![]() |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
Division of IT
Faculty/Staff Edition, February 2008Emergency Mass Notification System UpdateA devastating F5 tornado has struck the campus. You wonder if classes are cancelled as your cell phone rings. It's a voice message: "Due to the widespread tornado damage, classes have been cancelled. Check mualert.missouri.edu for updates." In case of emergency or on-campus threat, the University of Missouri can notify you (students, faculty and staff on each campus) by voice and text message as well as e-mail. All you need to do is add your emergency contact information to the Emergency Mass Notification System (EMNS). Individuals are responsible for keeping their own information up to date. Faculty and staff should add or update their information in UM Web Applications.
Project to Protect Social Security Numbers UnderwayThe University has initiated the SSN Remediation Project to protect social security numbers (SSN) used in the course of University business. The project's goal is to remove SSNs from all individual databases and store each SSN only once in an encrypted, highly secure vault. The approach is analogous to a coat check service or safety deposit box in a bank vault. Such services accept delivery of an item or object from a customer and securely hold it. In exchange for the item, the service provides the customer with a token in the form of a claim ticket or key. When the customer seeks to recover the item, they present their claim ticket or key; the service retrieves the item and delivers it to the customer or the customer's designee. In the case of the SSN vault, the item secured is a social security number. The University's SSN vault is more restrictive than the analogies above, in that mere possession of the ticket or key is not sufficient to retrieve an SSN. The business process or person seeking the SSN must also prove who they are, and they must be pre-authorized to retrieve the number. To make this work, any University business activity or process that acquires an SSN from an employee, student, customer, patient, vendor, etc., must be altered to place the SSN into the vault. The business process must take the value on the "claim ticket" issued by the vault — an alternate ID number — and save it into the recordkeeping system where the business process had previously recorded the true SSN. Any business process that requires the true SSN thereafter (e.g., tax reporting or foreign student registration) must be altered to submit the alternate ID number to the SSN vault to re-acquire the SSN. In most cases we'll define the security system to limit use of the true SSNs to the government agency requiring the data. The SSN vault and altered business processes improve our overall security posture by reducing the number of data systems holding SSNs. Instead of storing them in dozens of places as we do today, we will have only one place where we must maintain high security. Additionally, access to the vault must be pre-approved, and the vault software will log and audit all retrievals. The end results are that fewer people will routinely handle SSNs, and derivative documents (such as spreadsheets, email messages, and other electronic records) containing data from our administrative databases will not reveal SSNs. The SSN Remediation project began last summer. The first systems to be integrated were the alumni databases for each of the four campuses and the Identity Management system used to manage network logon accounts and electronic mailboxes. The next phase will focus on the Financial, HR, Payroll, and Benefits systems. It is important to note this effort is not solely a technology initiative; it is a complete rethinking of how we use SSNs in our daily business processes. You'll no doubt hear more about the project in the coming months, including in future editions of TechKnowledge.TigerNet Wireless Network to be Removed from ServiceMU currently supports two wireless data networks: TigerNet and TigerNet1x. The Division of Information Technology is planning to remove the TigerNet wireless network at some point in the near future. We have not yet set a date for this conversion; however, users should start using TigerNet1x instead of TigerNet now to ensure a seamless transition. We will support only TigerNet1x after the change. TigerNet uses the WEP protocol for data privacy. WEP has shortcomings:
CMS Puts Web Editing Within ReachMU's Cascade Content Management System (CMS) is a new tool for building, organizing, and maintaining Web sites. The CMS provides a space in which Web designers and managers can create standardized templates for consistent look and feel throughout their sites. Content contributors can then add or modify Web content without needing to know how to use HTML editors such as Dreamweaver. The CMS allows Web managers to:
Web Hosting Migration Project UpdateThe Division of Information Technology's Departmental Web Hosting Service (DWHS) offers reliable Web hosting space to departments and organizations. Many departmental sites have been hosted on Bengal in the past. The Division is working with departments to migrate sites off of Bengal and into the DWHS environment. The DWHS Migration Project team is assisting departments with migration of their sites, while simultaneously cleaning up the Bengal Web server environment. Many sites have already migrated. Benefits of the Departmental Web Hosting Service include minimal site downtime, system monitoring, virtual web hosting, access to technical training, data backup and restore, Web statistics, and more. Linux/Apache, Windows/IIS, and Cascade Content Management System (CMS) configurations are available. Bengal will continue to host individual student, faculty, and staff data and Web sites. For more information, visit the Division of IT's Departmental Web Hosting page. To request migration of a Bengal-hosted departmental Web site to the DWHS environment, please submit a Bengal migration request form.News Bytes
Cold-Weather Tips for LaptopsIt's February in Missouri, and that means cold! It's important to protect not only yourself but also your laptop. Most laptops have a safe temperature range of 50 to 95 degrees, so protecting them from the cold is very important. Here are several tips to help you: Store carefully. Never leave a laptop in the trunk of your car in cold weather, even if it's in an insulated case. If your laptop freezes, you could lose all your data. Let your laptop warm up. After bringing a laptop in from the cold, let it warm up to room temperature before starting it. The display is especially vulnerable. Don't use a heating pad to "thaw" a frozen laptop display! Allow it to warm up on its own before you start up. Use a laptop warmer.... These devices, designed specifically to keep a laptop warm, have been tested for safety and effectiveness and are a good investment. ...but avoid excessive heat buildup. Too much heat is as bad for your laptop as too little. Don't use mug warmers or pocket warmers to heat your laptop! These devices can cause problems if they heat the wrong parts of a laptop and can even melt internal components. Also, don't use your laptop while it's in its bag (or anywhere else that doesn't allow adequate air circulation) — inadequate ventilation can cause the processor to overheat. Change your laptop's power settings. If your laptop uses the "power save" mode, turn it off. A running laptop will stay warmer than one that's asleep, as it generates its own heat.(Source: adapted from Catherine Roseberry, "Top 10 Cold Weather Tips for Laptops", about.com Mobile Office Technology)
OneNote Helps You Collect, Organize, Share NotesNeed to take notes, minutes, gather information, put it in one place and find it later? Microsoft OneNote 2007 is your answer. Microsoft integrated this digital notebook software into the Office 2007 Suite. With its easy-to-use drawing tools, OneNote provides more flexibility when taking notes or minutes than MS Word. Plus, it helps you stay on top of information and tasks you need to get done. Each notebook has its own structure and is easy to search later. Some of the things you can do with OneNote:
IT Rates to Change in FY09In preparation for FY09 budgeting, the Division of Information Technology has extensively reviewed its recharge rates. (See table below.) Many rates have gone down. The table also shows rates for brand-new services, including Voice over IP, Unified Messaging, and Follow Me/Find Me services. If you have questions please contact Nikki Witting at 882-2000 or WittingN@missouri.edu.
Code Analyzer Software Supports Application SecurityThe Division of Information Technology has contracted with IBM to provide software to help campus departments comply with the Application Security Policy. This policy is designed to prevent inadvertent release of confidential or sensitive information, comply with regulatory mandates, minimize risks to users and the institution, and ensure the availability of critical applications. The policy applies to custom applications developed by MU faculty/staff as well as to those acquired from vendors or other outside providers. All applications that use or store University data are subject to this policy, regardless of where the application is hosted. The Division of IT now offers licenses for Fortify Source Code Analyzer. This software helps developers identify threats posed by security flaws in their software. Application developers can run Fortify against their programming code to identify and resolve common errors and security vulnerabilities. Also, developers who utilize Fortify to check their code may be able to reduce the amount of time it takes for the Information Security and Account Management team (ISAM) to perform a security audit on their application. Information about the licensing structure and yearly cost is available on the Division of IT's Fortify Source Code Analyzer page. Direct your questions about the Application Security Policy, the auditing process, or Fortify licensing to isam@missouri.edu.Sprint BCEE Service to EndEffective March 31, Sprint is ending its Business Connection Enterprise Edition (BCEE) service. Sprint BCEE is a wireless e-mail service that enables Sprint PCS mobile devices to work with Microsoft Exchange and other messaging servers. This change will affect only Sprint customers who are BCEE subscribers. Beginning March 31, subscribers' phones will continue to work, but they will no longer get e-mail and calendar updates. Windows Mobile will replace BCEE as the preferred solution for mobile access to e-mail, calendar, and contacts. Please see the Division of IT's Sprint cellular page for departmental and individual customer service information.Computer Purchase Contract UpdatesThe University has two approved vendors of desktop and notebook personal computers for departmental and individual purchase. The existing Dell contract has been extended through 2008, and the HP contract began in October 2007. Departments and individuals may go through TigerTech, the Dell and HP web sites, or the new eProcurement system (Show-Me Shop) to configure and purchase computers using these contracts. The University has also awarded a contract to CDW-G for purchasing computer peripherals (hardware and software). Departments may purchase using the CDW-G web site or the new eProcurement system (Show-Me Shop). For more information about IT contracts available to the University of Missouri, please refer to the UM Procurement Services VPA site. For details about computer purchasing, please see the Division of IT's Campus Desktop Purchasing Program page.February 2008 Oracle/PeopleSoft UpdateRecent progress on Oracle/PeopleSoft implementation at UM:
|