UIT staff showcase U projects, talk IT trends at Westnet meeting
Happy to trade a few days of Utah snow for the Arizona sun, several UIT employees traveled to Tucson last month to discuss their ideas, initiatives, and innovations with about 60 other IT professionals in the Westnet Education and Research Consortium (WERC).
The Westnet CIO Workshop (January 28, 2020) and biannual Westnet Workshop (January 29-31, 2020), both held at the University of Arizona, featured presentations from WERC members and vendors about relevant information technology trends affecting higher education, research, and government.
Speakers included members from Arizona State University, Brigham Young University, Colorado State University, PrivacySwan, Twitch, WERC, University of Arizona, University of Utah, and Utah Education & Telehealth Network. Topics ranged from automation to debugging, from security to wireless.
UIT speakers included Craig Bennion, Tom Cheatham, Mike Ekstrom, Syndi Haywood, Abraham Kololli, Trevor Long, Dave Packham, and Chris Stucker. Stacy Vincent, a member of the Information Security Office’s (ISO)Governance, Regulation & Compliance (GRC) team, also was recognized during a session recapping the 2019 Supercomputing Conference.
Read below for more information about their presentations.
Craig Bennion, ITSM Process manager for the Chief Technology Officer (CTO) organization, presented on two topics: “Change Management/ITIL” and “Asset management/inventory.” Additional details were not available.
Tom Cheatham, director for the Center for High Performance Computing (CHPC), gave a presentation at the CIO meeting about the progress of the Campus Research Computing Consortium (CaRCC). As research computing and data needs and requirements grow on campuses, Cheatham said there is a need to define the profession and advocate for support. CaRCC’s efforts include bringing together the community of communities supporting research computing and data. This includes developing HR wireframes and frameworks defining the profession and career paths, as well as a capability model that allows organizations to see their research computing and data needs across multiple dimensions and various "facings" (e.g., researcher-facing, systems-facing, data-facing, and others). CaRCC, he noted, is looking to create a "decadal" plan that details the future of research computing and data with a focus on sustainability. Cheatham encourages those interested in CaRCC’s efforts to join its people-network, visit the CaRCC website, or reach out to him for more information.
Mike Ekstrom and Syndi Haywood
Mike Ekstrom, director for Communications Infrastructure in the CTO organization, and Syndi Haywood, associate director for Voice Systems and Business Administration, gave a presentation about the “U of U’s PRI to SIP conversion.”
Ekstrom and Haywood, who joined via conference call, outlined the university’s project to convert 25,000 traditional phone numbers from old, hard-wired technology (primary rate interfaces or PRIs) to modern, internet-based phone protocols (session initiation protocols or SIPs). SIPs, they noted, offer an increase in redundancy and flexibility. They also described the carrier challenges their teams faced, as well as recommendations for others approaching a similar project.
Ekstrom also presented on “The Landscape of E911.” The Federal Communications Commission (FCC) has adopted new rules surrounding Enhanced 911 (E911), which “seek to improve the effectiveness and reliability of wireless 911 services by providing 911 dispatchers with additional information on wireless 911 calls.” Ekstrom clarified the complexity and seriousness of the issues surrounding E911, and the appropriate handling of emergency responders and 911 calls.
He later moderated a popular forum called “What are you doing about?” Attendees submitted questions to Ekstrom, who facilitated an open discussion. The forum is a Westnet favorite, generating conversation about trending topics like “What are you doing about 5G on your campus?”
Abraham Kololli, associate director for Network Services in the CTO organization, gave two presentations: "Network Access Control" and " State of Wi-Fi at the University."
In his first presentation, Kololli discussed where Network Services is today with network access control (NAC). NAC, according to Cisco, is "a security solution that enforces policy on devices that access networks to increase network visibility and reduce risk." Kololli said his team is moving forward with Phase 1 activities for basic wire-based device authentication, which include building a lab to test the deployment and, eventually, launching a pilot program. So far, the project team has outlined more than 50 major tasks, including using existing tools like Cisco ISE, ensuring a similar experience for wired and wireless users, and focusing on IoT and user-accessible edge ports.
Kololli also talked about UConnect, UGuest, and ULink, detailing how they operate as well as some facts and figures about the university's Wi-Fi networks. He spoke about the challenges of wireless and the growth of IoT devices across university campuses. He noted two challenges for that Network Services team must overcome: devices that require Layer 2 network adjacency features, and a lack of resources to perform timely and detailed building radio frequency design.
Network Services, he said, plans to collaborate with the University of Arizona at future Westnet meetings on network automation and application centric infrastructure (ACI) topics.
Trevor Long, associate director for GRC in the ISO, presented "Security Rainbows and Ponies" — a counterpoint to Dave Packham’s “Doom & Gloom” — about good news in security today. The good news, he said, is many resources are available to help with starting or maturing a security program. In particular, Long focused on cybersecurity risk management from a practical how-to approach, including how institutions can develop a culture of cybersecurity and use existing frameworks to manage risk. He cited recent UIT efforts to increase risk awareness on campus and grow a culture of cybersecurity through mock phishing exercises, a National Cybersecurity Awareness Month campaign, and new Security Champs program. In addition to take-home points for implementing a risk-based approach to cybersecurity, Long encouraged the audience to read the following articles:
- "Cyber Security Is A Business Risk, Not Just An IT Problem" by Forbes
- "2020 Planning Guide for Security and Risk Management" by Gartner
- "The 20 CIS Controls & Resources" by the Center for Internet Security
Dave Packham, manager for UMail and Collaboration in the CTO organization, spoke about the security threats facing higher education and moderated a Lightning Talks session.
In “Doom & Gloom,” Packham cited a number of 2020 cybersecurity trends highlighted by Threatpost, including a dearth of cybersecurity professionals to fill open positions, the lack of protection from phishing on mobile devices, the shift to the cloud and thus cloud-based cyberattacks, and the rise of deep-fake technology. He also talked about the sunset of Windows 7, noting that consumers and businesses without extended support will be vulnerable to security flaws and malicious attacks.
During the Lightning Talks round, Packham moderated a range of random topics, including a question about how to monitor and cool 100+ bottles of wine, a photo deck about how one student transitioned from coal mining to security ops, and a rant about palm trees in Arizona.
Chris Stucker, associate director of Identity & Access Management (IAM) in the ISO, gave a presentation about the IAM program, including some of its projects, initiatives, ideas, and challenges. Stucker talked about UIT's vision around identity lifecycle governance, automation, and increased self-service, as well as the IAM team's SailPoint IIQ and privileged access management (PAM) programs. The biggest challenge, he said, is data (or the logic and processes around that data) accuracy, and whether IAM has accurate data to support the decision-making process for the automation of various activities.
Our monthly newsletter includes news from UIT and other campus/ University of Utah Health IT organizations, features about UIT employees, IT governance news, and various announcements and updates.