I n f o r m a t i o... Te c h n o l o g y

advertisement
Information
Te c h n o l o g y
Newsletter
Volume 6, Issue 1, October 2011
It has definitely been a year full of constant changes and challenges. With so many projects and
initiatives, every day is exciting.
With this in mind, I would like to begin by taking this opportunity to express my sincere appreciation
to all of the staff of Information Technology. Their hard work and dedicated service
maintain the incredibly complex systems that support every student, faculty member
and staff member in this college. Well Done!
October is National Cyber Security Awareness Month. Microsoft and the National
Cyber Security Alliance (NCSA) have teamed up with the Department of Homeland
Security (DHS) again this year to help increase awareness about Internet security
issues and to educate people about how to help protect themselves and their devices.
Check out the articles inside for valuable information provided by Richard Buller and Richard Becker.
Please take a moment to share in our successes and our plans for the future. Read how each
campus will have its own connection to the Internet and with increased bandwidth, data will move
even faster than before. Learn how Records Management helps EPCC Go Green! Celebrate with us
as we recognize milestones.
Jenny Giron, Ph.D.
CIO/Vice President, IT
Contents
Plain Talk . . . . . . . . . . . . . . . . . . . . 2
Increased Bandwidth. . . . . . . . . . . . 2
When you cross the street, you look both ways so make sure it’s safe.
Staying safe on the Internet is similar. It takes some common sense steps.
The
Best
Place
To
Start
Stop: Before you use the Internet, take time to understand the risks and
learn how to spot potential problems.
Records Management
Accreditation Process. . . . . . . . . . . 3
Review and Rehabilitation of Banner
Access . . . . . . . . . . . . . . . . . . . . . . 3
Technology Enhanced Classrooms. 4
Think: Take a moment to be certain the path ahead is clear. Watch for
warning signs and consider how your actions online could impact your
safety, or your family’s.
20th Anniversary!. . . . . . . . . . . . . . 4
Connect: Enjoy the Internet with greater confidence, knowing you’ve
taken the right steps to safeguard yourself and your computer.
Financial Aid & State Reporting. . . 5
STOP. THINK. CONNECT.
Protect yourself and help keep the web a safer place for everyone.
More tips and advice at http://stopthinkconnect.org.
EDI. . . . . . . . . . . . . . . . . . . . . . . . . 4
What is Least Privilege Concept?. . 5
Case Management System . . . . . . . 5
ID Thieves are coming!. . . . . . . . . .6
MyMathLab . . . . . . . . . . . . . . . . . . 6
Database Administration. . . . . . . . . 6
Published by Information Technology,
Page 1
El Paso County Community College District does not discriminate on the basis of race, color, national origin, religion, gender, age or disability.
Plain Talk
Richard Buller, Chief Information Security Officer
Why you should not give your username and
password to anyone!
Note: The griffin, a fabulous animal half eagle and
half lion, is symbolic of wisdom and inspiration. The role
of the griffin as guardian of treasure is symbolic of the
Information Security Program’s responsibility to promote
safeguarding the sensitive institutional and student and
employee personally identifiable information of El Paso
Community College.
Stop-Think-Connect Tip #1: Keep a Clean Machine.
Osvaldo Luna
Media Services
Coordinator
Employee of the Month
September 2010
Rio Grande
Keep security software current: Having the latest security software, web browser, and
operating system are the best defenses against viruses, malware, and other online threats.
Automate software updates: Many software programs will automatically connect and
update to defend against known risks. Turn on automatic updates if that's an available
option.
Protect all devices that connect to the Internet: Along with computers, smart phones,
gaming systems, and other web-enabled devices also need protection from viruses and
malware.
Plug & scan: "USBs" and other external devices can be infected by viruses and malware.
Use your security software to scan them. (from stopthinkconnect.org)
Increased
Bandwidth
ISPs (Internet Service Providers) in order to provide
redundancy and backup. In the event that one ISP
fails, the entire College’s Internet traffic is routed to
the other ISP within milliseconds.
The new design will consist of an Internet
bandwidth increase to a total of 600 Mbps of Internet
bandwidth. Furthermore, a 100 Mbps Internet
bandwidth connection will be delivered at each
campus. This will provide autonomous Internet
service as well as redundancy. In the event of an
Internet service outage at a campus, the new design
will be configured to reroute the service to College
backup Internet connection. In addition, the College
will continue to have a separate ISP providing 100
Mbps backup Internet connection for redundancy
and reliability. This will improve the experience and
performance for students, faculty and staff with their
online, cloud computing and hosted applications.
Elbert Hubbard
T h e
emergence
of cloud
computing,
S a a S
(Software as
Marco Fernandez, Executive Director
a Service),
and hosted
services have
increased the demand on the College’s Internet
bandwidth. To address this, the Network Systems
department has been working on engineering a new
design to increase Internet bandwidth in the District.
Currently, the College has a total of 200 Mbps of
Internet bandwidth for the entire District. This is
delivered at two different campuses (ASC and RG)
with each having one 100 Mbps connection. Each
100 Mbps connection is shared by three campuses.
These two connections are provided by two different
One machine can do the work of fifty ordinary men. No machine can do the work of one
extraordinary man.
Someone asks you to let them use your username
and password for “just a minute.” Perhaps you write
your EPCC computer credentials on a slip of paper
for your children to use in the library while you are
in class – and it is left behind on the computer they
used. Maybe you have given your
always forgetful friend your logon
information which they have loaned
to others.
Once others have your computer,
network, database or program access
credentials, they can change your
password and you will no longer own
these accounts. You will not be able
to use EPCC computer and Network
Services. You will have to present yourself and prove
your identity at the EPCC Service Center, the Office of
the Registrar, or an Academic Computer System lab to
have the opportunity to regain control of your account.
Others can use your account to commit crimes;
perform acts that violate EPCC policies, procedures
and standards; discredit your reputation and that of
the College; or compromise your
identity. Everything done under
your account, no matter by whom,
is the responsibility of the account
owner – you! Can you trust the
persons to whom you gave your
username and password to not pass
it on to their friends?
Giving your username and password to a minor
could result in criminal charges should the minor’s
parents be not so understanding. We can draw a
parallel between doing this and purchasing beer for
persons less than 21 years of age.
In the wrong hands, your credentials could be
used to compromise sensitive personally identifiable
information, personal identities of students and
employees of EPCC.
Protecting your username(s) and password(s) is as
important as securing your credit or debit cards and
other bank information. Do not give them to anyone
and change your password regularly!
Page 2
It is only when they go wrong that machines remind you how powerful they are.
Clive James
Page 3
Records
Management
Accreditation
Process
With the forthcoming review of EPCC by the Southern Association of Colleges
and Schools (SACS), Records Management is keeping very busy working in
many areas of the College District to comply with a SACS requirement to provide
documentation electronically to the SACS reviewers located in different parts
of the country through a safe and secure web access. It is the responsibility of
Records Management to work closely with other members of the SACS Team to
gather and create programs that image and manage all documentation required by
SACS. Those documents will be ready and available
for review next year.
Bonnie Prieto, Director
Many key areas such as the Financial Aid Office,
the Registrar Office, Comptrollers, Counselors,
Early High School, to name only a few, are already practicing this form of technology
to better serve our students, faculty and staff.
After the accreditation process is complete, the College will have not only complied
with a new SACS initiative of providing digitized information, but, from this point
forward, will carry on with this technology in conducting day to day business on a
permanent basis. This technology will facilitate a smoother transition of information through Share Point.
Stop-Think-Connect Tip #2:
Protect Your Personal Information.
Secure your accounts: Ask for protection beyond passwords. Many account
providers now offer additional ways for you verify who you are before you
conduct business on that site.
Make passwords long and strong: Combine capital and lowercase letters
with numbers and symbols to create a more secure password.
Unique account, unique password: Separate passwords for every account
helps to thwart cybercriminals.
Write it down and keep it safe: Everyone can forget a password. Keep a list
that’s stored in a safe, secure place away from your computer.
Own your online presence: When available, set the privacy and security
settings on websites to your comfort level for information sharing. It’s ok to
limit who you share information with.
Review &
Rehabilitation of
Banner Access
Richard Becker, Security Analyst
Banner © is going through a bit of rehabilitation
these days. SunGard’s© Banner© is El Paso Community
College’s (EPCC) Enterprise Resource Planning (ERP)
system. We use Banner© for tracking requisitions and
purchases, scheduling classes, assigning faculty to
classes, running payroll, performing accounts payable
and receivable (AP/AR) activities, and many other tasks
that assist all of us in achieving the mission and vision
of EPCC.
Each user who needs to perform their job specific
functions using Banner© is enabled to do so by assigning
classes and objects to their Banner© account. Briefly,
objects are the individual forms, processes, and reports
that we use to perform our job tasks. To reduce the amount
of user maintenance, these individual objects are lumped
together into classes, relating to requisitions, payroll,
faculty, AP/AR, and the like, and then these classes are
assigned to a user account, as needed.
Sergio Ramos
Media Services Coordinator
Employee of the Month
February 2011
Valle Verde
Over the years, the access to these classes and objects
by EPCC staff have become bloated and overreaching,
thus raising concerns for the security of the information
within the Banner© system. How did this occur? Over the
years, when staff moved to a new position or to another
department, new job related classes and objects were
added to their accounts and their previous job related
classes were not always removed. To eliminate the concern
of unnecessary access and improve information security,
EPCC has embarked on the
Banner© Access Rehabilitation
Project.
The project’s primary goal
is to clean-up and remove
unnecessary access, which has
led to many layers of duplication
in user access. This clean-up
will have the added benefit of
better protecting the information
within the system. All departments will go through
this project of evaluating, testing, and implementing
streamlined classes. EPCC is starting with the Purchasing,
General Accounting, Payroll, and Accounts Payable
departments. The Information Security (InfoSec) Program
of EPCC looks forward to working with each department
on this project.
New!
TechnologyEnhanced
Classrooms
Stop-Think-Connect Tip #3:
Connect with Care.
David Licano
Systems Administrator
Employee of the Month
July 2011
Administrative Service Center
When in doubt, throw it out: Links in email, tweets, posts, and
online advertising are often the way cybercriminals compromise your
computer. If it looks suspicious, even if you know the source, it's best
to delete or if appropriate, mark as junk email.
Get savvy about Wi-Fi hotspots: Limit the type of business you
conduct and adjust the security settings on your device to limit who can
access your machine.
Protect your $$: When banking and shopping, check to be sure
the sites is security enabled. Look for web addresses with "https://" or
"shttp://", which means the site takes extra measures to help secure your
information. "Http://" is not secure.
EDI
The EDI system allows
criteria outlined in the TREx
EPCC and UTEP to send
Checklist on SPEEDE’s
(Electronic Data Interchange)
and receive transcripts and
website. We are currently
applications electronically. Gary Chacon, Executive Director
working with thirteen other
EPCC has TREx Certified
high schools to TREx Certify
thirteen area high schools. After a high school is TREx their institutions. EPCC developed a process to upload the
Certified, they can send transcripts electronically via EDI high school transcripts into Banner. EPCC has added four
to any college or university listed as ready to receive on colleges and universities to EDI production which now
SPEEDE’s website and eliminate sending paper copies totals six. This means that EPCC can send and receive
of the transcripts. SPEEDE is the UT at Austin server EDI transcripts with these institutions instead of paper
that electronic transcripts and applications are processed copies. We are currently testing sending and receiving
through.
EDI transcripts with sixteen colleges and universities.
The TREx Certification involves checking to make
Support team for the EDI system are EDI Programmer
sure that the information sent on the EDI transcripts analyst Kent Hurtig, development support provided by
matches 100% when compared to the official paper Senior Programmer analyst Bobby Morrow and project
copies. The information also has to comply with the management support by Yvette Mottley.
20th Anniversary
of Mature Living
Show
EPCC-TV began producing the
Mature Living Show in the fall of
1991 and this year marks the 20th
year anniversary for the show. This
year, co-producers Marco Lara
and Mary Yanez designed a brand
new look to the show with the set and
Patrick Ebert, Manager
furnishings.
Mary Yanez, the hostess for the show, said “It’s been quite a ride over the last 20
years” and “I must thank and express my appreciation to all of the people who have had
anything to do with our production over the years. Some have come and gone, but if it
had not been for them, it would not have happened. And, of course, thanks to Dr. Jenny
Girón for allowing us to be creative and for being so supportive.”
It’s impossible to move, to live, to operate at any level without leaving traces, bits,
seemingly meaningless fragments of personal information. William Gibson During Spring 2011, the Instructional Media Services with the
guidance of Dr. Raul Munoz implemented 78 new technologyenhanced classrooms district wide. Five of these rooms are ADA
fully automated podiums. There is one on each campus.
What is different about these, you might ask? Well, they are
stream lined to take up less space in the classroom. The podiums
do not have a touch panel; you operate these by using the PC,
mouse, and monitor mounted on the podiums. Use your active
directory username and password to log-on to the
PC, double-click X-Panel icon. Using the mouse,
Nancy Gamez, Manager, Media Services
click the system power on. Select the desired
source and that is it (NOTE: don’t forget to poweroff the system before logging-off the PC).
What resources do you have in these podiums? PC, keyboard/mouse, monitor, Document
Camera, Blu-ray DVD player only, LCD projector, ceiling mounted speakers, electric screen, and Laptop
connections (NOTE: you still need to log-on to the PC to select the laptop).
Page 4
What is the “Least
Privilege” Concept
Ben Shneiderman (2002)
Successful Technologies are those that are in harmony with end user’s needs
Richard Buller, Chief Information Security Officer
Page 5
The principle of “least privilege” (PoLP), also called
“Least-privileged User Account” (LUA), promotes
minimizing user privileges on computers based on the
user’s job needs. The objective is to support the least
authority necessary to perform one’s duties.
The concept of “least privilege” is being implemented
at EPCC by removing full administrative rights from the
global profiles on all our computers. When a user is a
“standard” user in a Windows PC, over 90% of all attacks
are prevented! That is a compelling reason to move away
from every user having admin rights!
Having administrative rights gives users complete
and total control over the security of their desktops - a
situation that is far from ideal but has been very common
for many years. While it is dangerous enough for users
to have full control because of the opportunity to violate
College policy for software use and for abuse of workplace
rules, it becomes catastrophic when spyware enters that
computer or is encountered during Web surfing or through
Jesse Salas
Media Services Coordinator
Employee of the Month
September, 2011
Transmountain
No pressure
here except for
the fact that
state and federal
funds are a major
funding source
for our students
and institution.
Gary Chacon, Executive Director
IT has two
teams that
provide technical support for both the Financial Aid and
Institutional Research departments. Doug Schirmer and
Dalila Chavez support Institutional Research and State
reporting requirements. Fred Ornelas and Debbie Sweet
are part of the technical support team for Financial Aid.
As part of a cross training effort, Bobby Morrow
recently joined the Financial Aid technical support
team and is also assisting with Financial Aid projects.
Both teams are constantly working on new regulation
modifications or fine tuning processes related to the
submission of data files and reports. Deadlines and
accuracy associated with these submissions are very
critical.
Both of these teams are highly skilled in what they
do and work year round with the department functional
users from each area to provide the most accurate and
reportable data in a timely manner.
Financial Aid
and State
Reporting
email messages. Removing admin rights helps eliminate
the accidental or deliberate misuse of these privileges,
decreases the risks posed by malicious software and
reduces the cost of supporting the desktop computer.
In general terms, our implementation and governance
plan will progress like this:
First, we will map job functions to privileges on IT
assets (based on the tasks associated with a job position).
Second, no guest accounts will receive extended
authorities – privileges will be restricted to only the specific
roles and accounts that need them.
Finally, Information Technology will use a software
tool to extend additional, tailored rights for those with
specific needs.
Information Technology has procured Beyond Trust’s
PowerBroker software package to help us manage this
much more secure environment while meeting the
mission needs of each employee and department. Once
the implementation begins, we will provide a template
for anyone to complete to describe the duties they cannot
perform under PoLP (or LUA). After confirmation and
approval by the supervisory channel and a risk assessment,
the necessary authorities will be added to all computers
serving users having those same job tasks. Then we will
all be in a much more secure computing environment!
Stop-Think-Connect Tip #4:
Be Web Wise.
Stay current. Keep pace with new ways to stay
safe online. Check trusted websites for the latest
information, and share with friends, family, and
colleagues and encourage them to be web wise.
Think before you act: Be wary of
communications that implore you to act immediately,
offers something that sounds too good to be true, or
asks for personal information.
Back it up: Protect your valuable work, music,
photos, and other digital information by making an
electronic copy and storing it safely.
Case Management
System
Gary Chacon, Executive Director
EPCC received a Bill Gates Foundation grant
that lead to developing a case management system.
Senior programmer Analyst Yvonne Almanza worked
with the Student Success Prep program staff, Ruben
Ochotorena and Luis Pratt to develop a Prep program
case management system. The system was designed to
document first-time-in-college developmental education
student intervention activity and progress. The data
tracked in this system was also used to produce reports
that identify students for the Mentoring Program
which utilizes EPCC Leadership Academy graduates
as mentors.
The ID Thieves are coming.
The ID Thieves are coming.
Too late!!!
ID Thieves
are Coming!
Richard Becker, Security Analyst
Security is always excessive until it’s not enough.
Unlike Paul Revere warning us about the coming British invasion,
the Information Security (InfoSec) program at El Paso Community
College (EPCC) wants to warn you that the identity thieves are already here.
So what is Identity Theft? Identity theft (ID theft) occurs when a lone individual or a group acquires
and uses your personally identifiable information (PII) [such as your name, Social Security Number (SSN),
Academic ID, financial institution information] without your permission to commit fraud or other crimes. ID
theft is a crime that affects everyone. In 2009, 11 million individuals were victims by ID theft at a cost of $54
billion. This is a conservative victim count and dollar amount for 2009, and does not include the hidden costs
that businesses pass on to us by implementing measures to prevent and recover from ID theft. ‘
You ask, “How can I protect myself?” Start by reviewing your credit reports annually. Report any
discrepancies. Encourage your grown children to review their credit reports. Review your children’s credit
reports. ID thieves can take out loans using your information or your children’s information, thus potentially
ruining yours or your children’s credit. The three credit reporting agencies are Experian, TransUnion, and
Equifax. Stagger your requests so that you receive, for example, your Experian credit report in February,
your TransUnion credit report in June, and your Equifax credit report in October. You can even pay for credit
rating reports from these same agencies.
Educate yourself and always be vigilant when it comes to your personal and financial information. If you
suspect you are a victim of ID theft be embarrassed later, take action quickly. Really, do not be embarrassed;
ID theft can happen to anyone. Report your suspicions to your financial institutions and your local law
enforcement agency.
For more information visit http://ftc.gov/idtheft.
MyMathLab
is a series of
online courses
Gary Chacon, Executive Director
that accompany
Pearson’s textbooks
in mathematics and
statistics. Ernie Montero, Senior Programmer Analyst is
working with EPCC faculty and Pearson technical staff to
bridge student enrollment information between Banner and
the MyMathLab system. It allows students the ability to use
their EPCC user ID credentials in order to provide a seamless
online educational experience.
MyMathLab
Stop-Think-Connect
Tip #5: Be a Good Online Citizen.
Safer for me more secure for all: What you do online has the potential to affect everyone – at home, at work
and around the world. Practicing good online habits benefits the global digital community.
Post only about others as you would have them post about you.
Help the authorities fight cyber crime: Report stolen finances or identities and other cybercrime to www.
ic3.gov (Internet Crime Complaint Center), the Federal Trade Commission at http://www.onguardonline.gov/filecomplaint.aspx (if it’s fraud), and to your local law enforcement or state attorney general as appropriate.
IT Database Administrators, Edmundo Vasquez and Patti Sayers,
work every day to make Banner systems secure, available, and upto-date.
Last summer, they were both part of a Banner upgrade planning
and implementation team that provided successful upgrades to the
Gary Chacon, Executive Director
Banner servers.
This fall, they are moving our entire database systems and Banner
software from older servers to new, more robust servers because they know our “need for speed”. Planning, research,
and testing can take weeks for this type of event. The final production conversion is mostly conducted on weekends
or holidays.
The plan is to provide seamless secure availability, stability, and speed.
Robbie Sinclair (n.d.)
Database
Administration
Page 6
Download