UCD IT Services Update January, 2011

UC Denver IT Overview IT Services (central IT organization) facilitates IT policy/governance and provides “core” enterprise & infrastructure services: –Helpdesk –Network and security Connectivity to Internet, Internet2, and National Lambda Rail Firewalls and other tools/devices that protect campus data Approximately 90% of campus covered with g wireless network access –Workstation support (fee-for-service at AMC) –Phones (fee-for-service) –Server hosting (fee-for-service) –File storage (fee-for-service) –Data Centers (fee-for-service) – Microsoft Exchange 2007 –Administrative applications, development and support –Identity and Access Management Active Directory Oracle Identity Management Suite Common “enterprise” systems supported by CU System and shared between the three CU campuses: –Peoplesoft HRMS, Financials –Peoplesoft/Campus Solutions Student Information System –Info-Ed Electronic Research Administration

Cellular Coverage at the Anschutz Medical Campus Highly energy efficient windows and building design significantly reduce performance of cell phones, pagers, and other devices that rely on external signals Certain areas of campus have a critical need for cellular voice services due to patient care needs and safety Boosting signals within buildings requires two major deployment efforts: –Placing antenna “repeaters” within buildings and wiring to central location –Coordinating with cellular and other wireless carriers to “plug in” their signal Antennas installed in Bldg 500, Library, Campus Services, Ed-1, Ed-2n, Ed-2s, EH&S, Admin Office-1, and public areas (basement, 1 st, 2 nd floor) of R-1n, R-1s, and R-2 ($1.3M spent) USA Mobility (pagers), AT&T, Nextel, Sprint, Verizon and T-Mobile signals are all currently being boosted in these areas Additional buildings will be added to coverage as funding is made available “4G” high speed cellular signals from carriers (Sprint 4G/WiMax, Verizon LTE, etc.) are NOT compatible with the system due to antenna limitations

Remote Computing Audit Findings Consolidate and simplify IT policies as part of current campus initiatives Develop new policy language that explicitly covers the definition of remote computing and how devices are secured Require that all devices connecting to campus (via a non-campus remote network) have passwords, security patches and are encrypted. Four methods available to securely access campus computing/data: Web-based remote desktop (mydesktop.ucdenver.edu) will replace majority of virtual private network (VPN) services Security monitoring software (fee-based) for users who have a business need to continue using VPN technology Webmail Smartphones that are Blackberry or ActiveSync compliant Faculty, staff and students should select a smart phone that can be encrypted at their next contract renewal. A list of example devices will be published on the IT Services website soon FINDINGS/DATES CURRENTLY ON-HOLD PENDING REVIEW AS OF 2/2011

Before/After Audit Remediation If you currently access campus information remotely via… The impact after implementation is… Webmail (webmail.ucdenver.edu) using a desktop, smartphone, or any other type of computer No change. Blackberry smartphone (requires license fee and setup by ITS) No change. This is the recommended solution for safe, secure usage via smartphone at UC Denver. iPhone 3Gs or 4 smartphone configured to use campus system (Microsoft Exchange) Beginning ????? these phones will have settings automatically downloaded requiring a password, encryption and “auto lock” of the screen after a time delay. iPhone 3G or older smartphone configured to use campus system (Microsoft Exchange) Discontinuing support in ?????. Individuals must upgrade to a newer model iPhone (3Gs or 4). Droid or other Android-based smartphone configured to use campus system (Microsoft Exchange) Beginning ????? these phones will have settings automatically downloaded requiring a password and “auto lock” of the screen after a time delay. We will have to discontinue support after ????? if manufacturer does not offer the ability to encrypt the phone. Virtual Private Network (VPN)Beginning ?????? must install security monitoring software and encrypt the computer (requires license fees and setup by ITS) OR use web-based remote desktop solution (mydesktop.ucdenver.edu) OR webmail. Secure shell (SSH), telnet, file transfer protocol Individuals and/or units will need to work with ITS on how to comply with audit findings. Direct Simple Mail Transport Protocol (SMTP) or Internet Message Access Protocol (IMAP) download (similar to how personal is downloaded from Comcast or Qwest) Discontinuing support outside of campus network in ?????. Use webmail or web-based remote desktop solution (mydesktop.ucdenver.edu).

Microsoft Student Student taskforce issued charge by VCs in summer 2009 to evaluate marketplace for next generation system for students Microsoft and Google identified as finalists by taskforce in spring 2010 Microsoft identified as best fit and contract for “free” service issued in summer 2010 CU Boulder also implementing UC Denver Campus and Anschutz Medical Campus students will be consolidated into single system hosted within Microsoft datacenters Students will be provided with “ for life” and address Students will receive 10 gigabyte mailbox, 25 gigabytes of storage (Skydrive), Microsoft Office “Live”, personal webspaces, and more – see Anticipate deployment in Summer 2011

Other Recent Projects eDirectory – Publish “preferred” information and/or other personal information about yourself - or use the “Beta” pull-down from Recent CU System IT policy revisions reduce requirements for laptop encryption (non- HIPAA units) Remote desktop (free service to replace VPN) – Thin client initiative – reduce energy and PC expenditure costs Wireless network upgrades – can now use your UCD computer account to access campus wireless and perform automatic setup - Paperless billing – IT Services now sends billing information via PDF file and . Automated computer account requests and self-service password reset – reset your UCD computer account password without calling the helpdesk Microsoft site license – paid faculty and staff can use latest versions of “core” software (including use at home) - web.ucdenver.edu/Microsoft/employeeportal.phphttps://itservices- web.ucdenver.edu/Microsoft/employeeportal.php Migration to Microsoft for student (summer 2011)