ITS Technology Roundtable 11/14/23 Notes
Attendance:
- 30 remote attendees
- ~10 in-person attendees
Welcoming new Director of IT Systems Administration and Infrastructure Jesse Chiem
Campus Technology Deployments
- Okta Expansion
- Goal to provide consistent user experience.
- ITS to implement MFA (Multi-Factor Authorization) on additional systems.
- MFA is mandated by state regulations, insurance requirements, is considered a basic security necessity and helps reduce risk.
- Microsoft 365 login will be behind MFA. This will not change the frequency of the need to login. Logging in will be the way it is now, but require another factor – like providing a temporary code.
- Google being tested for MFA, the rollout for student accounts are being carefully planned for accessibility.. ITS will provide details once finalized..
- Highline ctcLink will be able to be accessed when Highline credentials are logged into, rather than having to log in separately.
- Goal: All services will be under Highline’s one authentication system, no more needing to login to each system (known as Single Sign On).
- Microsoft Teams Phones
- Moving the Highline phone system to Teams (this kind of phones are sometimes referred to as ‘soft phones’).
- The project will take up to a year before it is fully complete, due to the complex logistics of keeping all campus phones operational during the transition.
- The process of piloting and testing has been underway since at least Spring, and continues to do so throughout the process.
- IT Services benefits:
- Modernizes the phone system and movesthe system into our cloud infrastructure, making it easier to manage and more secure.
- Expected long-term cost savings.
- User benefits:
- Ability to access your campus phone using any device connected to the internet, whether on campus or remotely.
- Voicemail messages are automatically transcribed and sent to you via a private Teams chat channel.
- Updating and modernizing call flow/routing to department teams to better service our students.
- Security codes will no longer be needed to make long-distance calls.
- Phone numbers and extensions will not be changing. You get to keep your number.
- Department/team shared phone numbers will also be kept.
- The current phones in classrooms and shared spaces will remain.
- Any questions about the migration, project status, or interest in becoming an early adopter of the new technology can email the Teams Phones Project Leaders, Ed Richards or Don Sagmo.
ITS Security
- Email Security is managed by Domain Based Message Authentication Reporting (DMARC)
- DMARC is a standard email authorization method designed to help mail administrators prevent cybercriminals from spoofing their organization and domain by enforcing protocols which determine whether an incoming email is legitimate or not.
- Prevents fraudulent emails from being sent out pretending to be from Highline employees (called ‘Spoofing’).
- Highline ITS utilizes filters which quarantine and outright block to reduce spam and illegitimate messages such as phishing, spoofed messages and malicious emails from coming in.
- ITS Security Awareness Training (sent out on Mondays) is designed to help employees build good IT security habits, security awareness, and learn how to spot potential real world cyber threats that the campus receives every day.
- As part of this training, there are 10 ‘Phishing’ emails sent out by ITS as exercises for users, to test the knowledge they have been given in the training. If a suspicious email is found, report it using the “Report Message” button. An automatic response from HelpDesk will let the user know if it was one of the exercises.
- These drills are not malicious. If someone falls for the email security drill, a remedial lesson will be assigned to help the user improve their IT security habits and hone their ability to spot threats.
- As part of this training, there are 10 ‘Phishing’ emails sent out by ITS as exercises for users, to test the knowledge they have been given in the training. If a suspicious email is found, report it using the “Report Message” button. An automatic response from HelpDesk will let the user know if it was one of the exercises.
- The process of protecting Highline from cyber threats is an ongoing process involving intricate infrastructure and constantly developing technology.
- All reported emails are reviewed by someone in ITS, and if they are found to be a legitimate concern, ITS can take action to help mitigate the risk. When emails are reported, they are also reported to Microsoft to help improve their filters and train their AI. These internal reviews allow ITS to quickly take actions should a prominent threat be found, learn about new tricks being used by cybercriminals. The training is updated to keep our institution prepared for threats seen most often and the more dangerous threats.
- DMARC is a standard email authorization method designed to help mail administrators prevent cybercriminals from spoofing their organization and domain by enforcing protocols which determine whether an incoming email is legitimate or not.
- Devices not owned by Highline should not be used for work purposes, as they often do not meet all the regulatory standards our institution is required to comply with, are not configured with the same security measures, may have malicious or information-stealing programs running, and are not protected by our security program.
Classroom/Lab Updates
- Windows 11 deployment in classrooms and labs is planned for Winter break in December 2023 for use in the Winter 2024 quarter.
- This includes all of campus, MaST, and the Federal Way Hub, and will require on-campus technicians to complete.
- Microsoft announced the end of life for Windows 10 and as a result, all Windows 10 systems must upgrade to Windows 11 by October 14, 2025.
- ITS began to deploy Windows 11 on new PC desktop replacements of faculty and staff beginning this past July.
- All eligible devices of faculty and staff will be provided the upgrade to Windows 11 by September 2024 through a scheduled upgrade.
- Many technology updates to buildings across campus in progress or upcoming
- Buildings 21, 23, 29 in progress
- Upgrading antiquated equipment
- Adding HyFlex to many areas, which supports a simultaneous, hybrid on-campus and remote learning environment.
- Upgraded technology includes HD cameras, microphones, TV screens, projection, touch pads, Wacom Tablets, docking stations (able to use teacher’s own laptop)
- Retaining whiteboard space to support teaching methods
- Building 7 upgrade project upcoming, no date set
- Buildings 21, 23, 29 in progress
- The upgrade to employee computers is also underway.
ITS News
- Highline MaST Center Aquarium new Underwater Camera for streaming
- Link to YouTube Channel here – Please like and subscribe!
- Besides fish, crabs, shrimps, and other animals, it’s also possible that you may see SCUBA divers swimming by and even marine mammals like seals and sea lions. The large schools of fish typically seen (often at night) are usually Tubersnouts or Shiner Perch.
- Installed with the help of Rus Higley and funding from the Mark Wynne Memorial Fund.
- Camera is under the pilings at the end of the pier facing south approximately 4’ from the bottom, and is lit from 7PM to 7AM.
- Goal: 24/7 streaming
- Fully housed, waterproof IP camera with a 10m cord connecting to the data network in an enclosure topside and the end of the pier on the northwest corner.
- Using Unistrut channel steel and a set of rollers, the rig can be raised and lowered with a wrench for regular cleanings (which is needed approximately once a week to prevent barnacle growth).
- Recently modified to stick into the ground to prevent shaking from wave energy.
- A streaming server has been installed in the Highline data closet which then pushes the feed to YouTube using Open Broadcast Service software.
- Jenny Olson (IT Customer Support Specialist) visited St. Charles, Illinois as Advisor to Highline’s ‘Women in Cybersecurity’ club for a competition November 5th, funded by the ASHC.
- The US Department of Energy’s Cyberforce Competition focuses on the importance of cybersecurity in a real-world scenario.
- For this year’s scenario, the main objective was to ensure smart meters and everything behind the scenes of those was kept operational.
- The team was responsible for securing the website and database it connected to along with ensuring the Active Directory Domain had the proper security policies in place. One aspect that makes this more realistic is the fact that they were given an infrastructure to fix instead of building one from scratch like how they are taught in class and were required to complete a C-Suite brief video with security documentation.
- Lastly, the actual day of competition consisted of capture the flag style anomalies and red team injections that related to how systems can be breached and what they could look like when that happens.
- Highline placed 30 out of 107 schools and the team came away with an abundance of new information and tools to get familiar with for next year’s competition along with networking with over 100 other schools from across the country and meeting with various companies offering internships.
- The US Department of Energy’s Cyberforce Competition focuses on the importance of cybersecurity in a real-world scenario.