UC Denver IT Overview

UCD IT Services Update
January, 2011
UC Denver IT Overview
IT Services (central IT organization) facilitates IT policy/governance and provides “core”
enterprise & infrastructure services:
Network and security
Workstation support (fee-for-service at AMC)
Phones (fee-for-service)
Server hosting (fee-for-service)
File storage (fee-for-service)
Data Centers (fee-for-service)
Microsoft Exchange 2007
Administrative applications, development and support
Identity and Access Management
Connectivity to Internet, Internet2, and National Lambda Rail
Firewalls and other tools/devices that protect campus data
Approximately 90% of campus covered with 802.11g wireless network access
Active Directory
Oracle Identity Management Suite
Common “enterprise” systems supported by CU System and shared between the three CU
Peoplesoft HRMS, Financials
Peoplesoft/Campus Solutions Student Information System
Info-Ed Electronic Research Administration
Cellular Coverage at the Anschutz Medical Campus
Highly energy efficient windows and building design significantly reduce
performance of cell phones, pagers, and other devices that rely on
external signals
Certain areas of campus have a critical need for cellular voice services
due to patient care needs and safety
Boosting signals within buildings requires two major deployment efforts:
– Placing antenna “repeaters” within buildings and wiring to central
– Coordinating with cellular and other wireless carriers to “plug in”
their signal
Antennas installed in Bldg 500, Library, Campus Services, Ed-1, Ed-2n,
Ed-2s, EH&S, Admin Office-1, and public areas (basement, 1st, 2nd
floor) of R-1n, R-1s, and R-2 ($1.3M spent)
USA Mobility (pagers), AT&T, Nextel, Sprint, Verizon and T-Mobile
signals are all currently being boosted in these areas
Additional buildings will be added to coverage as funding is made
“4G” high speed cellular signals from carriers (Sprint 4G/WiMax,
Verizon LTE, etc.) are NOT compatible with the system due to antenna
Remote Computing Audit Findings
Consolidate and simplify IT policies as part of current campus initiatives
Develop new policy language that explicitly covers the definition of remote
computing and how devices are secured
Require that all devices connecting to campus (via a non-campus remote
network) have passwords, security patches and are encrypted.
Four methods available to securely access campus computing/data:
• Web-based remote desktop (mydesktop.ucdenver.edu) will replace majority of
virtual private network (VPN) services
• Security monitoring software (fee-based) for users who have a business need
to continue using VPN technology
• Webmail
• Smartphones that are Blackberry or ActiveSync compliant
Faculty, staff and students should select a smart phone that can be encrypted at
their next contract renewal. A list of example devices will be published on the IT
Services website soon
Before/After Audit Remediation
If you currently access campus
information remotely via…
The impact after implementation is…
Webmail (webmail.ucdenver.edu) using a desktop,
smartphone, or any other type of computer
No change.
Blackberry smartphone (requires license fee and setup by
No change. This is the recommended solution for safe, secure
email usage via smartphone at UC Denver.
iPhone 3Gs or 4 smartphone configured to use campus
email system (Microsoft Exchange)
Beginning ????? these phones will have settings automatically
downloaded requiring a password, encryption and “auto lock” of
the screen after a time delay.
iPhone 3G or older smartphone configured to use campus
email system (Microsoft Exchange)
Discontinuing support in ?????. Individuals must upgrade to a
newer model iPhone (3Gs or 4).
Droid or other Android-based smartphone configured to use
campus email system (Microsoft Exchange)
Beginning ????? these phones will have settings automatically
downloaded requiring a password and “auto lock” of the screen
after a time delay. We will have to discontinue support after
????? if manufacturer does not offer the ability to encrypt the
Virtual Private Network (VPN)
Beginning ?????? must install security monitoring software and
encrypt the computer (requires license fees and setup by ITS) OR
use web-based remote desktop solution
(mydesktop.ucdenver.edu) OR webmail.
Secure shell (SSH), telnet, file transfer
Individuals and/or units will need to work with ITS on how to
comply with audit findings.
Direct Simple Mail Transport Protocol (SMTP) or Internet
Message Access Protocol (IMAP) download (similar to how
personal email is downloaded from Comcast or Qwest)
Discontinuing support outside of campus network in ?????. Use
webmail or web-based remote desktop solution
Microsoft Live@edu Student Email
• Student email taskforce issued charge by VCs in summer 2009 to
evaluate marketplace for next generation email system for students
• Microsoft and Google identified as finalists by taskforce in spring 2010
• Microsoft identified as best fit and contract for “free” service issued in
summer 2010
• CU Boulder also implementing Live@edu
• UC Denver Campus and Anschutz Medical Campus students will be
consolidated into single email system hosted within Microsoft
• Students will be provided with “email for life” and an @ucdenver.edu
email address
• Students will receive 10 gigabyte mailbox, 25 gigabytes of storage
(Skydrive), Microsoft Office “Live”, personal webspaces, and more –
see http://www.microsoft.com/student/en/us/software/live-at-edu.aspx
• Anticipate deployment in Summer 2011
Other Recent Projects
eDirectory – Publish “preferred” information and/or other personal information about
yourself - http://directory.ucdenver.edu or use the “Beta” pull-down from
Recent CU System IT policy revisions reduce requirements for laptop encryption (nonHIPAA units)
Remote desktop (free service to replace VPN) – http://mydesktop.ucdenver.edu
Thin client initiative – reduce energy and PC expenditure costs
Wireless network upgrades – can now use your UCD computer account to access
campus wireless and perform automatic setup - https://expressconnect.ucdenver.edu
Paperless billing – IT Services now sends billing information via PDF file and email.
Automated computer account requests and self-service password reset – reset your
UCD computer account password without calling the helpdesk http://passport.ucdenver.edu
Microsoft site license – paid faculty and staff can use latest versions of “core” software
(including use at home) - https://itservicesweb.ucdenver.edu/Microsoft/employeeportal.php
Migration to Microsoft live@edu for student email (summer 2011)