2004/2005 Annual Report - Services and Support - Cornell University
2004/2005 Annual Report - Services and Support - Cornell University
2004/2005 Annual Report - Services and Support - Cornell University
Create successful ePaper yourself
Turn your PDF publications into a flip-book with our unique Google optimized e-Paper software.
Information Technologies Leadership<br />
Goal<br />
Provide IT leadership: OIT <strong>and</strong> CIT<br />
provide leadership to <strong>Cornell</strong> in the<br />
IT security, policy, <strong>and</strong> architecture<br />
arenas <strong>and</strong> in those areas where<br />
emerging partnerships <strong>and</strong> technologies<br />
are of strategic interest to the<br />
university. We seek to share our leadership<br />
experiences in these areas with<br />
peer universities.<br />
Progress<br />
• Information Technology Managers<br />
Council<br />
• Data-centric security<br />
• Incident response<br />
• Password complexity<br />
• GuestID<br />
• Update on EzraNet<br />
• Customer Service Strategic Review<br />
• Lab Management Conference<br />
• Policies <strong>and</strong> policy education<br />
Working together to meet<br />
<strong>Cornell</strong>’s IT needs<br />
itmc.cornell.edu<br />
In Sept. <strong>2004</strong>, Sunny Donenfeld joined<br />
us as director of distributed support.<br />
Among his first tasks was to launch the<br />
IT Managers Council, a new advisory<br />
board comprised of one representative<br />
from each college, major administrative<br />
unit, <strong>and</strong> CIT area. The impetus for<br />
the ITMC came from the IT workforce<br />
planning recommendations of 2003.<br />
The 36 ITMC representatives meet once<br />
a month to discuss technical issues from<br />
a strategic point of view, concentrating<br />
primarily on the IT workforce planning<br />
recommendations. In addition, ITMC<br />
committees work to make tangible improvements<br />
in areas such as IT professional<br />
development, software acquisition,<br />
<strong>and</strong> IT support practices.<br />
<br />
Dan Adinolfi (left), Steve Schuster, Mark Scannapieco, Glenn Larratt, Wyman Miles, <strong>and</strong> Tom Young manage<br />
the security of <strong>Cornell</strong>’s data networks.<br />
As a new group charting new territory,<br />
the ITMC has spent part of its first year<br />
discussing how to function most effectively.<br />
Communication <strong>and</strong> underst<strong>and</strong>ing within<br />
<strong>and</strong> among the units have already improved<br />
as have the connections <strong>and</strong> trust felt<br />
within the ITMC.<br />
Other first-year accomplishments include<br />
identifying <strong>Cornell</strong> IT professional<br />
training needs <strong>and</strong> delivering on-campus<br />
technical training; identifying <strong>and</strong><br />
publishing “best practices” for desktop<br />
support; recommending improvements<br />
for the software licensing process; <strong>and</strong><br />
discussing how CIT can improve how it<br />
communicates with IT staff.<br />
Guarding the university’s data<br />
www.cit.cornell.edu/security<br />
Our top priority in security this year was<br />
institutional data: What data do we need<br />
to worry about? Where does it come<br />
from? Where does it go? Who accesses it<br />
<strong>and</strong> how?<br />
Legislation regarding the university’s obligations<br />
to protect certain types of data,<br />
as well as several incidents of data loss<br />
at other institutions, were our primary<br />
driving forces. A new component of our<br />
st<strong>and</strong>ard response when a departmental<br />
system has been compromised is to determine<br />
whether any institutional data may<br />
have been put at risk.<br />
A key strategy this year was improving<br />
security at the desktop level, typically the<br />
weakest link among higher-education<br />
institutions. We are urging everyone in<br />
the community to run a client firewall,<br />
at least the one provided with their<br />
operating system, or for people running<br />
Microsoft Windows, the stronger firewall<br />
provided as part of the site-licensed<br />
Symantec Client Security suite.<br />
We also took a tough st<strong>and</strong> on spyware,<br />
drawing national attention from Oct.<br />
<strong>2004</strong> through May <strong>2005</strong> as we took<br />
measures to prevent Marketscore from<br />
gathering web traffic details (including<br />
SSL-encrypted traffic) from campus<br />
computers. Our technical analysis of<br />
Marketscore benefited other highereducation<br />
institutions, <strong>and</strong> our technical<br />
maneuvering safeguarded the data of<br />
<strong>Cornell</strong> faculty, staff, <strong>and</strong> students while<br />
we helped the community underst<strong>and</strong> the<br />
real risks of spyware.<br />
As part of that effort, we evaluated antispyware<br />
solutions <strong>and</strong> began supporting<br />
two no-cost packages for all Windows<br />
users. For departments that want a managed<br />
solution, we coordinated a group<br />
purchase of Webroot’s Spy Sweeper. In<br />
June <strong>2005</strong>, a new version of Symantec<br />
AntiVirus that also detects <strong>and</strong> removes<br />
spyware was released to campus.