The document discusses information security efforts at Harvard University. It notes that universities contain valuable data and research but have large, porous networks that make them targets for cyber attacks. The document then summarizes security breaches that have impacted universities, including the theft of over 100,000 passwords at Stanford and 309,000 social security numbers stolen from the University of Maryland. It outlines an initiative at Harvard to improve security by ensuring endpoints are patched and encrypted, high-risk departments are scanned regularly for sensitive data, and establishing best practices for security measures. Metrics and timelines for the project are provided.
Learn more about how the Readiness and Emergency Management for Schools Technical Assistance Center (REMS TA Center) supports institutions of higher education (IHEs). In this webinar, Madeline Sullivan, contracting officer’s representative for the REMS TA Center, and Janelle Hughes, director of communications for the REMS TA Center, provide an overview of the services, resources, and support systems available to IHEs. They showcase the REMS TA Center website and the sections it houses to support IHEs, as well as describe key resources that have been developed by federal partners in higher education safety, security, and emergency preparedness to support the development of high-quality emergency operations plans (EOPs) for IHEs.
Tips for Driving Learning Success with Moodle LMS ReportingLambda Solutions
As your courses run, your learners participate, and your instructors design, Moodle learning management systems create and store a wealth of data just underneath the hood. All of the information you need to optimize your system, report on the effectiveness of your courses, and identify opportunities for learner intervention are waiting to be analyzed, visualized, and shared.
Join Stewart Rogers, the Lambda Solutions reporting and analytics expert, to discover how you can use reporting and analytics in your Moodle LMS to drive learning success. This webinar will demonstrate what you can gain from analytic insights into your learner data created through Moodle, and provide tips and tricks on how you can quickly access, analyze, and share this information for actionable insights that will help you improve the effectiveness of your learning programs.
Attend the live webinar to learn how to:
- Monitor student progress and identify intervention opportunities
- Report on student activity and engagement within your courses
- Collect and visualize compliance data
- Assess “time spent” by your learners and instructors
- Analyze trends in the effectiveness of your learning programs
Harvard's network operations center (NOC) is a set of web applications and tools that offer transparency and push "self service" to customers in a secure, verified, and granular way.
Learn more about how the Readiness and Emergency Management for Schools Technical Assistance Center (REMS TA Center) supports institutions of higher education (IHEs). In this webinar, Madeline Sullivan, contracting officer’s representative for the REMS TA Center, and Janelle Hughes, director of communications for the REMS TA Center, provide an overview of the services, resources, and support systems available to IHEs. They showcase the REMS TA Center website and the sections it houses to support IHEs, as well as describe key resources that have been developed by federal partners in higher education safety, security, and emergency preparedness to support the development of high-quality emergency operations plans (EOPs) for IHEs.
Tips for Driving Learning Success with Moodle LMS ReportingLambda Solutions
As your courses run, your learners participate, and your instructors design, Moodle learning management systems create and store a wealth of data just underneath the hood. All of the information you need to optimize your system, report on the effectiveness of your courses, and identify opportunities for learner intervention are waiting to be analyzed, visualized, and shared.
Join Stewart Rogers, the Lambda Solutions reporting and analytics expert, to discover how you can use reporting and analytics in your Moodle LMS to drive learning success. This webinar will demonstrate what you can gain from analytic insights into your learner data created through Moodle, and provide tips and tricks on how you can quickly access, analyze, and share this information for actionable insights that will help you improve the effectiveness of your learning programs.
Attend the live webinar to learn how to:
- Monitor student progress and identify intervention opportunities
- Report on student activity and engagement within your courses
- Collect and visualize compliance data
- Assess “time spent” by your learners and instructors
- Analyze trends in the effectiveness of your learning programs
Harvard's network operations center (NOC) is a set of web applications and tools that offer transparency and push "self service" to customers in a secure, verified, and granular way.
RUNNING HEAD: CAREER PORTFOLIO 1
CAREER PORTFOLIO 10
Career Portfolio
CARD 405
Lakisha Riddick
Devry University
January 28, 2017
Table of Contents
- 4 -Statement of Authenticity
- 4 -Personal Mission Statement
- 4 -Elevator Speech
- 5 -Education Background
- 5 -Resume
- 7 -Professional Development and Training
- 7 -Awards and Accomplishments
- 7 -Volunteer History
- 9 -Professional Affiliation
- 9 -Career Path
- 9 -Work Samples
- 10 -Referees
Statement of Authenticity
This is to confirm that this is the portfolio of Lakisha S. Riddick It contains information detailing my education background, work experience and skills. This document should not be copied either in full or part without prior authority from Lakisha S.Riddick.Personal Mission Statement
To secure and maintain a demanding position where I can productively apply my strengths and knowledge of the Legal field in E-Discovery, Records Management,Litigation Support, and Computer Administration.management including physician contracting, utilization review, and quality assurance systems. I would also add to my skill set and achieve my Masters in Information Securities.
Elevator Speech
Resourceful associate with more than 15 years experience. Proven expertise in data management, customer service, office administration, medical records, Legal support, and organization while working for governments and corporations. Skilled in collaborating with all members of the organization to achieve objectives. Instrumental in streamlining and improving record filing processes, enhancing productivity and implementing tactical procedure implementation, compliance training. My goal is to become a valuable corporate asset by becoming a valueable asset to any orginazation mission statement .Education Background
Devry University, Charlotte NC
Bachelor of Science Computer Information Systems/Healthcare Systems Current Enrollment –June 2017
3.00 GPAResume
Lakisha S. Riddick
11459 Abbotswood Ct Uppermarlboro, M.d 20774 (803)389-9201
To maintain a position in a productive working environment, where I can continue to apply my strong knowledge of legal support in the E-discovery field, with a position as a Programmer Technican or as a Systems Administrator. the organization.
Devry University, Charlotte, NC
· Bachelor of Science in Computer Information Systems/Helathcare Systems -June 2017
Johns Hopkins University , Baltimore MD
· Courses completed -2004
Dates 12/2015 – Present CACI/SECWashington, DC
Programmer Technician II
· Apply knowledge of computer system principles, automated data processing functions, and metadata structures to develop solutions to user requirements
· Responsible for loading data into a Reccommind Dat ...
Is your organization ready to respond to an incident? More specifically, do you have the people, process, and technology in place that is required to cope with today's threats?
This webinar will provide practical steps on how to assess your organization's risks, threats, and current capabilities through a methodical and proven approach. From there, it will detail the people, process, and technology considerations when standing up or revitalizing an incident response (IR) program.
Specifically it will cover the four pillars of a modern IR function:
- Identify what must be protected
- Scope potential breach impact to the organization
- Define IR management capabilities
- Determine likely threats and their potential impact
Our featured speakers for this webinar will be:
- Ted Julian, Chief Marketing Officer, Co3 Systems
- Richard White, Solutions Principal, HP
Jon Murphy, National Practice Lead, AOS
Top 10 Trends for 2015 in Information Tech Risk Management
ITRM is more than merely security hardware and apps under the control of an overworked network admin. It is strategic and tactical process, technology, and people in various roles and levels working collaboratively to protect vital organizational assets like data, information, ability to delivery timely, and reputation. Organizations need continuous, current, Actionable InsightSM about probable sources of majorly impactful risks and threats. Then and only then are they adequately prepared to make the smartest investments in continuing education, process improvement, and procedures for the proper use of the right technology for their situation. This multi-media, interactive presentation will cover the current top trends for 2015 in ITRM and that Actionable InsightSM - what your organization can and should do about likely and impactful IT risks and vulnerabilities.
Meeting Federal Research Requirements for Data Management Plans, Public Acces...ICPSR
These slides cover evolving federal research requirements for sharing scientific data. Provided are updates on federal agency responses to the 2013 OSTP memo, guidance on data management plans, resources for data management and curation training for staff/researchers, and tips for evaluating public data-sharing services. ICPSR's public data-sharing service, openICPSR, is also presented. Recording of this presentation is here: https://www.youtube.com/watch?v=2_erMkASSv4&feature=youtu.be
PCI DSS Compliance and Security: Harmony or Discord?Lumension
An organization can be compliant and still experience a security breach – look no further than Heartland Payment Systems and RBS WorldPay. Both had achieved PCI DSS compliance, only to suffer massive data breaches that cost tens of millions of dollars. What is the difference between compliance and security? And how can organizations effectively move beyond PCI DSS compliance to ensure the security of personally identifiable information (PII)?
Managing IT Risk and Assessing VulnerabilityAIS Network
Presented at the ACCS Conference in March 2016. ACCS is the Association of Collegiate Computing Services of Virginia, it is IT types working for higher ed in Virginia.
Security concerns have changed IT jobs from providing services to our users to protecting users' data. The basics of how that change happened for us are described here.
Presented at NETC2015 in Big Sky, Montana.
Join Kaseya and guest cybersecurity expert from Kaspersky, Cynthia James, to hear how companies like Target, eBay, and Home Depot are losing data, and how you can protect your company from suffering the same fate.
• The latest cybersecurity threats and vectors putting organizations at risk
• How your organization can avoid falling victim to a data breach
• Additional strategies to secure your organization and its data
Microsoft Office 365 Security and Compliance UpdatesDavid J Rosenthal
If your business has legal, regulatory, and technical standards to meet for content security and data use, you're in the right place. You can also use Office 365 security and compliance features if your business has specific security requirements for controlling sensitive information. In this section, you can also find out how Office 365 uses encryption and other security technologies to protect your data.
This presentation will have been presenting you about my resume assignment one of book, The Complete Guide to Cybersecurity Risks and Controls. I've tried my best to create this presentation. Thank you
[Webinar Slides] 3 Steps to Organizing, Finding, and Governing Your InformationAIIM International
Learn how to apply policy and lifecycle management to clean up your data and gain pragmatic solutions for applying the power of record methodology so you can find, govern, and manage your data and information. Most importantly, you'll learn how to turn your information liability into the asset your organization needs and deserves.
PEARC17: ARCC Identity and Access Management, Security and related topics. Cy...Florence Hudson
This presentation explains the NSF EAGER #1650445 Cybersecurity Research Transition To Practice (TTP) Acceleration funded program led by Internet2, inviting researchers and practitioners of IT and cybersecurity to participate.
Model Attribute Check Company Auto PropertyCeline George
In Odoo, the multi-company feature allows you to manage multiple companies within a single Odoo database instance. Each company can have its own configurations while still sharing common resources such as products, customers, and suppliers.
Biological screening of herbal drugs: Introduction and Need for
Phyto-Pharmacological Screening, New Strategies for evaluating
Natural Products, In vitro evaluation techniques for Antioxidants, Antimicrobial and Anticancer drugs. In vivo evaluation techniques
for Anti-inflammatory, Antiulcer, Anticancer, Wound healing, Antidiabetic, Hepatoprotective, Cardio protective, Diuretics and
Antifertility, Toxicity studies as per OECD guidelines
Honest Reviews of Tim Han LMA Course Program.pptxtimhan337
Personal development courses are widely available today, with each one promising life-changing outcomes. Tim Han’s Life Mastery Achievers (LMA) Course has drawn a lot of interest. In addition to offering my frank assessment of Success Insider’s LMA Course, this piece examines the course’s effects via a variety of Tim Han LMA course reviews and Success Insider comments.
The Roman Empire A Historical Colossus.pdfkaushalkr1407
The Roman Empire, a vast and enduring power, stands as one of history's most remarkable civilizations, leaving an indelible imprint on the world. It emerged from the Roman Republic, transitioning into an imperial powerhouse under the leadership of Augustus Caesar in 27 BCE. This transformation marked the beginning of an era defined by unprecedented territorial expansion, architectural marvels, and profound cultural influence.
The empire's roots lie in the city of Rome, founded, according to legend, by Romulus in 753 BCE. Over centuries, Rome evolved from a small settlement to a formidable republic, characterized by a complex political system with elected officials and checks on power. However, internal strife, class conflicts, and military ambitions paved the way for the end of the Republic. Julius Caesar’s dictatorship and subsequent assassination in 44 BCE created a power vacuum, leading to a civil war. Octavian, later Augustus, emerged victorious, heralding the Roman Empire’s birth.
Under Augustus, the empire experienced the Pax Romana, a 200-year period of relative peace and stability. Augustus reformed the military, established efficient administrative systems, and initiated grand construction projects. The empire's borders expanded, encompassing territories from Britain to Egypt and from Spain to the Euphrates. Roman legions, renowned for their discipline and engineering prowess, secured and maintained these vast territories, building roads, fortifications, and cities that facilitated control and integration.
The Roman Empire’s society was hierarchical, with a rigid class system. At the top were the patricians, wealthy elites who held significant political power. Below them were the plebeians, free citizens with limited political influence, and the vast numbers of slaves who formed the backbone of the economy. The family unit was central, governed by the paterfamilias, the male head who held absolute authority.
Culturally, the Romans were eclectic, absorbing and adapting elements from the civilizations they encountered, particularly the Greeks. Roman art, literature, and philosophy reflected this synthesis, creating a rich cultural tapestry. Latin, the Roman language, became the lingua franca of the Western world, influencing numerous modern languages.
Roman architecture and engineering achievements were monumental. They perfected the arch, vault, and dome, constructing enduring structures like the Colosseum, Pantheon, and aqueducts. These engineering marvels not only showcased Roman ingenuity but also served practical purposes, from public entertainment to water supply.
The French Revolution, which began in 1789, was a period of radical social and political upheaval in France. It marked the decline of absolute monarchies, the rise of secular and democratic republics, and the eventual rise of Napoleon Bonaparte. This revolutionary period is crucial in understanding the transition from feudalism to modernity in Europe.
For more information, visit-www.vavaclasses.com
2024.06.01 Introducing a competency framework for languag learning materials ...Sandy Millin
http://sandymillin.wordpress.com/iateflwebinar2024
Published classroom materials form the basis of syllabuses, drive teacher professional development, and have a potentially huge influence on learners, teachers and education systems. All teachers also create their own materials, whether a few sentences on a blackboard, a highly-structured fully-realised online course, or anything in between. Despite this, the knowledge and skills needed to create effective language learning materials are rarely part of teacher training, and are mostly learnt by trial and error.
Knowledge and skills frameworks, generally called competency frameworks, for ELT teachers, trainers and managers have existed for a few years now. However, until I created one for my MA dissertation, there wasn’t one drawing together what we need to know and do to be able to effectively produce language learning materials.
This webinar will introduce you to my framework, highlighting the key competencies I identified from my research. It will also show how anybody involved in language teaching (any language, not just English!), teacher training, managing schools or developing language learning materials can benefit from using the framework.
Synthetic Fiber Construction in lab .pptxPavel ( NSTU)
Synthetic fiber production is a fascinating and complex field that blends chemistry, engineering, and environmental science. By understanding these aspects, students can gain a comprehensive view of synthetic fiber production, its impact on society and the environment, and the potential for future innovations. Synthetic fibers play a crucial role in modern society, impacting various aspects of daily life, industry, and the environment. ynthetic fibers are integral to modern life, offering a range of benefits from cost-effectiveness and versatility to innovative applications and performance characteristics. While they pose environmental challenges, ongoing research and development aim to create more sustainable and eco-friendly alternatives. Understanding the importance of synthetic fibers helps in appreciating their role in the economy, industry, and daily life, while also emphasizing the need for sustainable practices and innovation.
June 3, 2024 Anti-Semitism Letter Sent to MIT President Kornbluth and MIT Cor...Levi Shapiro
Letter from the Congress of the United States regarding Anti-Semitism sent June 3rd to MIT President Sally Kornbluth, MIT Corp Chair, Mark Gorenberg
Dear Dr. Kornbluth and Mr. Gorenberg,
The US House of Representatives is deeply concerned by ongoing and pervasive acts of antisemitic
harassment and intimidation at the Massachusetts Institute of Technology (MIT). Failing to act decisively to ensure a safe learning environment for all students would be a grave dereliction of your responsibilities as President of MIT and Chair of the MIT Corporation.
This Congress will not stand idly by and allow an environment hostile to Jewish students to persist. The House believes that your institution is in violation of Title VI of the Civil Rights Act, and the inability or
unwillingness to rectify this violation through action requires accountability.
Postsecondary education is a unique opportunity for students to learn and have their ideas and beliefs challenged. However, universities receiving hundreds of millions of federal funds annually have denied
students that opportunity and have been hijacked to become venues for the promotion of terrorism, antisemitic harassment and intimidation, unlawful encampments, and in some cases, assaults and riots.
The House of Representatives will not countenance the use of federal funds to indoctrinate students into hateful, antisemitic, anti-American supporters of terrorism. Investigations into campus antisemitism by the Committee on Education and the Workforce and the Committee on Ways and Means have been expanded into a Congress-wide probe across all relevant jurisdictions to address this national crisis. The undersigned Committees will conduct oversight into the use of federal funds at MIT and its learning environment under authorities granted to each Committee.
• The Committee on Education and the Workforce has been investigating your institution since December 7, 2023. The Committee has broad jurisdiction over postsecondary education, including its compliance with Title VI of the Civil Rights Act, campus safety concerns over disruptions to the learning environment, and the awarding of federal student aid under the Higher Education Act.
• The Committee on Oversight and Accountability is investigating the sources of funding and other support flowing to groups espousing pro-Hamas propaganda and engaged in antisemitic harassment and intimidation of students. The Committee on Oversight and Accountability is the principal oversight committee of the US House of Representatives and has broad authority to investigate “any matter” at “any time” under House Rule X.
• The Committee on Ways and Means has been investigating several universities since November 15, 2023, when the Committee held a hearing entitled From Ivory Towers to Dark Corners: Investigating the Nexus Between Antisemitism, Tax-Exempt Universities, and Terror Financing. The Committee followed the hearing with letters to those institutions on January 10, 202
June 3, 2024 Anti-Semitism Letter Sent to MIT President Kornbluth and MIT Cor...
Information security
1. Information Security – Everyone’s Responsibility
FAS IT Stakeholders Meeting | October 26, 2015
2. Higher Education is a target
“Universities are home to cutting-edge
research and emerging technology
patents; unfortunately, their networks are
large and porous.”
Reports/Fireeye2013 p13
High-Value data:
• Social Security numbers
• Credit card numbers
• Medical records
• Employee records
• Research
The scope:
14,724,405 records disclosed in
745 reported higher education
breaches since 2005.
Why?
• Up to $45 per credit card
number
• Up to $3 per Social Security
number
• Up to $50 per patient record
Peers:
• Stanford: 101,000 passwords
stolen
• MIT: Suffered DDoS and web
defacements in attack by
Anonymous
• University of Maryland:
309,000 SSNs stolen
Infrastructure:
At Ohio State: “They did find evidence that
the purpose of the unauthorized access was
to launch cyberattacks on online business
entities.”
3. So is Harvard
Harvard High-value Data
Social Security numbers: More than 2 million SSN’s
are stored at the University.
Credit card numbers: Over the past 12 months, 1.6M
credit card transactions were processed on behalf of 82
merchants at Harvard, representing approximately
$254M.
Employee records: Harvard maintains employee
records for more than 30,000 active faculty and staff.
Medical records
A single study at HMS included research on 1,360,908
Medicare claims records.
Research Data
• Commercial - Advanced Batteries
• Medical - Diabetes breakthroughs
• Defense - Flexible exo-skeleton
• Geo-Political - Ukrainian social media study
• High-Visibility - NFL concussion study
Attacks against Harvard’s network in
2014 were up 25% over 2013.
Malware activity detected in 2014
was up 50% from 2013.
LulzSec
Syrian
Electronic
Army
Reputational Attacks
Automated Attacks
4. FAS Endpoint Remediation Project
Overview Goals
By December 2015, over 4500 of the estimated 5500 endpoints in
the FAS, including all endpoints in priority departments and all
endpoints managed by HUIT, will be patched and those that are
laptops will be encrypted. We will leverage the awareness
campaign to attempt to reach the remaining, unmanaged systems.
Additionally FAS endpoints in priority departments will be regularly
scanned for Level 4 data.
• Ensure that software patching occurs automatically on FAS
endpoints.
• Ensure that Mac and Windows laptops in the FAS are encrypted.
• Ensure that computers in high risk departments are scanned for
Level 4 data automatically on a regular schedule.
• Establish best practice scanning measures/system evaluations.
Metrics
• 100% known FAS laptops encrypted (current
72%)
• 100% known FAS endpoints running Identity
Finder, AV software, and LANDesk/CASPER
(curr. 97%)
• 100% known FAS endpoints patched on
OS(current 75%)
• 100% endpoints in FAS high risk departments
scanned
2015 Project Timeline - Key Activities Mar Apr May Jun Jul Aug Sept Oct Nov Dec
I. Planning
a. Develop project overview and executive materials
b. Define HUIT and FAS teams and project
management
c. Present progress reports to Deans Smith and Kirwan
d. Quarterly goals review and course corrections
II. Patch – Encrypt – Scan
a. Complete inventory baseline for 21Priority
Departments
b. Set up tiered patching for 3 departments per month
c. Encrypt remaining laptops in 3 departments per
month
d. Emphasize user scanning though Identity Finder
e. Introduce system scanning for 3 departments per
month
5. FAS Endpoint Remediation Project
Security Activities for High Priority Units - 2015
1. Make sure all laptops are encrypted.
2. Make sure all users have up to date, software on their computers.
3. Schedule scan for Level 3 and Level 4 data. User then remediates.
4. Perform network backups of hard drives, on as many endpoints as reasonable.
6. FAS Endpoint Remediation Project
Priority Drive Factors
Endpoints and “High Risk” Units
Level 4 HRCI
Data
Health & Safety
Data
Level 3 Extra
Sensitive Data
Potential
Hacktivist Target
7. Patching - The Operating System (OS) is First and
Foremost, followed by the “Big 5”
We are aware that Central Apps require certain versions of Java and IE,
and will manage accordingly
FAS Endpoint Remediation Project
8. 19 FAS High Risk Units and Control Parameters
8
Department Security
Contact/Partner
Partner Role Data Type Business Owner Remediation
Target Month(s)
Technology
Refresh Month/#
ISO Tech
Accessible
Education Office
Lindsay Northup-
Moore
Accommodations
Administrator
personal medical/4 Sheila Petruccelli Sept 0 Lisa
Adaptive
Technology Group
Tanya Washburn Adaptive
Technology
Specialist
personal medical/4 Curtis Wilcox Nov 4 in FY16 Lisa
Admissions/Financ
ial Aid
Rick van Rice Director, IT for
College
Admissions and
Fin Aid
non-directory,
SSN/3,4
Vaughn Waters Sept-Dec Kerwin, led by
Tracy
Animal Resources Steve Niemi Director health safety
systems/target
Ara Tahmassian Sept 1 Lisa
Athletics Gerrie Mahoney Senior Associate
Director
student/3 Gerrie Mahoney Nov-Dec Sept/56 Kerwin & Lisa
Bureau Study
Counsel
Yishiuan Chin Dept Administrator Student/3, 4 TBD
College Deans
Office
Joan Rouse Associate Dean Level 3+
sensitive/Ad Board
Joan Rouse Oct 0 Kerwin
College
Institutional
Research
Scott Spurlock Manager, Data
Resources
research/3+ Karen Pearce Nov 6 Lisa
Development
Office
Nancy Conroy Director,
Development
Operations
Alumni, donor,
development Level
3+
Julie Broad, Rich
Ohlsten
Nov-Dec 200 in the Spring Steve
Economics Dept. Peter Brown Systems Manager human subject,
NBER, IRS/4
Belynda Bady Sept-Oct Fall/17; Winter/1;
Spring/4
Kerwin
EdLabs Nakisha Ertha Coordinator II human subject/4
and 5
Roland Fryer Dec N/A Lisa
Freshman Deans
Office
Brandon Edwards Department
Administrator,
Proctor
FERPA block/3+ Zak Gingo Oct 0 Lisa
Finance Shannon
Ingraham
Department
Administrator
SSN, institutional/4 Gail Pisapio
GSAS Winnie Keung Director, IS SSN, institutional/4 Winnie Keung Sept? Fall/25; Winter/1;
Spring/2
Lisa
9. 19 FAS High Risk Units and Control Parameters
9
GSAS Winnie Keung Director, IS SSN, institutional/4 Winnie Keung Sept? Fall/25; Winter/1;
Spring/2
Lisa
Harvard Student
Agencies
Patrick Scott, Mark
Ting
President (?) and
IT Director
Variety of student,
SSNs, vendor, and
other info
Jim McKellar (GM)
Lorraine Facella
(CFO)
Dec. N/A Steve
Human Resources Adriana Gallegos Dept
Administrator,
Communications
Manager
SSN, institutional/4 Chris Ciotti
Physical
Resources
Rick Schubert Systems
Administrator
Health safety,
access systems/3
Steve Robichaud,
Craig Bradford
Sept Fall/36; Winter/2 Lisa
Psychology
Priority s/b given
to the Weisz,
Hooker, and Nock
Labs due to highly
restricted
research.
Mark Gerstel Director of
Administration
Human
subject/Level 4
Mark Gerstel Aug-Sept FY16/12 Kerwin
Registrar Caroline Harvey Enrollment
Services
Coordinator
non-directory,
SSN/4
Mike Burke Nov Winter/14;
Spring/2
Lisa
Research
Administration
Shannon Sewards Director, IRB human subject/3,4 Pat Fitzgerald
(RA) Denise
Moody (IRB)
Sept Fall/6; Spring/5 Kerwin
SCRB Genevieve
Saphier
Associate Director,
Policy and
Compliance
human subject/4 Karen Barkow Sept-Oct Fall/30; Winter/2;
Spring/4
Lisa
Yard House offices
(Office of Student
Life)
Carina Myteveli Director, Housing
and Res Life
FERPA block/3+ Zak Gingo Oct Fall/3; Spring/3 Lisa
Departments completing full Security in a Box program in 2015 and 2016.
Remediation work underway
10. Summary of Remediation Efforts Underway in 10 Units
10
High Risk Unit # People # of Endpoints
# Laptops to
be Encrypted
# Endpoints
to be
Installed with
IF
# People Agreeing to System Patching
# Endpoints to
be Installed with
Connected
Psychology 145 130 25 67 All 97
Economics 109 160 25 62
Some - break into at least two categories:
staff and then faculty
91
SCRB 98 154 10 10 Most (staff for sure) 72
GSAS 68 79 6 5 All 18
Accessible
Education Office
6 7 2 0 All 9
Animal
Resources
25 30 1 0
Go with two groupings - LANDesk
controlled and user managed
L
Physical
Resources
75 92 11 5 All 29
Admissions/Finan
cial Aid
67 109 2 5 All 20
Harvard Student
Agencies
4 4 0 4 All 4
Research Admin. 9 8 0 1 All 4
TOTALS: 606 773 82 159 344
13. 1) Vision
13
1. Deliver applications and services
through greater maturity in ITIL, Agile,
Project Management, DevOps and
Cloud.
2. Organize ATS staff to align with the
needs of our partners/users and build a
skilled workforce by maximizing IT
Academy opportunities and building
communities of practice that focus on
continuous improvement of staff skills
and competencies.
3. Leverage oversight processes aligned
with the CIO Council Strategic Plan and
FAS and CA IT Plans to define roadmaps,
select projects and plan resources.
4. Create service delivery patterns for
purchased, developed and integrated
solutions.
Strategic Objectives Guiding Principles Key Performance Indicators
1. We support Agile and DevOps
principles.
2. We strive to become trusted partners
and build relationships through a
service mindset that emphasizes
accountability, collaboration and
empathy.
3. We are building an organization based
on the HUIT values that is a great place
to work.
4. Our work focuses on creating
repeatable, consistent and sustainable
best practices.
1. Mature adoption of ITIL, Agile, HUIT
PMO standards and DevOps processes,
and 75% of existing applications in the
Cloud.
2. Increased partner satisfaction for ATS
services and project delivery, more
rapid delivery of applications, and
decreased number of production
incidents and stabilization issues.
3. Oversight processes and tracking
systems in place to facilitate the
definition of roadmaps, project
selection and associated resource and
capacity management.
4. The existence of service delivery
patterns and complete ATS adoption of
those patterns for purchased,
developed and integrated solutions.
Rapidly and seamlessly deliver high quality administrative applications to faculty, students, staff and alumni that provide an excellent user
experience and further the mission of the University.
The Vision for Administrative Technology Services (ATS)
14. 2) Project and Service Modes
ATS manages an application portfolio through decisions to invest, tolerate,
replace or retire applications. In doing so, ATS provides three key
deliverables:
1. Implementation of new software solutions (custom and vendor-based)
2. Enhancement and maintenance of existing applications
3. Applications support
The majority of work in ATS is focused on projects to support the evolving
strategic objectives of HUIT’s business partners. At the same time, ATS also
has a firm commitment to maintain and support a large and diverse application
portfolio, aligning our work with HUIT Support Services and the ongoing
operational needs of our business partners.
To this end, ATS operates in a hybrid model, regularly switching the manner
and context of its work between two modalities: project and service delivery.
Within each modality, ATS adopts the standards and best practices articulated
internally within HUIT and externally within the software development industry.
14
15. 15
3) Impact of Embedded DevOps
# Impact
Enterprise
Applications
FAS, College &
Athletics
OPP Aurora
1 Embedded DevOps engineers M M M M
2
Common cloud services and
multi-tenancy
H H H H
3
Incorporation of Scaled Agile
Framework practices into the
establishment of infrastructure
H H M M
4
Embedded architects and the
establishment of standard
infrastructure patterns
H H H M
5
Defined integration
approaches for application
connectivity for the cloud
H H M M
6
QA automation and
deployment integration
H H M H
7
Automated, continuous
deployment and changes to
release management
H H H H
8
Defined and published
operational support models
M M M M
H = High / M = Medium / L = Low
