1. Information Technology Strategic Planning Process: Dr. Hogue explained the need to develop overall goals and objectives in key areas of IT and to establish a cohesive strategy for completing these goals. It was hoped that the strategic plan could be completed by early February. A great deal of research was not needed because much of the information had already been gathered.
   
   Mr. Mullaney stated that the issue of student storage space should be considered. There was discussion regarding a University-wide solution for individual/student storage versus each academic unit providing its own.
   
   The University did not have systematic evidence of what faculty wanted with respect to course management software. It was suggested that a rolling IT plan, could include a rolling, polling evaluation process for Blackboard and other services. Currently, the institution lacked a customer-centric focus, and data was needed. Survey questionnaires were discussed. As part of the strategic plan, a focus group could be gathered to define important components that should be included in the survey before it is distributed.
   
   It was noted that an effective strategic plan was one with multiple faces for multiple constituencies. A student section would be helpful that focused on the “business of being a student” and addressed students’ singular needs.
   
   Dr. Bajjaly added that a strategic plan must establish a priority order. This was especially important given that technologies were changing and expectations were growing, but financial resources were shrinking. The strategic plan would be tied to the budget.
   
   Ms. Blaney emphasized the need to determine common ground upon which all constituencies could agree. The private sector used “cash is core” as its organizing principle to define core services. Things which generated revenue were core; all others were a tier below.
   
   Mr. Travis noted two motivations for changes: 1) making something easier, better, and/or cheaper, and 2) mandating something from upper management.
   
   The External Review Team had commented on the organization and use of the UITC. Some user groups were poorly represented on UITC, and better use of college/school IT committees could help. Ms. Blaney suggested that the Council could draft an IT strategy for the Administrative Council. It was noted that a good communications strategy to the University was lacking.
   
   Discussion ensued regarding the most productive model for UITC and its deliberative process. The group might be most effective as a body that scrutinizes summary budgets and ties to the strategic plan as well as one that sets priorities. Members should gather information from representatives in their home departments and feed that information into UITC. Better representation and involvement from local IT advisory committees would also be helpful. Accountability and engagement was discussed.
   
   Dr. Hogue thanked everyone for attending and declared the meeting adjourned.
   
   

University of South Carolina

University Information Technology Council (UITC)
November 17, 2003

The University Information Technology Council met on Monday, November 17, 2003, in Room 107-C of the Osborne Administration Building at 2:30 p.m.

Members present were: Ms. Barbara Blaney; Dr. Herbert F. Brown, III; Mr. Ken Corbett; Mr. Steven D. Hinckley; Ms. Jane M. Jameson; Dr. Douglas B. Meade; Dr. Philip D. Moore; Dr. Philip S. Moore; Dr. Dwayne E. Porter; Mr. Ernest Pringle; and Dr. Mark E. Tompkins.

The members absent were: Dr. Stephen Bajjaly; Ms. Mary Cordray; Dr. William J. Kettinger; Mr. William Morris; Mr. David Mullaney; Mr. Adam O’Teri; Ms. Manasi Sinha; Mr. Jason Trenary; Dr. Juan E. Vargas; and Dr. Philip D. Watson.

Ex-Officio members present were: Mr. Steve Adams, Ms. Alma Creighton, Ms. Lorie Edwards, and Mr. Troy A. Travis. Also present were: Dr. William F. Hogue, Ms. Susan Bridwell, Ms. Derlene Lowder, and Ms. Tammy P. Hyatt. Dr. Hogue called the meeting to order and thanked everyone for attending.

1. External Review of Information Technology at the University of South Carolina: Dr. Hogue said that three consultants had visited the University on October 15th and 16th and met with members of the Council of Academic Deans, the Administrative Council, and the UITC, as well as University faculty, staff, and students. (See Minutes of the September 15, 2003, UITC meeting for biographical information on the consultants - http://it.sc.edu/uitcmeeting2003.asp#sep15.)
   
   Dr. Hogue said that the consultants had concluded their overall assessment, and the University expected, as an outcome of the report, to initiate a planning process that would result in a rolling three-year strategic plan. The review included not only the Office of Information Technology, Computer Services (CS), and Distance Education & Instructional Support (DEIS), but it also included information technology (IT) from across the institution. The consultants examined if the University’s IT was aligned with its objectives, and they provided feedback which could lay the groundwork for the development of a strategic plan. The full report would be posted online before Thanksgiving after being presented to the Administrative Council, and the members of UITC were encouraged to read it at that time.
   
   Dr. Hogue then distributed a document of general observations on USC and its IT environment. It was written as a companion piece to provide introductory context for the External IT Review Team. (See http://www.it.sc.edu/oit/docs/itreviewintro.pdf ) The following issues were outlined: Funding, ERP, Security and Identity Management, Faculty Instructional Development and Support, Support for IT-intensive Research, Integrated Library System (ILS), Mobile Communications Environment, and the Web. The consultants addressed many of these issues in their final report.
   
   The review needed endorsement and engagement by the President, Provost, VP for Research, Chief Financial Officer, and many others, and the consultants said that the visit had been extremely well organized. They noted that substantial progress has been made in the last three years, but much work remained. The reviewers had the opportunity to meet with many people in a short period of time and picked up a clear sense of excitement and commitment to move the institution forward. The consultants produced a variety of observations and recommendations and made compelling arguments for the University to consider.
   
   Comments were made about additional staff for the Office of IT, and the consultants agreed that the President and Provost should endorse the notion that, for USC to move forward, University-wide IT standards must be established. An IT strategic planning process should be launched to clarify goals, priorities, and directions. Data existed from SACS, the Strategic Directions and Initiative Committee, strategic plans, and operational plans to help begin that process.
   
   The University must replace the administrative Enterprise Resource Planning (ERP) systems. High-performance computing capacity and other services must be established to support the research agenda; various models to accomplish this had been presented. Concern was expressed for the lack of a university-wide strategy for research computing.
   
   The consultants were pleased with the look and feel of USC’s web pages, but thought the University could do a better job of content management including linking information and processes to have a more integrated system.
   
   They heard many concerns regarding Blackboard and suggested reconsideration of this course management system. Dr. Hogue noted his distress at the lack of reliability of Blackboard; it was often difficult to determine if the problem was something the University could resolve or if Blackboard had used the University as a beta site for code that was not fully developed. It must be absolutely reliable if it is the one endorsed by the institution. Toward that end, Dr. Hogue had cancelled a meeting with Blackboard representatives refusing to attend another meeting until the University experienced one semester with no Blackboard issues.
   
   Dr. Hogue said that four and one half years before, the faculty had reviewed the major products that were available at that time and chose Blackboard. He noted that Blackboard had changed since then, and that it was time to reassess the market to either find a new product or determine how to get Blackboard where it needed to be.
   
   The consultants also suggested a review of the costs and benefits of synchronous delivery versus asynchronous delivery of distance applications, and they called for an examination of the cost and potential use of a digital reserve system for the library. Dr. Hogue added that a Request for Proposal (RFP) for an integrated library system should be completed before Christmas.
   
   Another suggestion was the use of student help to support IT applications and services on campus. There were some down sides to this issue, but the students were a relatively untapped resource at Carolina. The consultants had positive comments about the University’s networking and infrastructure, but it needed to have its 15 year old, single fiber network, updated.
   
   An “organic” network had developed where some portions were controlled centrally but other key components were owned and managed by individual colleges and departments. That kind of distributed control created problems, and the campus network needed to be cohesively managed with a consistent set of policies.
   
   USC should explore the cost-effectiveness of outsourcing its administrative data center functions: not everyone needed to have a computer room. The University should review other arrangements and either justify the current process or propose changes.
   
   The report by Gartner had been received. The University’s cost efficiency was compared, based on scale and not type, to other institutions and private entities. These included organization such as manufacturing. Carolina’s costs were low in comparison to the others.
   
   Responding to Dr. Tompkins question regarding selling computer time, Dr. Hogue said that state regulations prohibit the University from competing with the private sector if a private option exists.
   
   Dr. Hogue stated that priorities needed to be established. The metro wireless network had revealed changes in players and partnerships, and more collaboration was needed. VCM would change the way business was conducted: it would change what people would and would not support as well as what they expected in return for that support.
   
   The University must prepare for a large budget cut anticipated in July 2004. Although it appeared there would be no mid-year budget cut, it was no longer feasible to “nibble at the edges” of the budget to address the financial problems.
   
   There would be a great number of retirements and resignations beginning in the next few years, and the private sector may start trying to hire University employees. There were 28 really good staff in CS and DEIS who enrolled in the TERI program. Their departure would result in a loss of hundreds of years of experience.
   
   The President and Provost could be change agents. Provost Odom had stated his willingness to use his influence and credibility to make changes before returning to the faculty.
   
   Dr. Hogue stated he would present the report to the members of the Administrative Council later this same week and to the Council of Academic Deans during its subsequent meeting. He said that he would be looking to members of UITC and others to be active participants in the strategic planning process. Reconsideration of the composition and charter of UITC may be needed.
   
   Dr. Brown inquired about specific action items. Dr. Hogue explained that the strategic planning process was not an exact science, but it would involve network and infrastructure, learning technologies, research computing, administrative support, and organizational issues.
   
   May 1st was the target date for the strategic plan to be completed. Ideally, it would be a rolling three year plan. Some things need to be completed by then or at least started within six months.
   
   Dr. Tompkins questioned the status of the email situation, and Dr. Hogue responded that there had been a great deal of feedback regarding email. There were at least six email systems on campus that were not compatible. The University needed to coalesce around one system, and it needed the hardware, software, and personnel to maintain it.
   
   Discussion ensued regarding training for employees, requiring professional development, and IT related training. Ms. Jameson stated that there had been a dramatic decrease in professional development. This was because an increasing number of vacancies went unfilled, and the respective departments either prevented the remaining employees from missing work or could not afford to fund the professional development.
   
   Dr. Hogue added that Computer Services had reduced its training by moving away from instructor led classes and toward web based instruction.
   


2. Security Policy: Dr. Hogue anticipated a final draft of the proposed security policy from Ms. Wilkinson very soon. He agreed to forward the document to whomever requested a copy via email.
   
   Dr. Hogue thanked everyone for attending and declared the meeting adjourned.

University of South Carolina

University Information Technology Council (UITC)
September 15, 2003

The University Information Technology Council met on Monday, September 15, 2003. Members had been invited to meet at 2:30 p.m. in the lobby of the Computer Services Building. The group toured the Computer Room and received an update on telephony and networking infrastructures, desktop support services, and database storage.

The Council convened its business meeting in Auditorium 309 of the Computer Services Building at 3:45 p.m.

Members present were: Ms. Barbara Blaney; Dr. Herbert F. Brown, III; Mr. Ken Corbett; Ms. Jane M. Jameson; Dr. Douglas B. Meade; Dr. Philip D. Moore; Mr. David Mullaney; Mr. Ernest Pringle; Dr. Mark E. Tompkins; Dr. Juan E. Vargas; and Dr. Philip D. Watson.

The members absent were: Dr. Stephen Bajjaly; Ms. Mary Cordray; Mr. Steven D. Hinckley; Dr. William J. Kettinger; Mr. William Morris; Dr. Philip S. Moore; Mr. Adam O’Teri; Dr. Dwayne E. Porter; Ms. Manasi Sinha; and Mr. Jason Trenary.

Ex-Officio members present were: Ms. Lorie Edwards and Mr. Troy A. Travis. Ex-Officio members absent were: Mr. Steve Adams and Ms. Alma Creighton. Dr. William F. Hogue and Ms. Tammy P. Hyatt also attended.

Dr. Hogue called the meeting to order and thanked everyone for attending. Dr. Tompkins thanked Dr. Hogue for arranging the tour. Dr. Hogue expressed his appreciation to Ms. Edwards
and her staff, and he informed the Council that Dr. Tompkins had requested the opportunity to tour the Computer Room and learn about IT infrastructure.

1. Security and Privacy Issues and Strategies: Dr. Hogue said that the problems experienced earlier that morning with the GroupWise Mail system were due to a power outage from the previous day. It was a reminder of the complexity of the underlying infrastructure behind each desktop/laptop.
   
   Move-In Day could be described as a perfect storm because elements were in place for a very virulent virus to attack the University, which it did. Many students arrived on campus with infected computers. Several hours into the first day, brand new computers were being infected before the requisite patch could be downloaded.
   
   Dr. Hogue briefly addressed “push” technology whereby security patches, anti-virus software, etc., could be pushed to users’ equipment via central computing. The current process requires users to retrieve, or “pull,” patches and updates and install them. There were good and bad aspects to the “push” technology, and security was a major issue.
   
   Ms. Edwards said it was unrealistic to expect users to patch their systems daily. During the move-in process, students’ computers were checked for patches before they were allowed to log into the University’s network. Two thousand students were able to apply the patches without assistance. Ms. Edwards met with the President of Student Government to mobilize the 300 student organizations to assist in patching machines. As of this day, there were 1,200 computers that had not yet been patched. Dr. Hogue recognized Mr. Pringle’s efforts with the students, and Dr. Brown acknowledged the efforts of CS personnel to keep the network running during difficult times.
   
   A team of 10-12 people would be formed, and it would include members of UITC. The team would address issues such as: 1) how to authenticate users, especially those using wireless, 2) how to deal with users who spread viruses; (it only takes 15 infected machines to severely hinder the network), and 3) how to “push” upgrades to users. When the team makes a recommendation, it would be presented to UITC.
   
   Dr. Hogue said that work on the proposed Security Policy was continuing, and he hoped the draft would be ready within a few weeks. The philosophy was to move the policy forward and point it toward procedural areas that could be updated as experience was acquired. He urged the members to review the policy when it is presented.
   
   When the Administrative Council (AC) meets later in the week, Dr. Hogue would discuss the creation of an overarching security group. Security was much too important to trust to any one individual.
    
2. Wireless Network Project Status and Timeline for Implementation: Dr. Hogue said he expected the wireless network to be completed this academic year. Ms. Edwards added that many of the University’s colleges already had wireless capabilities, and the emergency call-boxes would be used as sites. The work was behind schedule, but it was hoped that it would still be completed in FY 2003-04. In response to a question by Mr. Pringle, it was explained that the current plan equipped the exterior of buildings for wireless, but no plan existed for the interior.
   
   There was discussion on how to disable wireless access in classrooms to prevent students from cheating during tests. Dr. Hogue suggested that he would invite people from the wireless project committee to the subsequent meeting of UITC to respond to such questions.
    
3. Enterprise Resource Planning (ERP) Update: This issue would also be presented to the AC later in the same week. Dr. Hogue asked the Gartner Group how to begin addressing the problem. Gartner suggested starting with a business readiness assessment to determine how ready the University was to replace its aging systems. Gartner looked at USC’s aspirant peers. Money was still a major issue, and Dr. Hogue wanted to call the question to the AC to determine whether to shelve it for another year or to move forward. He would tell the AC that there were four options: 1) do nothing - this would still require a fair amount of maintenance to the current system; 2) determine that for a specific number of years the University would not replace the system, but would instead intensify web based systems to put more power with the end users; 3) make a decision to begin ERP replacement process and commit to change the system, either completely or phased in over time by selecting specific aspects to be changed; or 4) outsource the issue so that it no longer would be USC's responsibility to upgrade and maintain the systems. These options were presented to the UITC for comment and input prior to the AC meeting.
   
   Discussion ensued regarding the responsibility for ERP: was it an IT issue or an HR/Business issue?
   
   Ms. Edwards interjected that if the University decided not to replace the legacy systems, the use of Social Security Numbers (SSNs) as identifiers must be addressed because the institution needed to discontinue that system. Computer Services would need to devote a tremendous number of man-hours to amend the current systems to stop using SSNs as identifiers. There were 63,000 instances of code that used SSNs; they would have to be rewritten. Ms. Blaney agreed and added that it was a current problem to maintain the security of students’ SSNs because faculty routinely post students’ SSNs online.
    
4. Projected Impacts of Possible Additional Budget Cuts: Dr. Hogue said this issue was like a dark cloud hovering overheard. The budgets of CS and DEIS were cuts in excess of $300,000 this year. There could be an additional cut to the Division of twice that amount, but there were too many variables to try to guess, at this time, what would happen. The only place left to cut the budget was through the elimination of positions. Help by UITC would be appreciated.
    
5. Preparations for External IT Review: The Washington Advisory Group (WAG) opined that it was prudent for the University to invite external consultants to campus to review IT. WAG was most concerned with determining if the University was providing everything needed for computational research. It was hoped that the external consultants would provide information on best practices. Dr. Hogue said no surprises were anticipated.
   
   The visit had been scheduled for October 15th and 16th. The Council of Academic Deans, the Administrative Council, UITC, faculty, staff, and students would be asked to participate.
   Dr. Hogue provided information on the three external consultants. James Bottum, Vice President for IT and CIO, Purdue University, would chair the Review Team. Mr. Bottum was previously the Executive Director of the National Center for Supercomputing Applications (NCSA) in Champaign, IL, from 1999-2001; he has substantial research computing experience.
   
   The second consultant would be Larry Conrad, the Associate Vice President for Technology Integration and CIO, Florida State University (FSU). Mr. Conrad is responsible for Academic Computing & Network Services, Administrative Information Systems, User Services,
   and Information Resource Management at FSU; he had been an active leader in Southeastern University Research Association (SURA) networking initiatives.
   
   The third consultant would be Edward Meachen, Associate Vice President of Learning and Information Technology and CIO, University of Wisconsin System. Dr. Meachen had previous experience as Director of libraries at two universities and as a university CIO; he would provide perspectives on faculty and instructional technology development, digital information strategies, integrated library systems, and course management systems (e.g., Blackboard).
    
6. Other Matters:
   
   
   • Dr. Moore said that Spam email continued to be a “hot” topic and asked the status of addressing the problem. Ms. Edwards replied that a resolution of the problem was under consideration, and it was hoped to have a filtering system installed during this semester.
      
   • Dr. Brown asked about the status of VCM. Dr. Hogue replied a campus-wide VCM committee met within the past few weeks. The committee consisted of two deans: Gerald Crawley and Jamal Rossi; two representatives from the Business Office: CFO Rick Kelly and Budget Director Bill Bragdon; two representatives from the Office of the Provost: Jerry Odom and John Olsgaard; and two faculty: Dr. Jim Augustine, Chair of the Faculty Senate and Dr. David Berube, Chair of the Faculty Senate Budget Committee.
     
     The big push was yet to come. There were still many unanswered questions, especially for service organizations, such as what would be considered “charge back” items and what were core services that should be taxed. The committee would adjudicate and resolved these issues.
      
   • Mr. Pringle asked what had happened to the proposal to purchase and use SmartStream to replace the legacy systems. Mr. Corbett replied that it had been an issue of incompatibility. Ms. Jameson added that there had been several mergers by the SmartStream organization and that many of the promises that had been made were not kept.
      
   • Mr. Mullaney asked the number of University personnel Dr. Hogue would like to have participate in the external IT review. Dr. Hogue explained that his concern was not with a specific number of people. He hoped to have participants who were interested in research: people who used computers or the network to further their scholarly research and activities. Dr. Hogue emphasized that wanted to make sure the research area was well represented.

   
   Dr. Hogue thanked everyone for attending and declared the meeting adjourned.

University of South Carolina

University Information Technology Council (UITC)
June 27, 2003

The University Information Technology Council met on Friday, June 27, 2003, at 10 a.m. in Room 107-C of the Osborne Administration Building.

Members present were: Ms. Barbara Blaney; Mr. Ken Corbett; Mr. Steven D. Hinckley; Dr. Douglas B. Meade; Mr. William Morris; Dr. Philip S. Moore; Mr. David Mullaney; Mr. Ernest Pringle; Dr. Mark E. Tompkins; and Dr. Philip D. Watson.

The members absent were: Dr. Stephen Bajjaly; Dr. Herbert F. Brown, III; Ms. Mary Cordray; Ms. Jane M. Jameson; Dr. William J. Kettinger; Dr. Philip D. Moore; Mr. Adam O’Teri; Dr. Dwayne E. Porter; Ms. Manasi Sinha; Mr. Jason Trenary; and Dr. Juan E. Vargas;

Ex-Officio members present were: Mr. Steve Adams and Mr. Troy A. Travis. Ex-Officio members absent were: Ms. Alma Creighton and Ms. Lorie Edwards. Dr. William F. Hogue, Mr. Jeff Farnham, Mr. David L. Ott, and Ms. Tammy P. Hyatt also attended.

Dr. Hogue called the meeting to order and thanked everyone for attending. He especially welcomed Mr. Farnham and Mr. Ott.

1. Columbia Regional Wi-Fi Initiative: Dr. Hogue said that he would have lunch with James Gambrell later this same day. During the luncheon, they would discuss ways in which to establish a comprehensive and coherent Wi-Fi presence that would extend over the University of South Carolina and the Columbia metropolitan area.
   
   The University needed to invest in IT on campus: in labs, offices, and student equipment. But investment in wireless would yield a greater return if it could be extended off campus.
   
   Vendor participation and a partnership with the City of Columbia could be of benefit to the University’s large, relatively affluent population beyond the campus perimeter. No model currently existed in a similarly sized city. There had been no opposition expressed, and it was hoped that the efforts by the City of Columbia and the University would be a catalyst to stimulate involvement by private entities. The next steps would include beginning communications with BellSouth, Intel, Cisco, and others.
   
   There was also much interest at the national level. People were interested in this WI-FI initiative because it could provide a test market of an open architecture that had no single vendor monopoly. That model would give consumers a variety of choices with the benefit of price competition.
    
2. Campus Wireless Buildout: The Network Support group had begun a “buildout” of campus wireless. A site survey would be completed to determine the access points needed to establish a wireless cloud. After external spots have been identified, it would then be determined how best to flow into internal wireless sites that already exist. It was hoped that implementation would occur by early 2004 although the public statement indicates sometime during FY 2003-04.
   
   Approval had been received from the University’s Division of Law Enforcement and Safety to use the existing Call Boxes, and Dr. Sorensen had voiced strong support of the WI-FI initiative and wireless on campus.
   
   When Network Support becomes comfortable with a plan, it would be shared with the members of UITC and the members of NetManagers.
   
   Mr. Ott said that many faculty want to prevent wireless access by students in classrooms in order to prevent cheating via Internet access and instant messaging. Dr. Hogue suggested that Dr. Tompkins determine how to address this concern by proposing to whom the issue should be given for resolution. Dr. Watson offered that the classrooms could set up to only allow access to a special browser that only links to one site. Mr. Adams offered to work with Dr. Watson and a representative from CS to determine the best practices at other institutions and to propose the next steps.
    
3. Washington Advisory Group (WAG) Visit and IT Recommendations: Dr. Hogue said the WAG had re-emerged on campus this week and met primarily in Osborne. The findings included the recommendation to have an overall blue-ribbon review of IT at the University by external consultants. It was anticipated that the review would occur around the mid-semester, fall 2003.
    
4.  Assessment: Dr. Hogue said this item was inter-related to ERP. He was working with representatives from Business and Finance to find accurate numbers on proposed costs.
   
   The University had contracted with Gartner to complete two assessments: one on the data center and one on telecommunications. Phil Moore and Derlene Lowder agreed to help. The University would be compared to ten other environments based on usage, people, efficiency, and effectiveness.
   
   Dr. Hogue had met with Gartner representatives and discussed a customer satisfaction survey that would ask how well USC delivers services and quality. The two also discussed
   questioning faculty’s needs to determine where they would like to see enhancements in services. This might be an opportunity to partner with graduate students.
   
   The UITC would be asked to help develop the charter to the external group, and the members should be prepared to propose the content of the group: national, regional, or local from private sector.
    
5. ERP: The University had initiated a conversation with Gartner to analyze ERP options. Jeff Farnham and Barbara Blaney worked very hard in fall 2002 to gather data. Gartner’s efforts would update these data.
    
6. VCM: There had been many questions about VCM and how it would affect IT and DEIS. The message from the higher levels of administration was that VCM would move in tandem this year. This would keep current budgets whole for this year, except for the amount cut by the General Assembly.
   
   The CFO would bring together the VCM Committee which would consist of: Provost Jerry Odom, Dean Gerald Crawley, Dean Jamal Rossi, Vice Provost John Olsgaard, CFO Rick Kelly, Budget Director Bill Bragdon, and Dr. David Berube, Chair of the Faculty Senate Budget Committee. This group would adjudicate and decide how the money would be divided.
   
   The dialogue would continue regarding what should be a “fee for service” item and what should be a “taxed” item.
    
7. Student Access to Computing: The statement that was initially drafted by the UITC had been presented to the Council of Academic Deans (CAD) in early May 2003, and the CAD made a few changes. The statement was presented to the Administrative Council (AC) on June 26, 2003, but they proposed no changes. It was now ready to be added to the appropriate student computing website.
   
   Dr. Hogue noted that the missing piece was the departmental requirements, but that should be added as the departments developed their criteria.
    
8. Distance Education Strategic Plan: The development of a strategic plan for University Distance Education was on Dr. Hogue’s To Do List for this summer.
    
9. Other Matters:
   
   1. Blackboard representatives would discuss a broad range of collaborative ideas such as e-marketing and bookstore on July 24, 2003. Helen Zeigler from the Business and Finance Office would join other representatives. Dr. Hogue encouraged the UITC to participate.
      
      There had also been some interest expressed in the University being host to several smaller institutions for the purpose of providing Blackboard.
       
   2. Dr. Hogue had met with Dean Paul Willis and Tom McNally to discuss the possibility of acquiring a new library system in the coming year. It would be a great use of some of the student technology money.
       
   3. On June 26, 2003, the Board of Trustees had approved an increase in the Student Technology Fee from $100 to $115/semester. Dr. Hogue had not specifically requested this change, but he was grateful for the increase because it would amount to several hundred thousand dollars to help student issues.
       
   4. Dr. Hogue congratulated Steve Hinkley who had been granted tenure by the Board of Trustees during its June meeting.
       
   5. Mr. Mullaney asked about e-commerce and the ability to receive conference fees online. Mr. Farnham responded that his area, Administrative Information Services, was attempting to find a product that would allow a mall-like environment. He added that they were approximately one or two weeks away from proposing a solution to offer to websites.
       
   6. Mr. Pringle inquired about the Supreme Court issue requiring filters on computers in public libraries. Mr. Hinkley explained that South Carolina had a law requiring filters, but that universities and colleges were specifically exempted.
       
   7.  Dr. Hogue had been asked to serve on a sub-committee to review the restructuring of state government.
       
   8. Ms. Blaney stated that she had been receiving an increasing number of inquiries regarding the use of Social Security Numbers as identifiers. She favored moving away from that system. Routinely, websites were found where faculty had posted students’ SSNs online. When that happens, Ms. Blaney informs the respective Dean.
      
      Dr. Hogue added that the issue was on his and the President’s radar. A decision must be made within the next six months to either move forward with ERP or identify the systems using SSNs and replace them.
       
   9. Dr. Meade said that there were an increasing number of transfer students from the Regional Campuses. He encouraged integration with the same software used by the Columbia campus to allow students to move within the University system more easily.

   
   Dr. Hogue explained that this was a difficult situation. It was important to remain faithful to the Palmetto College concept while realizing that the Deans at USC Columbia might oppose what that believe causes them to cross-subsidize their colleges’ budgets to fund the Regional Campuses. It has been the practice in the past, to allow each Campus’ Dean early visibility to software and explain what it would do and what it would cost. That method had proved helpful.
   
   Discussion ensued regarding how licensing of software differs greatly from one company to another. It was noted that the Regional Campuses do participate in the institutional-wide Microsoft license.
   
   Dr. Hogue encouraged members who had compelling interest in specific topics to join in on the respective discussions. He thanked everyone for attending and declared the meeting adjourned.



---

University of South Carolina

University Information Technology Council (UITC)
April 7, 2003

The University Information Technology Council met on Monday, April 7, 2003, at 3 p.m. in Room 107-C of the Osborne Administration Building.

Members present were: Dr. Stephen Bajjaly; Ms. Barbara Blaney; Dr. Herbert F. Brown, III; Mr. Ken Corbett; Ms. Jane M. Jameson; Mr. William Morris; Dr. Philip D. Moore; Mr. David Mullaney; Dr. Dwayne E. Porter; Mr. Ernest Pringle; Dr. Mark E. Tompkins; Dr. Juan E. Vargas; and Dr. Philip D. Watson.

The members absent were: Ms. Kimberly Bone; Ms. Mary Cordray; Mr. Steven D. Hinckley; Dr. William J. Kettinger; Dr. Douglas B. Meade; Dr. Philip S. Moore; Mr. Adam O’Teri; Ms. Manasi Sinha; and Mr. Jason Trenary.

Ex-Officio members present were: Mr. Steve Adams and Mr. Troy A. Travis. Ex-Officio members absent were: Ms. Alma Creighton and Ms. Lorie Edwards. Dr. William F. Hogue, Mr. Steve Graham, Mr. David L. Ott, Ms. Veronica Wilkinson, and Ms. Tammy P. Hyatt also attended.

Dr. Hogue called the meeting to order and thanked everyone for attending. He especially welcomed Mr. Graham, Mr. Ott, and Ms. Wilkinson.

1. Quick Updates:
   
   
   1. Summer Meeting Schedule: Dr. Hogue said his office would contact all members to schedule meetings in the summer. He suggested that the Council meet once in the month of June and once in the month of August.
       
   2. Student Ownership Recommendation: It was anticipated that the Student Ownership Recommendation would be adopted by the fall semester.
       
   3. Cellular/Wireless: A working group had been charted by Bill Hogue, Helen Zeigler, and Gene Luna to study cellular and wireless options for the University. The members were: Darryl Davis, Chair; Jim Curtis; Gretchen Koehler; Derlene Lowder; Venis Manigo; and Ella Wider.
      
      The group had taken a Request For Proposal (RFP) from another university and used it to draft one for the University of South Carolina. Major vendors would need to be identified who might want to partner with USC to saturate the main campus and consider the other campuses as well. If the RFP incorporated a five-mile radius, it would also include state agencies, city and county municipalities, the Vista, most students living off campus, Cayce, West Columbia, and the School of Medicine.
      
      Dr. Hogue would meet with the Deputy CIOs for the State of South Carolina soon, and he planned to reveal the possibility to them for discussion.
       
   4. Agenda for UITC Meeting on May 5: There was one primary issue for consideration at the subsequent meeting of the UITC: “Should the University of South Carolina move to a University-wide portal?” Nancy Hart and Chris Brown would make a presentation on the Blackboard portal, and they would also be working with the Registrar, Student Affairs, and other divisions, to consider possibilities.

   
   

2. IT Assessment Discussion: Dr. Hogue said he had received an email from Dr. Tompkins about the current allocation of IT resources that was very timely for this agenda item. He asked Dr. Tompkins to explain his concerns to the Council.
   
   Dr. Tompkins explained that many units billed students departmental fees. A large sum of money was collected, and it was often used to respond to the specific technological needs of the respective department. That process did not lend itself to proposals being submitted or cooperation among units. It was easier to support specific ideas than institution-wide issues. He questioned this practice of creating “silos” whereby units were funding their own resources without paying attention to institutional issues.
   
   It was noted that the usage of the Student Tech Fund, a portion of which is distributed to departments, would change when the University moves to Value Centered Management (VCM). Ms. Blaney said that another dilemma was that all classrooms did not offer the same technology. Large classes could not use the “Smart Classrooms” because they were smaller. Mr. Adams responded that there was a centralized effort to enhance classrooms set by the Faculty Committee on Instructional Development. He noted that 50 of the existing 240 classrooms had video capabilities, but DEIS was not responsible for including computers because they were added by the departments.
   
   Dr. Hogue suggested inviting someone from the Faculty Committee on Instructional Development to address classroom enhancements with the Council.
   
   Discussion continued regarding the positive aspects of having centralized processes for updating classroom facilities and meeting academic needs versus the downside of such centralization. Dr. Hogue asked how UITC could advance this discussion of greater communication and coordination across the University.
   
   Dr. Watson noted that there was a group at the University trying to acquire a grant from the Fullerton Foundation to improve the video communications between all of the campuses. It was important to improve collaboration between MUSC and the USC School of Medicine and to improve live instruction between the institutions. It was currently a problem to transmit between the USC School of Medicine and the Richland Medical Park campus. If successful, desktop to desktop communication would be available by the time the effort was finished.
   
   Dr. Hogue had received a URL to view the utilization at all of the labs at Penn State. The site also provided the percentage of utilization. This type of data would be helpful to users in determining whether or not to go to a lab and, from a management standpoint, to have real figures on which to base appropriate placement of resources. When this was discussed with the Network Managers, they expressed concern about “Big Brother” watching, but the technology did not measure what activities were taking place on the computers. Dr. Hogue would forward the URL to the Council members for their review.
   
   Dr. Hogue emphasized that assessment was important. He distributed a document for a subsequent discussion by the Council. There were many questions to be answered. They included: Was the educational experience enhanced by using IT? How were faculty using IT in teaching? Do USC’s graduates have IT literacy skills? How does USC compare to other institutions?
    
3. Security: Revision 13 of the proposed Security Policy was posted on the Computer Services website. Dr. Hogue would send the URL to the Council and encouraged feedback. He outlined the comments that he had heard about access to the telecommunications closets, network monitoring tools, and the exclusion of the other campuses in the policy.
   
   Dr. Hogue asked for volunteers to review these issues and reach consensus. No one volunteered.
    
4. Health Information Portability and Accountability Act (HIPAA): Mr. Graham addressed the issue of physical security with respect to HIPAA. When site visits were made to the White Clinic, the Speech and Hearing Center, and the School of Medicine, they were found to be severely lacking in such things as the locations of the personal computers, servers, and backup systems.
   
   The current policy that was proposed would help a great deal. The protection of student, faculty, and staff health information had become both a civil and criminal issue. Mr. Graham said he was available to walk through any area that requested his assistance to review physical security.
   
   There was discussion of the confidentiality of email. It was secure if it remained within the Groupwise system. Both the Groupwise client and its browser version were secure.
   
   Ms. Wilkinson discussed the vulnerability of the network. Tremendous progress had been made this year. Mr. Ott questioned if it were possible to offer access before the firewall so that guests to campus could access the web browser but not the network. Ms. Wilkinson replied affirmatively saying it currently existed in the Arena suites.
   
   Dr. Hogue suggested that all comments regarding the proposed security policy be sent directly to Ms. Wilkinson. He then reminded the members that a representative from the Faculty Committee on Instructional Development would be invited to the next UITC meeting and that the Council would also discuss portals at that time.
   
   He thanked everyone for attending and declared the meeting adjourned.



---

University of South Carolina
University Information Technology Council (UITC)

March 17, 2003

The University Information Technology Council met on Monday, March 17, 2003, at 3 p.m. in Room 107-C of the Osborne Administration Building.

Members present were: Ms. Barbara Blaney; Ms. Kimberly Bone; Mr. Ken Corbett; Ms. Mary Cordray; Mr. Steven D. Hinckley; Ms. Jane M. Jameson; Dr. Douglas B. Meade; Dr. Philip S. Moore; Mr. David Mullaney; Dr. Dwayne E. Porter; Mr. Ernest Pringle; Dr. Mark E. Tompkins; Dr. Juan E. Vargas; and Dr. Philip D. Watson.

The members absent were: Dr. Stephen Bajjaly; Dr. Herbert F. Brown, III; Dr. William J. Kettinger; Mr. William Morris; Dr. Philip D. Moore; Mr. Adam O’Teri; Ms. Manasi Sinha; and Mr. Jason Trenary.
Ex-Officio members present were: Ms. Lorie Edwards and Mr. Troy A. Travis. Ex-Officio members absent were: Mr. Steve Adams and Ms. Alma Creighton. Dr. William F. Hogue, Mr. David L. Ott, Ms. Nancy Hart, Ms. Veronica Wilkinson, Mr. Dan Gallagher, and Ms. Tammy P. Hyatt also attended.
Dr. Hogue called the meeting to order and thanked everyone for attending. He especially welcomed Mr. Ott, Ms. Hart, Ms. Wilkinson, and Mr. Gallagher.

1. IT Training Issues: Ms. Bone said that during the previous meeting, the Council outlined areas within the University in which UITC should focus attention. She then encouraged including IT training as one of those areas. The Council should consider how new employees initially receive their IT information.
   
   Dr. Hogue asked if it would be useful for the Council to receive a 15 minute presentation on the training that currently existed and what the delta was between it and what was actually needed. Dr. Brown had requested, via email, new initiatives for reduced cost IT training classes offered through New Horizons or other training agencies for the network manager-level employee.
   
   After discussion, it was agreed that the UITC would be provided background information regarding the comprehensive training opportunities which currently existed, to include Human Resources, Data Warehouse, OnDemand, etc.
    
2. Continued Review and Discussion of Proposed Security Policy: Dr. Hogue welcomed Ms. Wilkinson, IT Security Director, and Mr. Gallagher, Network Manager, and he asked them to describe their roles. Ms. Wilkinson explained that she was responsible for security issues such as firewall protection, encryptions, training issues, specific emergency situations, etc. Mr. Gallagher said that LAN/WAN (Local Area Network/Wide Area Network) maintained hardware, wireless, and everything related to the network.
   
   Dr. Hogue said that during the previous discussion, several areas were cited where greater explanation was requested. The areas were: 1) security organization at USC, 2) restricted access to telecommunications closets, 3) security education issues, 4) required tools, and 5) schedule of implementation of the policy.
   
   Dr. Watson stated that the draft policy was geared toward users and managers, but not to the unit administrators who should be responsible for maintaining physical security. Ms. Wilkinson directed his attention to Section II, paragraph F. 4., which read: “Overall security of a work area is the responsibility of the user and departmental management. Equipment that contains or accesses computing resources is required to be secured when the operator is absent or when the system is connected to a network.” Dr. Watson thanked Ms. Wilkinson for pointing out the paragraph.
   
   There was much discussion regarding security of rooms and the vulnerability of jacks in areas with liberal access, such as classrooms. Within the new policy, users would be required to authenticate to gain access to the network via any port or jack, but there was no provision for authenticating the hardware of the jack.
   
   Mr. Ott raised the issue of guests of the University having access. He was concerned that a difficult process to obtain authentication could prohibit guests on campus from having full access. He acknowledged the importance of security, but stated that he did not want the level of security to be obstructive to the work of the institution.
   
   Dr. Hogue directed attention to the draft policy before the Council. The draft needed to be presented to the Council of Academic Deans and to the Administrative Council before the end of the current semester. There had been several security breaches at other universities around the country, and the University of South Carolina needed to move forward on this issue.
   
   
   
   
   1. Security Organization at USC: The Council requested more information about the University Security Group referenced in the draft policy. Dr. Hogue explained that actually three groups had been proposed.
      
      The first group, “Security Managers Group,” would be composed of all of the security contacts for the departments and subnets. These technical people, would receive in-house security training and be certified as University Security Managers.
      
      The second group would be the members of the USC Security Department which reports, via Computer Services, to the CIO. Security Manager Certification or equivalent professional certifications would be required of all members. This group would monitor the network and identify situations, distribute information, procure tools, and intervene when necessary to maintain the security of the network.
      
      The third group would be called the “Security Advisory Council.” It would advise the Office of the CIO and the Security Department on appropriate strategic directions that need to be addressed. The group would be representative of the University community with individuals from the Registrar’s Office and Student Government (or Student Affairs), Human Resources (HR) and the Office of the General Counsel, Regional and Senior Campuses, Security Manager’s Group and UITC, and the Office of the CIO and the University IT Security Officer. It was anticipated that this group would meet infrequently and could become a sub-committee of UITC.
       
   2. Access to Telecommunications Closets: Dr. Hogue tabled the discussion on access to telecommunications closets.
       
   3. Security Education: Several proposals had been suggested by Ms. Wilkinson and Mr. Gallagher.
   
   
   
   1. Security awareness training could be required in orientation for new hires and in University 101 for new students.
      Ms. Jameson explained that there was a heavy demand placed on HR for additional material to be covered during orientation. She requested that this issue be handled via another channel. It was noted that University 101 focused on other areas of student training and might not favor adding this issue.
       
   2. A short course on copyright could be required of everyone.
       
   3. Employees could be required to sign a statement of responsibility or acceptable use annually.
      
      It was the consensus of the Council that all students and employees should be required to sign such a statement, but they felt that one time was sufficient unless technological changes warranted a new form. The Council also discussed the issue of guest accounts and the problems associated with them.
       
   4. IT Managers should be required to undergo in-house network management training and obtain a USC Network Manager Certification to insure a uniform level of knowledge.
       
   5. Security Managers should undergo in-house technical security training and obtain a USC Network Manager Certification.
       
   6. FERPA training should be provided for all people who deal with student data.
       
   7.  HIPAA training should be provided for all people who deal with medical data.

   
   
   Mr. Hinckley addressed the problems he had encountered when installing VPN (Virtual Private Network) on his personal computer at home. It took a while to resolve all of the issues between his computer and VPN: a secure, private, encrypted tunnel that allows access to the network. Mr. Hinckley cautioned that the problems he encountered would be replicated with others across campus and suggested that changes be implemented quickly and efficiently.
   
   

   4. Required Tools: It was proposed that the following tools be provided to users for no additional fee: VPN access, anti-virus software, personal firewall software, hard drive eraser tools or services, and vulnerability assessment tools or services.
       
   5.  Implementation Schedule: Dr. Hogue encouraged the members of UITC to provide comments regarding the proposed policy. He would collect the comments and wordsmith the policy before bringing it back to the Council.

   
   

3. IT Strategic Plan: Dr. Hogue explained that the strategic plan was due in ten days on March 28. He requested feedback regarding what the plan should include, and stated that it would impact UITC’s ability to make progress on specific items.
    
4. Updates: Dr. Hogue provided several reports to the Council.
   
   
   1. Visits with IBM, SAS, Sun Microsystems: On March 27 and 28, Dr. Hogue would visit IBM in Hawthorne, New York, with Provost Jerry Odom, Vice President for Research Harris Pastides, John Rose of Computer Science and Engineering, Michael Myrick of the NanoCenter, and Joe Johnson of Physics. The purpose of the meeting was to discuss potential partnerships, but he did not expect the discussion to be at a detail level during this visit.
      
      Discussions were ongoing with SAS and Sun Microsystems. It was anticipated that a subsequent meeting with representatives of SAS would occur, and at least one faculty member, maybe more, would be included.
      
      Sun Microsystems had contacted Dr. Hogue to schedule a meeting with two of their executives within the next month. This would be an administrative visit.
      Dr. Hogue agreed to provide Dr. Vargas with background information about the discussions with IBM, SAS, and Sun.
       
   2. Personnel Note: Mr. Travis would begin dividing his time between Columbia and USC Beaufort for the next six months in what was an exciting opportunity.
      
      USC Beaufort faced unique challenges associated with its move to 4-year status, receiving funding from both private sources and the lottery money, and building a new campus. Dr. Hogue emphasized that there were only three employees in the Office of Information Technology, and for the next six months there would only be two and one half. Mr. Travis was expected to be active in the Office of IT, as well as at USC Beaufort, maintaining his responsibilities.
       
   3. Heads-up on Proposed Telephone Rate Changes: Models for long distance rates were being carefully examined with the caveat that provisions would be made to insure the infrastructure would remain sound.
       
   4. Governor’s Technology Advisory Study Group: The Governor appointed a task force, chaired by Senator James H. Ritchie, Jr., of Spartanburg, to establish statutory language for the Office of the State CIO and its authority over state agencies. As it was currently drafted, the legislation exempted higher education, but it was anticipated that the state’s IT spending would be addressed.
      
      Dr. Hogue informed the Council that he had been asked to serve on this advisory group on behalf of the Governor’s Office.
       
   5. Other Matters: Dr. Hogue said he would not let the issue of student computing guidelines disappear. He would email its final iteration to the UITC for comments before forwarding it to the Provost.

   
   
   Dr. Vargas told the Council about an organization in which he was interested called Microsoft Academic Alliance. They specialized in assisting engineering schools as well as science and business schools. Dr. Vargas offered to forward their website, as well as contact information for one of their representatives, to Dr. Hogue and asked that he provide it to the members of UITC.
   
   Dr. Hogue thanked everyone for attending and declared the meeting adjourned.

 



---

University of South Carolina
University Information Technology Council (UITC)

February 17, 2003

The University Information Technology Council met on Monday, February 17, 2003, at 3 p.m. in Room 107-C of the Osborne Administration Building.

Members present were: Dr. Stephen Bajjaly; Ms. Barbara Blaney; Dr. Herbert F. Brown, III; Mr. Ken Corbett; Ms. Mary Cordray; Mr. Steven D. Hinckley; Dr. William J. Kettinger; Dr. Douglas B. Meade; Mr. David Mullaney; Dr. Dwayne E. Porter; Dr. Mark E. Tompkins; Mr. Jason Trenary; and Dr. Philip D. Watson.

The members absent were: Ms. Kimberly Bone; Ms. Jane M. Jameson; Mr. William Morris; Dr. Philip D. Moore; Dr. Philip S. Moore; Mr. Adam O’Teri; Mr. Ernest Pringle; Ms. Manasi Sinha; and Dr. Juan E. Vargas.

Ex-Officio members present were: Ms. Lorie Edwards and Mr. Troy A. Travis. Ex-Officio members absent were: Mr. Steve Adams and Ms. Alma Creighton. Dr. William F. Hogue, Ms. Judith Owens, and Ms. Tammy P. Hyatt also attended.

Dr. Hogue called the meeting to order and thanked everyone for attending. He explained that the order of the agenda would be changed to accommodate scheduling conflicts of several members who would be making presentations.

1. HIPAA Update: Mr. Travis explained that in 1996 Congress passed Public Law 104-151, the Health Insurance Portability and Accountability Act (HIPAA). University compliance with this federal initiative requires new privacy standards for medical information and security standards for electronic transactions. The federal legislation would affect the collection, storage, and disclosure of oral and written health information and the manner in which insurance coverage is billed and transacted.
   
   In October 2002, USC created a HIPAA Compliance Task Force to begin to oversee the activities taking place. Much work had begun, and the University’s Office of the General Counsel had been very engaged. The state established a HIPAA Office and a website located at: http://www.hipaa.state.sc.us.
   
   HIPAA required that any entity which dealt with insurance and/or health information maintain the privacy of that information. This would include billing for medical services and/or collecting individually identifiable health information.
   
   The Task Force had met three times and identified that the School of Medicine Practice Plan had its own Privacy Office and that the University had three other programs that must be HIPAA compliant. These three were: 1) the Thompson Student Health Center, 2) the Speech and Hearing Center within the Arnold School of Public Health, and 3) the Lancaster Campus. USC Aiken and USC Spartanburg believed that they were separate.
   
   Two federal deadlines had been established. The first would occur on April 14, 2003, and it required that appropriate administrative, technical, and physical safeguards be in place to protect health information, in both electronic and non-electronic forms. The second deadline would occur on October 14, 2003, and it involved the standardization of transactions and code sets that would be manipulated electronically as well as the security of this electronic data.
   
   A website for HIPAA information had been drafted, and the Task Force was reviewing best practices. The most salient point for the UITC was that security and/or privacy policies must comply with HIPAA requirements. Because technology is a major aspect of HIPAA, the members of UITC needed to be aware of these issues.
   
   Dr. Kettinger questioned using aggregated medical data, and Dr. Watson responded that after all personal identifiers were removed, the data could be used. Dr. Kettinger cautioned that efforts to comply with HIPAA not hinder the use of data. He asked that the data be scrubbed so that it could be used because it was an important component of research.
    
2. Access to Emergency Preparedness Information: Dr. Hogue reminded the UITC that during the terrorists’ attack on September 11, 2001, national communications were affected. On the University campuses, voice trunks were saturated. Among the things to learn from that experience was the need for a plan for heightened situations, i.e., military, hazardous weather, etc. Toward that end, he would form a small team, from a variety of constituencies, to put together a website of relevant information.
   
   The team could consider what behaviors should be recommended to the University community. From a telecommunications standpoint, Computer Services developed an extensive disaster preparedness plan, and making people aware of its summary document might be a starting point. The team might suggest such things as having all non-essential video and audio bandwidth terminated during emergency situations. It was noted that the University of South Carolina was at relatively low risk but still needed to be ready.
   Any member of UITC with interest was encouraged to email suggestions or his/her willingness to participate directly to Dr. Hogue.
    
3. User Survey. Washington Advisory Group (WAG) Conversation: Dr. Hogue had a conversation with Joe Wyatt of the Washington Advisory Group at the request of President Sorensen. Mr. Wyatt suggested that the University establish a complete inventory and also spend time with customers to determine what they would like to see in the next five years. Dr. Hogue said that an overall inventory would be established for infrastructure and support.
    
4. Budget Situation, Value Centered Management (VCM): Ms. Edwards said that the VCM Committee had met for over one year. Computer Services undertook to develop a model by which it could totally recover its costs. The entire budget would be divided between departments that would be billed for services.
   
   Computer Services included operating costs, personnel, etc., in developing its model. This had the added benefit of pointing out when priorities were not funded. There would be two types of categories: 1) those in which departments could decide to purchase, such as its number of phone lines and 2) those for which departments would be taxed based on their portion of the University-wide services, such as Internet. The information would be shared with UITC.
   
   Dr. Hogue said he anticipated that every year the deans would probably take him to task to justify the IT expenses. Monthly information-only invoices might be distributed which would impose no fee but would indicate the amount of services received during the month.
    
5. Draft Security Policy: Ms. Edwards briefed the Council saying that during the previous summer, an external consultant had been hired. The consultant had provided information regarding the need for better IT security at the University. A security policy was subsequently drafted.
   
   Ms. Edwards distributed a copy of the draft policy and outlined the points that would create the most change.
   
   Section A., paragraph 2, read:
   The Office of Information Technology has the authority to establish a set of requirements that must be met if equipment is to be connected to the University’s network. Also, machines housing sensitive data or providing Internet services must be certified as having met all security requirements by the University Security Group. See http://xxxxxxx/xxx
   
   This section would establish standards and would point to links with specific procedures. Section A., paragraph 5, read: “Access to Telecommunication rooms is restricted to personnel authorized by the University Security Group, and is regulated by published procedures. See http://xxxxxxx/xxx.” This section would restrict access to patch panel closets in an effort to make the network more stable. A method to certify someone might be established in order for that person to become authorized. Mr. Trenary added it was positive to limit access to authorized personnel, but it would negatively affect the custodians who often used the same closets as breakrooms and to store custodial supplies.
   
   There was concern regarding the University Security Group, its membership, and its charter.
   Section B., paragraph 1, read: “An encrypted channel or method is required for private access to internal systems.” This statement would prevent the use of PC Anywhere and other similar software packages from accessing the University’s network. VPN would provide secure external access. It was anticipated that VPN would be implemented for testing by the end of the current month. Ms. Cordray encouraged including the other campuses in the beta testing, and Ms. Edwards agreed to provide the information to the UITC for its members to participate.
   
   “Section C. Wireless Access,” would require specific regulations for wireless equipment on campus. “Section D. Authentication,” would require authentication across the University.
   
   Dr. Hogue added that much of the draft policy simply stated best practices. He said that the proposal kept the following issues separate: security, privacy as it related to IT, access, and responsible use, but brought them together under one policy. Discussion ensued regarding how best to group these areas. Dr. Hogue said he would email the url for George Tech as an example of an alternative method: one which listed responsibilities and rights. Dr. Kettinger suggested that instead of a restrictive issue interpretation, an integrated solution approach might be the best way to present it. Mr. Mullaney requested that a copy of the security policy be distributed to every member for consideration. The UITC would review the draft policy during its subsequent meeting and appropriate security personnel would be invited to attend.
    
6. Proposed Student Information Access Statement: Mr. Mullaney said that the proposed statement had been distributed to the full Council and all initial comments sent to him had been included in the latest draft. [See Exhibit A]
   
   Dr. Hogue questioned how students would access the information. The Division of Student Affairs might make fliers for distribution, and students might perform word searches on the Internet to take them to the appropriate website. Mr. Travis suggested that the title be more simple and straightforward, such as “Student Computing Requirements.” Dr. Watson offered that the title might also include the words “network access” and discussion continued regarding proposed changes.
   
   Dr. Hogue emphasized that this was a statement and not a policy. He wanted the Deans and Vice Presidents to be comfortable with its contents, and he stated he would pull the salient points from this day’s discussion and revise the draft.
   
   Dr. Hogue thanked everyone for attending and declared the meeting adjourned.


EXHIBIT A

STUDENT ACCESS TO COMPUTING RESOURCES

The University of South Carolina strongly recommends that every student own a personal computer and expects all students to have access to computing resources. Students report great benefit from computer ownership, and a recent USC survey reveals that approximately 90% of students living on campus own a computer. This figure is consistent with national surveys of college students.

For USC's general computer configuration recommendations, see Student IT. For additional computer recommendations or requirements that are specific to your major, please see Computer Ownership Guidelines by Academic Program.

The University of South Carolina uses contemporary telecommunications technologies to provide high performance network connections to information resources from offices, classrooms, labs, residence halls and common areas. Students accessing the USC network from off-campus report best results from high-speed Internet services such as cable modem or DSL. All students are entitled to use the campus network with no additional charge levied by the University.

The USC network provides access to information and facilitates communication. Examples of network-based IT services include academic advisement and registration, Internet access and email, chat rooms and personal, financial, academic, and technology-related data, online class assignments and lecture notes, syllabi and course management systems, meal cards and access to library materials, and personal entertainment and recreation. These services, along with discipline-specific applications, may also be available through computing labs and centers at USC. Policies and procedures for use of these facilities, including hours of operation, are determined by the respective computing lab or center.

Users are responsible for their actions and must be aware that access may be reduced or suspended as a consequence of misuse of the network. Please see Student Guidelines for Responsible Computing for more information on student computing policies at USC.

If you have questions about the University of South Carolina computing and networking environment, contact:



---

University of South Carolina
University Information Technology Council (UITC)

February 3, 2003

The University Information Technology Council met on Monday, February 3, 2003, at 3 p.m. in Room 107-C of the Osborne Administration Building.

Members present were: Ms. Barbara Blaney; Ms. Kimberly Bone; Dr. Herbert F. Brown, III; Mr. Ken Corbett; Ms. Mary Cordray; Mr. Steven D. Hinckley; Ms. Jane Jameson; Dr. Douglas B. Meade; Dr. Philip D. Moore; Dr. Philip S. Moore; Mr. David Mullaney; Mr. Ernest Pringle; Dr. Dwayne E. Porter; Dr. Mark E. Tompkins; and Dr. Philip D. Watson.

The members absent were: Dr. Stephen Bajjaly; Dr. William J. Kettinger; Mr. William Morris; Mr. Adam O’Teri; Ms. Manasi Sinha; Mr. Jason Trenary; and Dr. Juan E. Vargas.

Ex-Officio members present were: Mr. Steve Adams, Ms. Alma Creighton, Ms. Lorie Edwards, and Mr. Troy A. Travis. Dr. William F. Hogue, Mr. David L. Ott, and Ms. Tammy P. Hyatt also attended.

1. Call to Order: Dr. Hogue called the meeting to order and thanked everyone for attending. For the benefit of new members, he asked those present to introduce themselves.
    
2. College of Liberal Arts’ InfoTech 2003: Mr. Mullaney said the College of Liberal Arts would hold its annual InfoTech Conference in May with coordinated presentations to showcase IT around campus. The conference had grown from an internal event to one that was campus-wide with some vendor participation.
   
   Dr. Hogue said that InfoTech 2002 had been well attended and was lively. He encouraged every to consider making a presentation or at least to participate in the conference.
   
   Mr. Mullaney explained that the College of Liberal Arts would outsource the registration to Continuing Education. The College was considering ways to raise the funds to pay the costs associated with registration. One possibility was to charge the participants a small fee in exchange for incentives such as lunch or a copy of the presentation on CD/ROM.
   
   Last year, there were 410 participants and 80 presenters. This year, the plan was to reduce the number of presenters in order to showcase the very best.
    
3. Strategic Planning Process: Dr. Moore provided an update on the strategic planning process. The guidelines for academic units had been distributed. After the academic units respond, the administrative groups will review the responses to determine what they must do to assist the academic units.
   
   The deadline for submission by the academic units is February 28, and the deans must include IT needs, library needs, and DEIS needs, if any. The support units would need to submit their responses by March 28.
   
   Dr. Moore said his office had been working with representatives from Computer Services to develop an online submission form. It would enable each unit to complete a form and have its information appear in the following year’s form for accountability purposes.
   
    
4. Draft Statement Regarding IT Expectations for New and Returning Students: Mr. Mullaney said the draft IT statement was close to completion by the end of the previous semester. He distributed an updated version to the members. [See Exhibit A.]
   
   Dr. Hogue called for discussion of the proposed draft statement. He stated that he would call the question for approval of the policy at the February 17 UITC meeting. The final statement would be presented to the Provost.
   
   Mr. Mullaney outlined the changes that had been made, and discussion ensued on matters such as handicapped accessibility, an exception path, ownership of the webpage, differences in labs, repair of student hardware, and departmental statements on support.
   
   Dr. Hogue requested that the members submit their amendments to Mr. Mullaney by February 13, and that Mr. Mullaney distribute the final statement on February 14.
   
    
5. Meeting with Steering Committee: Dr. Hogue discussed with the members of the Steering Committee how to focus UITC and encourage specific, substantive action this year. The group agreed on the following:
   
   
   1. UITC functions best when it has specific topics and prefers better meeting preparation with materials mailed in advance.
       
   2. Use the Council as a vehicle to push toward greater coherence.
       
   3. UITC should be a conduit for issues, and it could be more effective if the broader picture translated to a general statement
       
   4. Policy advice would be helpful, either initiating new, or revising existing, policies.
       
   5. Use UITC to exchange information regarding best practices and to identify expertise in other departments.

   
   Mr. Mullaney added that the charter goal of UITC was to advise the CIO. If Dr. Hogue later requested that the Council assist in the development of a solution, that would be good but it was not required in order for UITC to be effective.




6. Report to Administrative Council’s (AC) Retreat: Dr. Hogue said that President Sorensen convened an administrative planning retreat on January 7, 2003. During the retreat, Dr. Hogue had presented IT priorities. He listed the priorities and requested that the UITC choose several to address.
   
   
   1. The Web: Recognize user/consumer demand for mass customization; continue web presence project; align further planning and development efforts with the Vice President for Advancement’s initiatives; and develop and link key web pages in multiple languages and make them an option. UITC could be involved in initiating a web portal project.
       
   2. Systematic IT Policy Revisions: Identify and enforce IT standards; develop training and certification procedures; review performance standards, including customer service expectations; and develop performance benchmarks.
       
   3. Security: Develop software and hardware certification procedures for network security.
       
   4. Prepare for “IT Snow Days”: Educause referred to it as “snow days” when there are massive outages/issues when the system is not responding or not responding quickly
       
   5. Cost Recovery Models: Analyze those that would enable additional telephone features of current switch. Recognize that 80% of students have cellphones, and explore partnerships with cellular telephone vendors.
       
   6. Continue to Deploy Wireless Network: Strengthen data networking and storage infrastructure.
       
   7. Seek Regulatory Relief: Support this endeavor in procurement and human resources.
       
   8. Develop Teaching and Learning Center
       
   9. Desktop Replacement: Life cycle replacement; CQI initiative for bundling orders.
       
   10. Stop-gap for ERP: Enhance data warehouse and other systems as a stop-gap. ERP must launch no later than July 2004, and the University must prepare.
        
   11. Strategic Plan for Distance Education: Develop a genuine strategic plan, including market analysis. Continue to develop capacity and processes to support online education.
        
   12. Research Computing Center: Develop research computing capability - Health Sciences Computing Center.
        
   13. Align with Educause and SURA: Determine who are developing best practices; USC should have a focus.
        
   14. Organize State Education Network: This should be in a more coherent format.
        
   15. Restructure: Anticipate what forms of organizational restructuring might be necessary with budget cuts, VCM, and outsourcing.
       

   
   Dr. Hogue called for comments from UTIC on the list of priorities. He encouraged the members to consider the priorities and determine with which ones the Council could begin working.
   
   Ms. Edwards said that with respect to security, a draft policy had been distributed to the members of UITC. Members who attended the Infrastructure Committee meeting on October 25 in the Computer Services Auditorium were briefed on the network and on security. The draft security policy had been mailed to the members of UITC who were unable to attend that meeting. Discussion ensued regarding the necessity of security certification for HIPAA compliance, for researchers receiving funding, and for units running their own servers. Many advantages were listed.
   
   Dr. Tompkins added that a database of those certified would