Email
Access mail@ucsf
VPN
HelpUCSF Campus Report January 2007
UC Information Technology Leadership Council
January 30-31, 2007
Administrative Systems Advisory Committee (ASAC) Five-Year Plan – Phase II
As reported in September 2006, the two main projects underway are the Procure-to-Pay (P2P) and Effort Reporting System (ERS). Work continued in the last quarter on both projects.
- For P2P, the detailed design phase is nearing completion. As part of this phase, 16 hours of design workshops were held with about 40 campus representatives. The project team is working jointly with the PeopleSoft support teams since we have decided to upgrade our full PeopleSoft suite (10 modules) to version 9.0 as a parallel project. Our new target go-live for the upgrade and for P2P is December 2007.
- For ERs, the team is on an accelerated schedule to implement the project in 9 months. As such, the last quarter saw a lot of activity including finalizing process redesign to fit the new system, system and user acceptance testing, introducing ERs to 400 department users in 4 town hall meetings. In the next quarter we will be collecting role assignments from departments, creating and testing the production environment, completing and delivering the training materials, issuing campus communications, and delivering presentations in 40 faculty meetings to over 700 faculty. Our target go-live date is in March.
Information Security
Enterprise Information Security (EIS) continues its efforts to secure UCSF’s enterprise information resources.
- FY2005-06 Security Roadmap Projects Status:
-
Perimeter Security: Project implements a “security layer” at the
network edge.
- The Cisco proposed configuration will begin testing on February 12 to prove viability.
-
VPN Enhancements: Project implements SSL (Secure Socket Layer)
VPN.
- Reaction to the implemented SSL VPN has been positive. Migration to this platform from the IPSEC platform will commence 2nd quarter 2007.
-
IDS Phase 1: Project implements IDS (Intrusion Detection Systems)
sensors at the UCSF Data Center border.
- Sensors have been installed at the Data Center border and are reporting data. Completed
-
IDS Phase 2: Project implements IDS (Intrusion Detection Systems)
sensors at the UCSF perimeter.
- Most equipment has been received. Implementation planning has begun. Target date has been set for April 30, 2007, however resource and space constraints put that date in jeopardy.
-
Centralized Logging: Project implements a repository for log
management.
- The current focus is to strengthen redundancy in all components.
-
Perimeter Security: Project implements a “security layer” at the
network edge.
- EIS has developed a joint project to identify and secure information on
medical devices in collaboration with representatives from the UCSF Medical
Center.
- Medical Devices Committee has been formed, project is moving forward, expected to be complete before the end of the 2007 calendar year.
- The UCSF Campus Administrative Policy 650-16: Information Security and
Confidentiality has been updated and approved. (See
http://policies.ucsf.edu/650/65016.htm)
- Changes include:
- UCSF Information Security roles and responsibilities
- Minimum network security standards
- UCSF incident investigation
- Changes include:
- The EIS Compliance project has been formed.
- The Compliance project will work toward ensuring information security compliance.
- One of the first tasks will be to conduct departmental assessments against the minimum security standards and provide departments with a report of actions to be taken to meet minimum network security standards as defined by 650-16.
- Authorized and Acceptable Use Policy and Network Security Monitoring policies have been created and approved by the Information Security Commitee (ISC). It is currently waiting for approval by the CIO Group to enter the RFC phase.
- The UCOP Stewardship Policy on information security is currently undergoing review and is pending approval. The Stewardship Policy is a collection of information technology management policies and practices for effective stewardship of information resources, proper functioning of the University and ensuring protection of privacy and confidentiality.
NGMAN: Next Generation Metropolitan Area Network
UCSF is in the last phase of the "Technical Services Agreement" with the two final bidders in the NGMAN process for fiber and DWDM services/equipment. In addition, we are preparing to release a vehicle to procure the Layer 2/3 Ethernet equipment for the NGMAN network. Migration to the new network is expected to begin in late 2007 or early 2008;
Office of Academic and Administrative Information Systems (OAAIS) (formerly ITS)
There have been recent changes to the OAAIS management team:
- On December 1, 2006, Michael Kamerick joined OAAIS as Director of the new Academic Research Systems (ARS) unit. ARS will develop a wide set of research-related resources that will be available to UCSF’s investigators. The resources will include a Research Data Environment, which will provide a campus-wide repository of research data, including access to clinical data from the UCSF Medical Center and, eventually, data from other UCSF sites such as San Francisco General Hospital. In collaboration with UCSF’s new Clinical and Translational Sciences Institute, ARS will also develop database management, hosting, and consulting services.
- On January 2, 2007, after almost 35 years of University service, Ian Tuller retired from his position as Director, Customer Support Services (CSS). Recruitment is currently underway for Ian's successor and, until a permanent candidate is selected, Bruce Levin (Manager of Desktop Technologies) is serving as Acting Director of CSS.
Voice Services
Work has begun to determine the future of voice services provided to the UCSF campus. A number of options to traditional Centrex are being considered focusing on IP Telephony, IP Centrex, and hybrid PBX solutions. A business case study has begun to determine the most cost effective and productive solutions for campus telecommunications.