Committee Meeting - January 21, 2016

Darren Bondy
Secretary to the Committee
January 26, 2016

Present: 

Bruce Campbell (Chair), Darren Bondy (Secretary), Trevor Bain, Steven Bourque, Andrea Chappell, Marko Dumancic, Erick Engelke, Dave Gawley, Bob Hicks, Dawn Keenan, Robyn Landers, Paul Miskovsky, Carl Nagel, Jason Testart

Regrets:

David Kibble, Sati Singh

Agenda

  1. Chair’s remarks [5 min.]
  2. Approval of the minutes of the meeting of November 26, 2015 [5 min.]
  3. Endpoint security (Jason Testart) [30 min.]
  4. LearnLocker (Erick Engelke) [15 min.]
  5. Voting/prioritizing CTSC agenda topics [20 min.]
  6. Other Business [5 min.]
  7. Roundtable discussion – all [15 min.]
  1. Next CTSC Meeting

[Will be held Thursday, February 4, 2016, at 1:30 p.m., in EC2 111.]

Chair’s remarks

  • LearnLock agenda item was added recently; Software licensing topic will be discussed at the next meeting.
  • Will not have a roundtable report at this meeting; multiple members need to leave a few minutes early.
  • If anyone is interested in knowing more about the Student Email in the Cloud RFP, you can stay after the meeting to sign a waiver and be provided with an update.  

Approval of the minutes of the previous meeting

The minutes from the meeting on January 7, 2016, were accepted as distributed.

Endpoint security (Jason Testart)

Jason Testart presented on Endpoint security. Topics included:

  • What is an “Endpoint”?
  • Threats to endpoints
  • Security best practices
  • Consensus: Top endpoint controls
  • How are we doing?
  • About Secunia
  • What about anti-virus?
  • How does HIPS rank?
  • Email security gateway
  • Current investigations
  • Interim plans
  • Future plans

View the full presentation on Endpoint security (PDF).

Comments & discussion

  • What about unmanaged clients?
    • We will need to create a webpage to communicate what they should be doing for anti-malware.
    • Unmanaged Microsoft machines come with anti-malware solutions.
    • SCEP works as a standalone device.
  • Will we ever get to a point where we have stopped the phish scams?
    • Hopeful that email security will help with that.
    • Browser security has also improved to be able to notify when you land on a phishing site.

LearnLock (Erick Engelke)

Erick Engelke presented on LearnLock. Topics included:

  • Multiple options for exams
  • LearnLock overview
  • How it works
  • Features
  • Compared to other software
  • Compared to firewalls

View the full presentation on LearnLock (PDF).

Comments & discussion

  • Are there any gaps in this?
    • No Mac integration.
    • Cannot lock down to a specific webpage.
  • How do you handle embedded content?
    • Will appear as a broken link; just a white area on page.  
  • You can also whitelist applications to prevent certain apps from being used.
  • Have not tried the compatibility with LEARN integrations like MapleTA; if we knew it was needed in advance we could allow access to it. 
  • Can you implement different types of lock and unlock? It’s just a text file, we can make some variances to lock in different ways.
  • ONA will still get used by certain groups for other purposes so it won’t go away; but most groups will likely move to Erick’s tool once it becomes available.

Voting/reprioritizing CTSC agenda topics

Members voted on potential topics for future meetings. The results are as follows:

  • Campus/Enterprise Storage Strategy (ie. Internal “cloud”, shared services, tiered services) - 13
  • Out-of-faculty/unit collaboration: how do we support the selection and use of technology when it involves multiple faculties (eg. The Games Institute) or institutions (eg. TUG libraries, UW/WLU joint programmes)? -13
  • Change Management: publicizing of change that may effect other UW constituents - 13
  • Review of Faculty strategic plans - 12
  • Software development (in progress) - 10
  • How do we learn what others do for a specific IT activity? How do we efficiently communicate what we are doing? - 10
  • Operational Level Agreements (OLAs) - 10
  • Bring Your Own Device (BYOD) - students being encouraged or required to use their personal devices in classes/teaching spaces - 9
  • Asset Management update - 9
  • Digital Signage demo/update - 8
  • Public Documentation of CTSC conclusions - 6
  • Instructional Software - 5
  • Student lab support - 2

Volunteers are needed to champion these topics and they will be scheduled for future meetings.

Other business

  • Had an issue with high CPU traffic on the Firewall; we continue to investigate this issue.

Roundtable Reporting

Due to time constraints there was no roundtable report.

Next meeting

The next meeting will be held on February 4, 2016 at 1:30pm, in EC2 111.