Patel, Steven Bourque, Andrew McAlorum, Robyn Landers, Bill Baer, Trevor Bain, Dave Kibble

Guest: Joe Allen

Regrets: Andrea Chappell, Daryl Dore, Erick Engelke, Greg Smith, Adam Savage

  
Agenda  

1. WatIAM outage discussion (Lori Paniak) [5 min.]
2. Presentation: OneDrive advocacy project update (Joe Allen) [20 min.]
3. Chair’s remarks (Steven Bourque) [5 min.]
4. Approval of the minutes of the meetings of Thursday July 9, 2020 [5 min.]
5. Email Threat Protection RFP (Steven Bourque) [5 min.]
6. Gitlab discussion (Lori Paniak) [10 min.]
7. Update on O365 email migrations for faculties (Andrew McAlorum) [5 min.]
8. Other Business [10 min.]
9. Roundtable discussion – all [20 min.]
10. Next CTSC Meeting
    [Will be held Thursday August 6 at 1:30 p.m. via Teams Meeting]
     

WatIAM outage discussion (Lori Paniak)

• Jason Testart provided additional email regarding the WatIAM outage via email to the CTSC mailing list
  • Root cause was a bug in Sailpoint IIQ that has existed for a long time. The software was trying to fetch data from a file that did not exist; instead of an error, it just calls it NULL and writes that back to the database.

Comments and discussion

• Database corruption occurred in the afternoon on Monday, July 20
  • Any changes made between July 20 and July 21 were lost
• There isn't a clear idea of how disruptive this outage was to the average campus user
• Seven accounts were identified in an 'error' state; these users were notified directly
  • Mostly CEL and Quest applicants
• It was quicker to go to backups instead of trying to reverse the issue
  • Half of the recovery time was the WatIAM batch process
• WatIAM has a lot of redundancy built in 
  • At least four servers that process for WatIAM, but there is only one database
  • The WatIAM database is not designed for redundancy
• In the future, it may help to move certain processes outside of WatIAM to improve resiliency (e.g. user password changes, adding password recovery emails)
  • If WatIAM starts having more outages and being more disruptive, this can be further investigated
• WatIAM uses Microsoft SQL database
  • DPM backups are used for most SQL databases
  • Database snapshots might be better for restoration than backups

Presentation: OneDrive advocacy project (Joe Allen)

• Joe Allen gave a presentation on the OneDrive advocacy project 
  • Project purpose is to promote the use of OneDrive; plans to do several presentations (e.g PDAG, WatITis, Q&A seminars)  

Comments and discussion

• Arts is aiming to have all first year students using OneDrive instead of the N drive by Fall 2020 
• AHS completed a Known Folder Move for faculty and staff in December 2019
• Can highly restricted data be stored on OneDrive?
  • Highly restricted data can be stored on OneDrive if you have 2FA enabled
  • Secure data guidelines/resources from IST: 
    • https://uwaterloo.ca/information-systems-technology/about/policies-standards-and-guidelines/security/guidelines-secure-data-exchange-choosing-information
    • https://uwaterloo.ca/information-systems-technology/services/microsoft-office-365-education/matrix-content-storage-solutions
    • Math is developing similar guidelines for the department's different storage solutions
  • Are there any restrictions against syncing your University OneDrive to a non-University owned computer? 
    • Full disk encryption for your personal computer is required if you have highly restricted or confidential information stored; using a University-owned computer is the preferred option
    • OneDrive has a files on demand feature
      • You can store your personal, non-sensitive data on your computer locally
      • Highly restricted files can be kept in the cloud and not stored locally on your computer
  • For shared group access: if one user makes a mistake could it wipe out the entire group's data? 
    • You can restore a previous version of the data if a user makes a mistake
    • Issues regarding departmental drives are a separate matter that will be addressed in the future

Chair's Remarks (Steve Bourque)

• UCIST had a discussion about expanding CTSC membership to include Affiliated and federated institutions of Waterloo (AFIW)
  • Greg Parks will be joining CTSC to represent the University Colleges

Approval of the minutes of the previous meeting

• The previous meeting’s minutes were accepted as distributed.  

Email Threat Protection RFP (Steve Bourque)

• RFP has been rewarded to CompuCom (vendor for Cisco Email Security) for a 3-year term
• Cisco Email Security will be provided for staff, faculty, alumni and students
  • Microsoft does not have a solution for licensing alumni beyond the free option at this time; feedback has been given to Microsoft regarding their alumni licensing limitations
  • Came down to price point; Cisco had the best price
  • Offers an 'unsubscribe' feature and graymail feature
• PO should be going out this week 
• Cisco Email Security is expected to be activated October 2020 
  • TIS will go through the regular testing and deployment procedures first
• ProofPoint will still be in place until January 2021

Comments and discussion

• Any concerns that ProofPoint will blacklist the University for no longer being a customer? 
  • Not likely since the University does not have a reason to be blacklisted
• In regards to mail routing: how will Cisco Email Security be routed? 
  • Cisco Email Security is cloud-based
  • TIS is still coming up with the routing design; this will be discussed at a future CTSC meeting

Gitlab discussion (Lori Paniak)

• Follow-up to Daryl Dore's email to CTSC regarding the use of Gitlab
  • Email stated Gitlab is running out of user storage space
  • Is it possible to add more storage instead of asking users to limit their Gitlab usage? 

Comments and discussion

• The Games Institute is looking for large file support in Git
  • Users store game assets and other large files in Git
• Daryl's email was in reference to a small number of users taking advantage of Git storage (e.g using Git to store backups and large binary files)
  • The purpose of the email was to raise awareness among CTSC members and to garner support for maintaining appropriate usage for Git
  • Users should be storing backups and large binary files in OneDrive
• Steve to follow up with Daryl re: Git large file support
• The University should not try to create artificial scarcity and limit the usage of resources like Git
  • Most users will not meet or exceed storage limits
  • Maybe a disclaimer banner can be added to the login page to inform users not to misuse Git?
  • Maybe a cost/charge to users can be introduced if they exceed storage limits?
    • May be difficult and labour intensive to set up a billing system
  • Hard limits/quotas could be set for each user

Update on O365 email migrations for faculties (Andrew McAlorum)

• Migrations are going well; Academic Support unit migrations are expected to be complete by the end of the Spring term
• Starting to plan for Faculty migrations; faculties will start being migrated in the Fall term (September 17)
  • Lisa Tomalty is putting together a migration schedule
  • Plan is to migrate all users in a department together; departments will move one at a time
• Accounts are being migrated every Thursday
  • Currently 500 users max. per migration 
• Some initial issues during the piloted migration with IST (e.g. OAuth, Thunderbird); there have been no major issues with any subsequent moves

Comments and discussion

• Environment's MAD team migration went well 
• Non-Windows platforms may have challenges (e.g. may need to reload Outlook on Mac)
• Some faculties/departments may want to migrate after September 17 since it is a busy time during the term
  • Faculty schedule has not been finalized yet
• Faculties interested in moving early can submit a request to rt@uwaterloo.ca
   

Other Business/Roundtable

WUSA (Pratik)

• Currently compiling a list of users to migrate to Skype phones
• What will the migration process for service phones look like? 
  • A lot of student groups have service phones
  • This will be discussed more in the future; the current focus is on individual user accounts
  • Announcement was made in the Daily Bulletin asking staff to get in touch with their IT account reps to learn more about the process for special phone circumstances

Environment (Don)

• Setting up Skype phone migration for next Monday
  • Migrating most users but not the help desk phones yet
• Migration turnaround is currently very quick - will this continue to be the case for future migrations? Would it be possible to complete all department migrations by September? 
  • There is no guarantee on how fast the turnaround will be; this will depend on the availability and schedule of the Skype team

AHS (Trevor)

• CEL created a useful resource for choosing a screen recording tool
  • https://contensis.uwaterloo.ca/sites/open/resources/CEL-ORR/toc/modules/screen-recording.aspx#choosing
• Screencast-o-matic is a popular, inexpensive option 
  • Easier to learn than Camtasia
• IST created a useful resource for choosing a remote meeting tool:
  • https://wiki.uwaterloo.ca/display/ISTKB/Tool+comparison+for+remote+meetings+and+conference+call
  • Chart indicates WebEx is a recommended team collaboration space
    • Can we clarify if this is accurate? Isn't Teams the recommended collaboration space?
    • Chart has been updated to specify that WebEx is a recommended team collaboration space for teaching and learning

Arts (Bill)

• Already moved three groups over to Skype phones 
  • IST has been looking over the data to ensure nothing is missed (e.g. clarifies and asks how certain phones should be rerouted)
  • It might be a good idea to offer a one month reroute window to give people time to update their phone number information on websites and other directories
    • Advancement is looking to avoid missing any funding phone calls
• Testing Azure Lab Services, remote Windows in Toronto, Quebec, and US East
  • Has been fast overall; US East latencies are reasonable in comparison to the Canadian sites
  • Testing is for Adobe Creative Cloud which does. not work well through remote desktop
    • Initial testing with Stratford campus and Fine Arts has gone well so far
  • Majority of users will likely be Arts students, may be a small subset of Environmental Studies students
    • Looking at 400-1500 licenses
    • Contact Bill Baer for more information

Client Services, IST (Andrew)

• Offering Microsoft Bookings app as a pilot
  • Requires Exchange Online; users need to be migrated to Office 365 email before using Bookings
  • Access to Bookings is not enabled for all users; access is being given on a request-only basis
  • Tool can be used for appointment booking (e.g. office hours, academic advising)
    • Housing is currently using Bookings to schedule student residence move-in appointments
    • WatCard is using Bookings for service appointment bookings