University Computing Services – Fall 2018

University Computing Services’ electronic newsletter highlighting technology services & initiatives

 

Banner 9 / Cloud

  • WOU teamed with Ellucian to move our Banner information system to the AWS cloud.  Banner 8 became live in the cloud February 2018.  The underlying technology of Banner 8 will not be supported past December 30, 2018.  Thus an urgent move towards fully implementing Banner 9.  For several years, the programmers have been training and preparing for Banner 9.  The programmers are up to speed on the new technology and have been programming necessary modifications to Banner 9 forms.  There was a committee process in place that included all 8 Oregon public universities, discussing which Banner 8 modifications needed to carry over to Banner 9.  WOU ended up with 63 modifications, of which 2/3 have been completed.  Ellucian began setting up a non-production Banner 9 environment for WOU at the end of February 2018.  Progress was slow at best. In April, a specialized Banner 9 installation team came on board.  In June we had a partially working non-production and production Banner 9 environment.
  • Below are links to Banner 8 and Banner 9 forms.  As you can see, they are quit different and will be a learning curve for end users.  Despite the same name (Banner), the technology is a complete makeover.  If you are a Banner user, be prepared to dedicate your time to training in the new environment.  The training schedule is found here.

Banner, New Initiatives

  • Financial Aid
    • UCS is working with the Financial Aid office to bring up Banner Financial Aid during the coming year. We have installed the modules on a test system and are working on configuring it to meet WOU’s needs. A few weeks ago we met with the Oregon State University office of Financial Aid (they also run the Banner module), and they had some good suggestions for configuration. They are also interested in providing consulting to help us implement it.
  • Web Time Entry
    • This Banner module should be a big time saver, both for our Payroll office and the many employees at Western. We have downloaded and built the Banner 9 Time Entry application from the Ellucian source code. Next, we will apply several upgrades to the test database to bring it up to the required versions to run Web Time Entry. These upgrades will be done and it will be ready to begin configuration and testing by Sept 17, 2018.
  • Ellucian Mobile
    • The WOU Mobile App, powered by Ellucian Mobile, will provide faculty, prospects, students, staff, and other constituents with access to key campus information and services from their mobile devices. Once launched, the app will be available in the Google Play Store, iTunes, and also on the Amazon Appstore. Initial development will be for Android. Once we have the development environment set up and tested on Android, we will attempt to build both Android and iOS versions simultaneously if possible.

Child Care Center Project

  • The Child Development Center is being relocated from Todd Hall to the University Park and Conference Center buildings. This requires some remodeling of Units A, B, and C, and will join all three buildings together. The ROTC was moved from unit A to APSC 201, the Forensics Lab and smart classroom was moved from Unit B to HSS 329, and the computer lab smart classroom in Unit C is being moved to OMA 101. We will be upgrading all of the network infrastructure cabling and equipment in the new CDC. Completion of the project is scheduled for the end of the summer 2018.

Cyber Security

  • Special Agent Samantha Baltzersen from the FBI will present a cyber security session on September 19 at 2:00pm in RWEC 105.  This will be an excellent informative and eye-opening presentation.
  • A security overview can be found here.

Data Center

  • This summer, 11 aging blade servers were refreshed with 3 new high performance blades.  The SpecMark rating for the new servers is 12 – 22 times greater than the old servers.  In addition, we have added 240TB of disk storage to meet our growing need for digital storage.
  • When you save data to H:, I:, or J: drives, it is backed up to remote disk storage every 24 hours.  In addition, every two hours a snapshot is taken of all changes that have been made.  The snapshots are directly available to you for about two weeks.  If you need to recover one of your old files, watch this instructional video.

Document Management

  • Do you need help with the office “paper shuffle”?  Go here for help.

Email Bulk Senders

Emergency Alert

  • Everbridge is our emergency notification system.  In the upper right hand of the Portal you will find an icon labeled WOU Alert.  Clicking on that icon will take you to a site that allows you to edit your emergency contact paths.
  • Besides sending notifications directly to you, everbridge can send messages to any WOU computer, the emClocks, and the Carillon bells.  In the future, it will also send messages to the smart classrooms and digital signage.

Moodle Upgrade

  • For this Fall we are upgrading the Moodle LMS server from 3.2.4 to the latest stable release of 3.5. Moodle.org has a video that explains some of their new features of 3.5, on Youtube –  https://www.youtube.com/playlist?list=PLxcO_MFWQBDcnwHQwhHZtObHNMHoONx-C   The Moodle software runs on top of the latest Redhat 7 operating system,  Apache 2.4 web server and MariaDB 10.X SQL database. There are 9 web servers –  6 student web servers and 3 Faculty course development web servers that are handed out through our load balancer, giving the end user the best performance. This allows the Faculty their own servers to develop their course material and not take away from the performance of the student pages. This is only the systems side of the upgrade. There are 14 new and 21 upgraded plug-ins added to Moodle software. Some of the major titles are Turnitin, Web Ex, Poodll, and TurningTech.

Natural Science Project

  • After nearly two years of planning for the Natural Science remodel project, construction work began on June 25, 2018, and it is well underway. Phase 1 of the project will be focused on the basement, 2nd floor, and green house. The remainder of the 1st floor work will happen summer 2019. The project will include HVAC upgrades, electrical and lighting upgrades, network infrastructure replacement, bathroom upgrades, and some of the lab classrooms will also be completely re-designed. All of the network cabling will be upgraded to Cat6a, and new telecommunications closets are being built to support all new network hardware. Cat6a wire will allow faster data speeds to be transmitted over the wiring.  Wireless access points are being replaced with higher capacity models, and the density of the access points has been increased to support many more clients. Work will continue on the second floor throughout the fall term.

Remodel of Wolf Express

  • The area which previously housed the Wolf Express in the Werner University Center, is being remodeled for new office space, and a new conference room. The conference room will have a touch panel controlled audio / video system, as well as video conferencing capabilities. New network jacks, and wireless access points are being installed to support the functions of this area. Completion is scheduled for September 7, 2018.

Resident Hall Security Initiative / Video Streaming Service

  • To improve network security, UCS has added a login to our wireless and residence hall networks.  When you connect to these WOU networks, beginning 9/4, you will be prompted for your network login.  Once you connect, you’ll gain network access for 90 days — at which point you’ll be asked to login again.
  • SWANK will be available this fall term for Resident Hall students.
    • Resident Hall students will have a new service available to them this fall, allowing them to stream free movies from any of their devices, while on campus.  They will be able to choose from a vast collection of television shows and movies, including new releases and classic favorites.

Service Request Desk

  • Summer is always a busy time for Desktop Support but this year we had the NS remodel so we were extra busy. We started our summer out by moving out most all of our equipment out of NS and into the Old Ed building. This included getting a lab setup, getting faculty setup and updating all our inventory so we know where equipment moved too. We also had to get the first floor of NS and part of the basement setup ready for fall term courses. As a team, we started on the Sophos push out which was our first real test using SCCM and we had lots of success but a handful of one off’s that didn’t have an SCCM client or errored out during installation. We are still going through and finding stations to fix but for the most part, its done! SCCM has been something that has taken up a lot of time but we are able to image both Windows 7 and 10. We can push out certain software from our office to a CPU across campus. We have installed 27 new student tech funded printers across campus this summer. Working on moving to a new print server. We have upgraded two labs in DeVolder and reimaged all the other labs on campus both Mac and PC labs. Desktop Support took the lab from UPCC C130 and got it set up in OMA 101 for fall term courses. Our team also added a few new students  All this was accomplished while staying on top of our daily service request tickets and tasks.

Smart Classroom Upgrades

  • Classroom Services has been very busy upgrading Smart Classrooms this summer. We have upgraded 18 different rooms across campus this past year with new equipment and technology. The upgrades include: new laser projectors, which are more energy efficient and do not require lamp replacements, digital video monitors, video processors, digital input capabilities, and new sound systems. Many of the smart classroom upgrades have included new teaching consoles, which are ADA compliant and are height adjustable. The touch panel control systems are also being updated to our new user interface, which simplifies how the systems are controlled.  In addition 10 smart classrooms will be upgraded by the time the Natural Science remodel is completed.

Sophos / Intercept X

  • Sophos, our enterprise antivirus system, has undergone a refresh! You may see the new, blue Sophos icon hanging out in your System Tray (Windows). If you double click on this icon, it will open the Sophos Console. From here, if you’d like, you can run a scan on your computer. Scans are scheduled to occur both in real-time (this means a light scan over the duration of your work day) and a deeper, more thorough scan on certain days of the week. There are multiple great new features to this version of Sophos. One of the highlights is ransomware protection. When Sophos detects something encrypting (locking) files on your computer, it will stop and quarantine this process, then roll back your computer to a state prior to the encrypting process. It will then notify UCS of the ransomware it detected. Another feature you may see is Web Threat Protection. In essence, if you’re visiting a webpage or downloading something from the internet that belongs to a category Sophos thinks is risky, Sophos will warn you and ask if you wish to proceed. If you’d like Sophos antivirus on your home computer, Sophos offers a free home edition. Simply download and install, and you’re set!  The installation instructions for the Mac home version is found here and the PC home version is found here.  The download page is found here.  Please see the CyberSecurity section for additional information.

Telecommunications

  • Campus Directory Voice Recognition at 8-9555
    • Western has featured a friendly Campus Operator for many years. The public and campus community reached this service by dialing Western’s main line or toll-free line. In Spring 2018, we activated an automated menu with the most common destinations offered before callers connected to the Operator. And now, we have implemented a voice recognition system that can answer and transfer simultaneous queries via speech recognition. Callers are immediately transferred after speaking the name of a department or person. If the system can’t match the caller’s request following a couple retries, it will then transfer the caller to a friendly Campus Operator. The new voice recognition directory may be directly called at extension 8-9555. Hint: you can speak your request as soon as the ‘chime’ sound plays- you don’t need to listen to the entire prompt.
  • edu-roam is available now.  More information can be found here.

Video Production Services

  • WouTV is Western Oregon University’s digital production service for campus events, athletics and marketing.  WouTV is a full service HD production studio featuring state-of-the-art broadcast  equipment.  We record lectures for online viewing, produce university promotional videos and provide multi-camera, live streaming for campus events and athletics.  WouTV is run by one full-time UCS employee and facilitated by student workers.  Students have the opportunity to be a videographer, editor, graphic designer, technical director and director.
  • WouTV is currently producing promotional videos for Admissions, Marcom and The Drive for 325. To view the WouTV archive of digital media go to:  wou.edu/woutv   Through August 30, go to: wou.edu/livestream and watch the weekday improvements to WOU Softbll Field.  On 10/17, watch the live stream of the WOU Board of Trustees.
  • WouTV videos and live events can also be seen on Minet cable channel 717.

Warehouse

  • Cognos
    • Cognos is a web-based reporting tool from IBM.  It allows you to create and run reports based on data from our Data Warehouse, which is populated from Banner on a nightly basis.  There is an existing library of reports available for you to utilize.  Additional reports can be developed for departments or individuals and placed in the library.  Users can also learn how to create their own reports, for either quick ad-hoc data analysis or for ingoing use.

      In order to use Cognos, you need to be granted access, just as you would for Banner.  Information on how to request access, as well as training options, can be found on the following webpage: http://www.wou.edu/datawarehouse/

  • A look underneath
    • A Data Warehouse is a system that collects and organizes business data for reporting purposes. WOU has been developing its own Data Warehouse based on the data from our main ERP system, Banner. By developing the Data Warehouse in house, we have been able to customize it to match our business practices.Every night, our Data Warehouse records new data and tracks changes to existing data from Banner. This allows us to capture historical information that Banner doesn’t track natively. Once the data is loaded, it can be accessed via Cognos.To learn more about the Data Warehouse, including how to get access to cognos, go here.

eduroam – Global WiFi roaming for Academia

What is eduroam (“educational roaming”) and where can I use it?

  • It is a secure, encrypted, Wi-Fi network that utilizes 802.1X technology to provide unified access across campus. It also allows users from WOU to securely access the Internet from any eduroam-enabled institution throughout the world.
  • In addition, eduroam provides visitors from participating institutions access to WOU’s wireless network and the Internet, without needing guest credentials or additional configuration by the user.
  • Eduroam is available at more than 12,000 locations worldwide, including more than 450 colleges, universities, and research facilities in the United States.
  • Additional information about eduroam can be found here.
  • A list of participating subscribers can be found here

How do I connect to eduroam at WOU?

  • Go to your wireless configuration page.
  • Select eduroam from the list of available SSIDs.
  • Enter your WOU e-mail address in the userid field.  example@wou.edu
  • Enter your Pawprint password in the password field.
  • If you are from a visiting university, use your universities login credentials.
    • If you previously configured your device at your home university, no further configuration will be required to connect to eduroam at WOU.

Connection tool:

  • The eduroam connection tool can be downloaded here.

Password Compromise Report

Many of you will find a new channel in your Portal labeled “Password Security”.

This channel will include a list of sites where your password has been compromised.

You may have placed your WOU credentials at risk under the following conditions:

For example:

  • your WOU account is johnDoe, with an e-mail of johnDoe@wou.edu and a password of theSaltShaker
  • your Amazon account is johnDoe and your password is theSaltShaker

The Portal report displays all sites where you have compromised accounts, resulting in your userid and password being published on the Dark Web.  Even though your password wasn’t initially compromised at WOU, you run the risk of someone picking up the userid/password pair and trying it at WOU.

It is suggested that you have a separate userid/password pair for each authenticated service you utilize.

What should I do to increase my level of security?

  • You will notice that in a recent blog tilted “Digital Identity Guidelines“, you now have the ability to enter up to 64 character passwords at WOU.   I would take advantage of the longer password ability.
  • For each site you login to, I would have a separate userid/password pair.
  • Never share your credentials.

Digital Identity Guidelines

The National Institute of Standards and Technology (NIST) provided updated guidelines for memorized secrets (passwords) in June, 2017. (special publication 800-63B)

The new guidelines include the following language:

“Verifiers SHOULD NOT require memorized secrets to be changed arbitrarily (e.g., periodically).

However, verifiers SHALL force a change if there is evidence of compromise of the authenticator.”

“Verifiers SHALL require subscriber-chosen memorized secrets to be at least 8 characters in length.  Verifiers SHOULD permit subscriber-chosen memorized secrets at least 64 characters in length.”

“When processing requests to establish and change memorized secrets, verifiers SHALL compare the prospective secrets against a list that contains values known to be commonly-used, expected, or compromised.  For example, the list MAY include, but is not limited to:  Passwords obtained from previous breach corpuses, dictionary words, repetitive or sequential characters (e.g. ‘aaaaa’, ‘1234abcd’), or context-specific words, such as the name of the service, the username, and derivatives thereof.”

The account lookup code will be changed to bring WOU credentials in alignment with the new NIST standards.

Forcing users to change their password frequently could actually make systems less secure.  In most cases, passwords are exploited immediately.  It is typical for a user to use a weaker password if they are required to change it often.

A long password is stronger.  A 6-character password can be cracked in 11 hours, while a 9-character password takes 10 years, based on using the ASCII character set.  The new account lookup system will contain the ability to use UNICODE characters also, making a password virtually impossible to break in a lifetime.

Account lookup will be modified during January / February, bringing it in compliance with the current NIST guidelines.

February 5, Banner will be production in the cloud.  Banner authentication will be via SSO, which aligns Banner access with the memorized secrets set with account lookup.

Banner in the Ellucian Cloud

Banner is currently hosted at University Shared Services Enterprise (USSE) on the Oregon State University campus.

Eastern Oregon University, Oregon Tech, Southern Oregon University, and Western Oregon University have all made the decision to move to the Ellucian Cloud (EC).  Ellucian is the company that owns Banner.

EC is hosted on Amazon Web Services (AWS).  WOU’s instance of Banner will be hosted on an Oregon AWS site.

Why move Banner to another hosting site?

  • Oracle and Ellucian are no longer supporting Banner 8, effective December 30, 2018.  EC resources are sufficient to successfully implement the Banner 9 infrastructure that is required to meet the deadline.  (more on Banner 9 in a future post)
  • EC provides us with a Disaster Recovery plan that includes failover to one of two other Oregon AWS sites.  If all three Oregon AWS sites are inoperable, then WOU Banner will be failed over to one of the Virginia AWS sites.

When will WOU go production on EC?

  • Access to Banner at USSE will be terminated at 5:00pm on Friday, February 2, 2018 and WOU will be live on Banner at EC at 7:00am on Monday, February 5, 2018.

How will I access Banner on EC?

  • Both WolfWeb and Banner INB will continue to be accessed though the Portal.  UCS will change the links to each system during the go-live weekend.
  • WolfWeb can be accessed from any browser, while Banner INB requires Internet Explorer (IE) or Firefox ESR (extended support release)
  • In an effort to strengthen security, off campus access to Banner INB will be available only through VDI.  (https://wouvdi.wou.edu)  There will be no changes to off-campus access to WolfWeb.
  • If you have shortcuts saved to your browser, those will no longer work, post migration weekend.

How is the migration going?

  • The migration effort includes modifying many integrations and job submission server parameters.  A team of technical and functional staff have been working with Ellucian on the cloud migration project since the third week of August.  All this effort is coming together and we expect a successful transition.

Schedule for functional testers:

  • Another test export of both Degree Works and the Banner database will occur on December 19, 2017.  Ellucian will have the refresh ready for us the following morning, December 20, 2017.
  • The final test export will be performed January 12, 2018.  Ellucian will have refresh completed the following morning, January 13, 2018.
  • A code freeze will occur on January 12, 2018 and will be in effect until go-live weekend.

Schedule for go-live weekend:

  • Friday, February 2, 2018 at 5:00pm, Banner will become unavailable.
  • Friday, February 2, 2018 at 5:30pm, Degree Works exported and sent to Ellucian Cloud for import
  • Friday, February 2, 2018 at 7:30pm, Banner exported and sent to Ellucian Cloud for import
  • Saturday, February 3, 2018 at 9:00am, UCS technical team work through checklist and perform initial testing.
  • Saturday, February 3, 2018 at 1:00pm, Functional team begins their testing and UCS technical resolve any outstanding issues.
  • Sunday, February 4, 2018 at 9:00am, Functional and technical teams complete outstanding issues.
  • Monday, February 5, 2018 at 7:00am, Banner production is available in the Ellucian Cloud

Where do I find additional information for Banner Cloud?

Two-Factor authentication

Account security can be enhanced with 2-factor authentication.

 

Why would I want to use 2-factor authentication?

If you use the same password for many of your accounts, your credentials are probably published on the dark web.   Several years ago, I was approached by a questionable vendor that provided me with many of your passwords.   I alerted campus when this occurred. My password was included on the list.

Lessons learned:

Use a different password for each of your accounts.

Change your password frequently.  (https://wou.edu/accountlookup)

Use a long password.

Utilize 2-factor authentication when it is available.

2-factor authentication provides an extra layer of security.  After you successfully enter your userid and password, the system will ask you for some type of token.  Google Authenticator is a great place to get your token.  You can run Google Authenticator on your iPhone or Android device, providing you the token.  New tokens are produced every 30 seconds.

Google Authenticator can be found here:

https://play.google.com/store/apps/details?id=com.google.android.apps.authenticator2&hl=en

https://itunes.apple.com/us/app/google-authenticator/id388497605?mt=8

Amazon, Amazon AWS and Google all provide support for 2-factor authentication.  That means you can turn on 2-factor authentication for all your Google Apps.

Google help can be found here:

https://support.google.com/accounts/answer/185839?hl=en

Amazon help can be found here:

https://www.amazon.com/gp/help/customer/display.html?nodeId=201962420

 

 

Phishing and other e-mail traps

Always view e-mail suspiciously!

 

E-mail security infrastructure  (On-campus and off-campus)

  • Every day, the WOU anti-virus, anti-spam filter stops 200,000+ e-mails from being delivered  (true for both on-campus and off-campus viewing of e-mail)
  • When the WOU intrusion protection system detects “Ransom-ware”, it sends a note to the border firewall and tells it to no longer allow the “Ransom-ware” intruder onto the campus network, thus protecting your computer.
    • The one case of “Ransom-ware” that was not stopped by the IPS this year, encrypted the users local computer and 70,000 files on his departmental drive.
    • We had snapshots of all the files on the departmental drive and were able to recover the encrypted files.
  • When reading your e-mail outside of WOU, if you were to click on a bad link that connects you to “Ransom-ware”, you are no longer under the protection of the IPS.
    • A member of the local Monmouth community was asked to pay $1,000 to un-encrypt his files after being hit by “Ransom-ware”.
  • Another common scheme is to ask you do perform some task, posing as someone you know and trust.

Recommendations:

  • Don’t click on URLs before you know where they will lead.
    • Shortened URLs can be dangerous  http://goo.gl/fPKDds
      • unshorten.it can be used to expand a shortened URL, also providing the site’s trustworthiness
      • Best practice is to:
        • Hover over the link and verify the link is legitimate OR
        • Type the link in manually
        • Never click on the link, the URL that is displayed, may not be the underlying URL
    • Watch for slight differences in URLs  (ex:  www_wou.edu instead of www.wou.edu
  • UCS will not ask you for your password or SSN in an e-mail
  • When in doubt about the source of an e-mail, full headers will provide you further data in regards to the legitimacy of the e-mail  (partial headers)
    • To display full headers:
      • Google mail: open message, select the icon that provides you with the option to reply-all.  Select “Show original”
      • Thunderbird:  open message, select view, select headers, select all
      • Outlook:  open message, select tags. The Message Options dialog box is displayed. The internet headers are shown in the Internet headers field at the bottom of the dialog box.

Additional references:

Computer, Printer and Software Replacement Cycle

Computer and Printer Replacement by Funding Source

  • General Fund Departments

    • Most of the 2010 computers have been replaced.  Computers purchased in 2011 are currently being replaced.
    • Replacement of 2012 computers will begin in Fall 2016
    • 2012 computers that are out of warranty and are currently failing will be replaced now.
    • Printers:
      • IT makes recommendations based on the age and utilization of the printer.  Typical life-cycle for a laser printer is 5 – 7 years.
      • Replacement is dependent on departmental budget.
  • IFC Funded Departments

    • Computers purchased in 2007 and 2008 are currently being replaced.
    • Some 2009 computers will be replaced before July 1, 2016
  • Student Technology Funded Labs

    • Computers are replaced every 3  to 4 years.
    • Higher level computers, such as those in the MIDI lab, tend to have a longer life.
    • The maintenance contract with the printer vendor provides us with new replacement printers when the current printer is at end of life.

Software Updates

  • Google Apps for Education
    • Licenses for all WOU users
    • Updates by Google on a periodic basis, several times per year
  • Microsoft Office
    • Microsoft Desktop for Education, campus license
      • Latest supported version is loaded before new equipment is delivered to customer
      • Latest supported version is loaded on older equipment, based on user request
      • Lab computers are updated each summer
  • Adobe Creative Cloud package, including Acrobat Pro
    • Licensed to all student lab stations + 134 faculty / staff FTE
      • License covers all student labs, both PCs and Macs
      • Faculty and staff that require this package are included
  • ARC GIS
    • Campus license
      • Students labs are updated annually
  • SPSS
    • Campus license for academic use
      • Labs, faculty and staff are updated on an annual basis
  • Many other software packages
    • It is typical for software packages to be updated each summer

An Introduction to the Data Warehouse

  •    The warehouse design is based on Ralf Kimball’s data model
    • The Kimball model includes both dimensions and facts
    • The model revolves around numbers (facts)
    • The dimensions describe the facts
    • A dimensional model is optimized for reporting (queries)
  • The warehouse is a “snapshot in time” of Banner data and other non-Banner data sources
    • example:  4th week data
  • Cognos is the reporting tool that is used to pull the data from the warehouse
    • Converted as PDF and printed
    • Saved as Excel file
    • e-mailed to your inbox

  • Facts (also referred to as cubes):
    • contains the data corresponding to a particular business process, action or event; typically numeric (links two or more dimensions together)
    • example of a fact: registration(credit hours, grades, quality points)
  • Dimensions:
    • contains details about each instance of an fact  (descriptors)
    • examples of dimensions: academic year, academic period, entity(last name, first name), section(course title, course number, crn, section term code)

 

diagram


  • The Data Warehouse was placed into production on June 2, 2014.
  • The warehouse includes 108,702,145 rows of data from Banner Finance, Student and Human Resources and Financial Aid
  • Reporting includes pre-built and ad-hoc queries.
    • Pre built reports will include parameters that you will respond to at run time
    • Ad-hoc queries will give you the ability to have full control of the report
  • The data is refreshed on a nightly basis.
  • # of Dimensions ………………………….72
  • # of Cubes ………………………………….56
  • # of data elements (columns) …..2,666

Demonstration:

For access to the data warehouse, contact Faye Whitenack at whitenaf@wou.edu.

For Cognos Warehouse training, contact Max Chartier at chartierm@wou.edu