University of California, Berkeley
MINUTES OF THE E -BERKELEY STEERING COMMITTEE
Meeting of November 23, 2004
110 South Hall
Members present: EVC and Provost Paul Gray, Chair, VC Beth Burnside, AVC Ron Coley, Director Jon Conhaim, Assoc. Dean Joseph Duggan for Dean Mason, Acting Controller John Ellis, Joseph Hall, Graduate Student Representative, Dean Ralph Hexter, Director Phyllis Hoffman, Acting VC Steve Lustig, University Librarian Tom Leonard, VC Christina Maslach, AVC Jack McCredie, Director Helen Norris, Chief Administrative Officer Patrick O'Leary for Director Rosemary Kim, Professor Philip Stark , Acting VC William Webster.
Also attending : Patricia Donnelly, Law, Karen Eft, AVCO-IST, Mara Hancock, ETS, Katherine Mitchell, COrE, Director Shel Waggener, CCS - IST.
Welcome and review of minutes
Paul Gray opened the meeting with a reminder that the e-Berkeley Steering Committee has reached its five-year anniversary, and offered e-Berkeley lapel pins to those members who don't have them. He said it is important to maintain the focus on using technology to carry out the university's mission. Paul asked for any corrections to the minutes; they were approved as presented. Paul said the agenda is very interesting; the kind of thing the steering committee is all about, and asked Jack McCredie to present the first topic.
Discussion of security policies for computers connected to the UC Berkeley campus network
Jack said that a new appendix (appendix C) titled "Restricted Data Security Plan Requirements", has been developed for the campus's Minimum Security Standards policy. Jack reported on the campus IT security situation to the Chancellor's Cabinet, and to the Academic Senate COMP committee, making eight specific recommendations, outlined in a handout for today's meeting. He said these points would be presented at the next Council of Deans meeting.
The report was requested by the Cabinet, which was concerned by the August 1386 security breach. This incident involved a computer belonging to a visiting professor connected to the campus network without proper installation of security software. The computer was compromised, and over 600,000 pieces of personal information accessed. Campus Security and Network Services discovered the incident in August, and the Computer Incident Response team determined that there was a high probability that the data could have been taken. The FBI was involved, and for some time delayed the notification sent to those affected. However, recently the Department of Social Services, as the body licensing the data to the professor, posted a notification on their website. Jack said this is the kind of incident that everyone hopes won't happen, but stressed that there will be others. Jack said that steps can be taken to avoid most incidents; analysis of these incidents has shown that most leaks have occurred on systems where unnecessary information was stored, and where the computers were not compliant with the minimum security standards. He believes the breakdown has been in the management of the computing environment.
Jack said the Cabinet directed that the eight recommendations listed in Jack's report be acted upon, and he said this is being done. One new measure is a status check on campus systems' compliance to take place February 1 st , in advance of the deadline for reaching the basic security standards in late spring. Some systems will never be capable of compliance and will be identified as needing upgrades or replacement.
The draft Appendix C previously referred to was handed out at the meeting. Jack said it represents an extension of the Minimum Security Standards, and applies to those systems handling restricted data. Jack introduced Karen Eft, IT Policy Manager, who coordinated the work done on Appendix C. Karen explained that the Minimum Security Standards were developed first to ensure that basic information was distributed to campus departments before work on the standards for handling restricted data was begun, since these requirements are more complex and involve a security plan to protect data restricted by law or policy as specified by the Berkeley Campus Provisional Data Management, Use, and Protection Policy (DMUP). Karen said that Appendix C would be reviewed by campus IT groups to gain feedback, and asked for comments from the steering committee. Jack added that the campus Internal Review Board (Committee for the Protection of Human Subjects) has also been writing policy for restricted data, which will not need approval due to federal mandates governing research data. Jack asked that steering committee discuss how best to proceed with the approval process for Appendix C.
Paul asked whether COMP had reviewed the document, and Jack replied that they have seen it, but have not sent their comments. Philip said most people on campus don't know about the policies, and questioned the urgency of putting them in place. Jack stressed the need for departments to assess their computing systems in the light of some of the incidents that have occurred, and stated that these policies establish guidelines for compliance. The problems inherent with wireless transmission and laptops' vulnerability to theft were discussed. Paul asked what steps would follow provisional adoption of Appendix C by the steering committee; Jack replied that the document would be used to assist those who ask for assistance in taking steps to protect secure data. Karen added that the appendix includes a list of topics that need to be included in a security plan, but even more importantly, examples of security plans will be provided. Paul asked whether anyone had an objection to adoption; there were none, and the steering committee agreed to adopt the Appendix C.
Presentation on the Web-based Grade Book Pilot
Mara Hancock provided background information on the Grade Book Pilot, developed from ideas generated at the Spring 2003 e-Berkeley Symposium on large enrollment courses. The goal behind this project is to "ease the administrative burden" of these courses for instructors and GSIs. The Grade Book will make it easier to handle grades, and will contribute to the LMS. Educational Technology Services has been working to find alternatives to vendor packages, and has joined Sakai, the open source organization developed by several major universities.
Mara said the design for the Grade Book was developed from surveys of UCB faculty and students, with functional requirements passed through a faculty advisory group. The application was developed in collaboration with SIS, and tested with MIT. The pilot startup of 13 courses was begun in the fall. Mara described future development of the Grade Book system, with a diagram showing its relationship with CourseWeb and eGrades. Details on basic project assumptions were outlined in Mara's presentation, providing a conceptual view.
The Grade Book pilot was presented in a handout, describing the project scope (13 courses taking part in the pilot with grade book access for approximately 2500 students), roles, parameters, and limitations. The handout defined the types of grade book modes used in the system (manual and auto-calculated). Mara demonstrated the system, showing the complexity of layers that can be accessed, how to enter grades, and communicate with students. Katherine Mitchell asked what features faculty has found most useful; Mara replied (1) section management; (2) seeing grades as they go; (3) no version control needed. Christina Maslach added that there is a real savings of GSI time. The presentation was very well received by the steering committee.
Information Technology Strategic Planning: Timelines & Outcomes
Katherine Mitchell presented an update on the Strategic Planning process. She distributed a handout showing the Timeline and Outcomes during 2004-05, and said that Phase I had been completed in Spring 2004 with the following outcomes:
• UC Berkeley IT Guiding Principles developed and adopted by the Steering Committee
• Five Critical IT Issues identified by cross-campus groups
• COMP survey of academic department chairs performed to ascertain status of faculty computing
Phase 2 accomplishments during the summer and fall 2004 include further work on the following three critical issues:
• Teaching and Learning Environment/IT: urgent classroom needs identified by the Teaching and Learning Initiative sponsored by VP Maslach
• IT Supporting Research: COMP and VCRO members working with VC Burnside to identify Research IT needs
• Customer Demand for Security, Reliability and Access: Information Technology Architecture Committee (ITAC) reporting on current situations, goals and actions. Draft ITAC Critical Issues Documents posted at http://itac.berkeley.edu:4259/ITAC/
Katherine also referred to the current e-Berkeley Steering Committee sub-committee structure "tune-up" as a current development in IT planning.
In Spring 2005, IT-related campus committees and leaders will meet starting in January to discuss the priorities and begin to investigate funding, governance and structure in relation to IT strategic goals.
Katherine handed out a draft "IT Strategic Planning for Research at UC Berkeley: Categories and Issues" (identified at the May 12, 2004 COMP meeting), and asked Beth Burnside to comment on topics regarding IT support for research. Beth said she was interested in the idea of providing a "vanilla" or fundamental level of IT service across campus, which would solve many problems in addition to being cost-effective. She said there would be further discussions directed toward definition of this kind of service. Another topic of interest is high-performance computing, which Berkeley will most certainly need in order to handle research involving large databases. Beth also mentioned the need for data stewardship; she said the question arose of what can be done with the data generated by research; is there a way to keep the data accessible such as in a library, yet secure? Beth remarked that the collaboration and interaction between universities throughout the world is also an area that will significantly affect an IT plan regarding research needs.
Bill Webster asked whether the issue of providing computing service has been part of these discussions, and both Beth and Jack replied that this is a major part of the topics being addressed in IT planning meetings. Tom Leonard asked Jack whether other institutions were considering a strategy similar to the "vanilla" level. Jack replied that UC Santa Barbara provides a base level service of hardware/software support, which has required a reorganization of their IT structure on campus. Jack also described the University of Texas' model of offering a career path for staff as technical computing support. Jack said the plan to have our campus committees work on these issues has been working very well. He said the system-wide IT Leadership Council will meet with VCR's at their meeting in February at UCOP to collaborate on IT/Research topic.
Update on the BFS upgrade
Helen Kelly provided highlights on the BFS upgrade from 7.02 to 8.8, a web-based version of Berkeley Financial System (BFS), estimated to occur in April 2005. Helen reported that new hardware has been implemented to support the 8.8 environment, and an upgrade to the mainframe operating system has been accomplished. Helen said that communication regarding the upgrade will be through campus demos with key campus users and a website at http://bfsupgrade.berkeley.edu . Web-based and classroom training will be available as soon as the upgrade is complete. Improved functionality in processing will be the welcome result of the upgrade. Questions may be addressed to bfsbairs@berkeley.edu.
E-Berkeley Sponsorship Program
Jon Conhaim announced that the e-Berkeley Project Sponsorship Workshop will be held from 8:30 a.m. to 12:30 p.m. on Friday, December 10. He handed out a detailed description of the course. It is designed to help project sponsors analyze their methods of managing people, think creatively about their projects and current problems, and benefit from the interaction with other sponsors. The workshop will be led by Alex Walton, who has led successful campus project management training courses. Jon asked for recommendations for participants in the course.
Announcements
Jack McCredie said that the sub-committee governance structure will be looked at in the Spring as the planning process goes forward. Jack has met with Katherine, Jon, Helen and Christina to work with charter changes, but the group has not come to a full agreement on changes. Jack said the sub-committees continue to work very well, and that the chairs of the sub-committees will be asked to provide the agenda items for future e-Berkeley Steering Committee meetings.
The meeting was adjourned at noon.
______________________________________________________________________
Next Meetings
Monday, February 28, 2005, from 2:00 - 4:00 p.m. in the Chancellor's Conference Room, California Hall
