Research and Educational Technology Committee
Meeting Agenda
Thursday, February 20
8:00 – 9:15 a.m.
FAC 228D
I. 8:00-8:30 Easy Chair Software – Demo (Matt Lease)
II. 8:30-8:50 Commodity Server Policy – Discussion (Brad Englert)
III. 8:50-9:15 Plagiarism Detection Tool – Introduction (Mario Guerra, Dennis Klenk)
1
Commodity Server Policy
Overview
As a result of a recent external security review, the UT Austin Information Security Office has requested and received approximately $3M in funding
from UT System. This funding was specifically approved to address decentralized risks by reducing the financial barriers to adoption for existing
central backup, colocation, and virtualization services.
Goals
The UT System funding was approved with the condition that 1,000 new physical or virtual systems be migrated to central services by September 2014
– with a heavy focus on academic and research units (preferably 75% of the customer base). Additionally, at least 80% of UT Austin faculty members
are to be backed up by September 2014. 11 months into this challenge, the university has reached 35% of the system migration goal (or 345 servers)
and 94% of the backup goal (or approximately 2,350 faculty devices backed up).
Growth of Services Over Time
COLO
UT-V
UTBACKUP
TOTAL NEW SERVER GOAL OF 1000
3450
3297
2990
3088
3123
2818
2460 2715
2200
2441
1680
792
788
737
127
803
820
802
781
621
667
680
719
592
578
502
803
145
755
737
748
766
785
775
809
185
345
312
264
261
243
248
0
2012-JUL 2012-AUG 2012-SEP 2012-OCT 2012-NOV 2012-DEC 2013-JAN 2013-FEB 2013-MAR 2013-APR 2013-MAY 2013-JUN 2013-AUG 2013-SEP
2
Observations
1.
The UTBackup initiative has been roaring ahead with excellent distributed uptake from across campus. Even large standalone backup services
run by Liberal Arts and Education will be migrating to the central UTBackup service within the next year. This initiative has been a good
example of a customer-controlled service that is widely successful and appreciated by faculty.
2.
Adoption of data center colocation and server virtualization services has remained quite low even after prices were dropped significantly based
on UT System subsidies. The following are factors for the low adoption rates:
a.
Campus units believe they will lose control/quality or IT positions could be cut if they elect to physically migrate servers to the
University Data Center or leverage ITS virtualization services.
b.
Even though pricing for co-location and virtualization services is lower than any other market, many campus units are not willing to
take on any new costs. For many, the tangible costs of hosting services locally are obscured or are not clearly understood.
c.
ITS’ virtualization provisioning processes are cumbersome and should be further streamlined to more closely align with similar cloudbased offerings (e.g., Amazon).
Recommendations
1.
ITS should consider extending additional administrative actions to customers, which are considered common features (e.g., snapshotting of
system images).
2.
ITS should consider establishing customer liaisons for server virtualization to ensure the onboarding process goes as smoothly as possible for
new customers.
3.
Executive leadership should begin requiring campus units to co-locate or virtualize commodity IT servers (e.g., web, e-mail, storage, database)
to the University Data Center or to otherwise coordinate with Information Technology Services. Campus units could qualify for exceptions in
the event that locating services within the University Data Center would present an unreasonable negative impact to research or business
operations.
a.
Exceptions will be reviewed and approved by the CISO.
b.
Disagreements regarding exceptions will be escalated to senior management for the respective unit.
Current section of the UT Austin Information Resources Use and Security Policy:
3
5.23. System Hardening
Systems are used to process and transmit information and services throughout the university. Information and services must be processed and transmitted
securely and reliably to assure that data confidentiality, integrity, and availability are preserved.
5.23.1. All systems must be installed and maintained in accordance with the Minimum Security Standards for Systems to minimize service disruptions and
prevent unauthorized access or use.
5.23.2. The Information Security Office shall provide specific Hardening Checklists for common operating system platforms and devices.
[Proposed modifications to require usage of University Data Centers and ITS Virtualization services]
5.23. System Hardening
Systems are used to process and transmit information and services throughout the university. Information and services must be processed and transmitted
securely and reliably to assure that data confidentiality, integrity, and availability are preserved.
5.23.1. All systems must be installed and maintained in accordance with the Minimum Security Standards for Systems to minimize service disruptions and
prevent unauthorized access or use.
5.23.2. The Information Security Office shall provide specific Hardening Checklists for common operating system platforms and devices.
5.23.3. [This section to be made effective on September 01, 2014 so as to allow the campus time to plan and transition] All systems providing commodity
services to university affiliates (e.g., web servers, mail servers, file servers) must either be co-located within the University Data Centers or be virtualized within
the ITS Virtualization service.
5.23.3.1. The Information Security Office will work with Colleges, Schools, and Units to proactively identify all such qualifying systems.
5.23.3.2. Exceptions must be filed with the Information Security Office in cases where business, technical, or research needs require the system to be
locally hosted. All exceptions must identify the business need for the exception and the compensating controls that will be implemented to offset the
risks associated with locally hosting the system. A single exception may be filed for a number of devices as long as the devices can be uniquely
identified (e.g., UT Tag, Serial, MAC address).
4