ayoder

Forum Replies Created

Viewing 15 posts - 1 through 15 (of 15 total)
  • Author
    Posts
  • in reply to: UNM IT Project Management Standard #740
    ayoder
    Participant

    To echo Elisha’s feedback this is much clearer than the previous draft. Thanks for taking the time to revise it.

    in reply to: Printer Management Standard #699
    ayoder
    Participant

    Hi Ray,

    Thanks for responding. Services should be listed in the IT Service Catalog and the only mention of printing services is the PawPrints service. Is this Core UNM print service a new service? Has IT Applications been engaged about the new printing service for use with the Banner ERP? Some of the business units have processes dependent on printing and it would be great to have them migrated to the compliant Core UNM print service.

    We previously used the IT print servers but migrated off due to security concerns of them running on operating systems no longer supported by Microsoft.

    in reply to: Printer Management Standard #646
    ayoder
    Participant

    What is UNM IT’s policy when handling non-compliant printers if funds are not available to replace or implement additional security measures?

    Has the information in this standard been communicated to UNM vendors? We have called vendors on the current contract to come and update device firmware and they have told us their policy is to not update firmware unless there is a functionality issue with the device. (Ricoh and Xerox specifically) Also, for security requirements related to network attached devices, are UNM print management vendors aware of what will not satisfy the standard for a UNM printer? Are they instructed to follow institutional requirements as part of the contract when quoting a device?

    Is there a UNM IT offered printing service? Does it meet all the requirements of this standard? What are the costs associated with this service and where are those published? If UNM is currently offering print services for Managed Workstation customers or for use with the Banner ERP, are those systems compliant with this standard? Are OS X machines supported for the “UNM IT enterprise print server”?

    Installation, Warranty and Equipment Maintenance
    “Equipment Maintenance. Ensure that equipment is properly and routinely cleaned and maintained”
    For leased devices is this the responsibility of the vendor?

    Printer Equipment Set up and Security Section:
    “Vulnerabilities. Stay current on patches for known vulnerabilities related to installed printers”
    What is the scope of vulnerabilities? Firmware, Driver patches, workstation patches, server patches, etc.

    Usage Section:
    “Publish best practices for users of the printer”
    What best practices need to be defined for the printer in terms of compliance with this standard?

    Data Security Section:
    “Data in Transit. Encrypt documents in transit to and from printers (print jobs and scans) to prevent eavesdropping on printer traffic”
    Will best practices be published for how UNM Administration, Internal Audit, or UNM IT will determine if the printing solution implemented will satisfy compliance concerns.

    “Physical security. Ensure that output trays are in monitored spaces and that only the authorized user can release sensitive documents sent to the printer”
    What classifies as a “sensitive document”? Is print release being set as a requirement for all UNM owned printers? Have the data owners been notified about this requirement and addressed the concerns with printing services through the Banner ERP?

    “Use additional anti-counterfeiting solutions on printers that use special paper” 
    What constitutes an additional anti-counterfeiting solution? How will compliance be determined if enough additional anti-counterfeiting measures are not employed? For UNM official documents what is the minimum requirement to anti a document as genuine?

    Trouble-Shooting and Technical Escalation Support Section:
    “comply with Service Desk Standard for support of printers”
    Where is the service desk standard?

    “Ticket and track contacts made regarding printer, training or vendor support issues. Report on and use this information to improve support” 
    Is there a standard report format to follow for auditing and compliances purposes?

    in reply to: End User Device Support Standard #645
    ayoder
    Participant

    Will this standard apply to Virtual Desktops (VDI), Windows Embedded, or RT products?

    Responsibilities Section:
    Some of these standards say there will be a yearly review or “appropriate periodic review”. Will this standard be reviewed yearly?

    Compliance Section:
    “This standard has been developed, under and is subject to, all UNM policies”
    From UNM Policy 2560: “Draft standards will be developed by the IT Managers Council and then sent to the IT Agents Networking Group for review and comment.  The Networking Group will forward their comments to the IT Managers Council for consideration. The Council will publish the proposed standard on the CIO website and solicit comments from the campus.  The IT Managers Council will update the standard based on campus comment and submit it to the IT Cabinet for review.”

    “UNM Administration” needs to be defined. Which departments or offices are part of determining compliance.

    Installation, Warranty and Equipment Maintenance Section::
    “Ensure that equipment is properly and routinely cleaned and maintained”
    What criteria is UNM Administration, Internal Audit, and UNM IT using to evaluate whether equipment has been properly and routinely cleaned?

    Equipment Set up, Integration and, Security Section:
    There is a reference to best practices but none are listed on FastInfo. Also the 200 page document linked in this section has little relevance to the purpose of defining best practices. The only mention of best practices in this document is for Virtualiation, VOIP, Cloud Computing, and mobile devices.

    “Operating systems must be within manufactures product life cycle”
    What is the exceptions process for this? If there is a mission critical hardware device attached to that machine that is incompatible with updated product offerings?

    “Windows based operating systems must receive regular updates and patches through UNM IT Enterprise Update Servers (WSUS)”
    Are WSUS services available over UNM Wireless? Off site users? Also, there is not mention of an enterprise OS X update solution. What is the standard for updating UNM owned Apple devices? Is there a UNM repository for Linux/UNIX updates?

    “Use Enterprise grade deployment tools such as but not limited to Casper, SCCM, LanDesk, and Symantec Ghost to push, deploy or otherwise manage UNM SOE (Standard Operating Environment)”
    How does this affect departments who can’t use a tool like this due to cost, incompatibility issues, or it just doesn’t make sense to have a system that size for a smaller department? Some of these are very expensive systems and it does not make fiscal sense to force a department to purchase an “Enterprise grade deployment tool” to be compliant with the standard. Also, which agency determines if a deployment tool is “Enterprise grade”. Microsoft provides many deployment solutions at little/no cost but are these invalidated because they are not considered “Enterprise grade”?

    “All UNM owned devices must utilize Microsoft Active Directory (AD) authentication and be joined to either HEALTH or COLLEGES UNM domains.”
    For non-Windows/OS X devices do those have to be joined as well? Will Active Directory services be available over the UNM wireless? What security measures have been taken to encrypt communications of the UNM enterprise wireless network so that users can authenticate against the domain while on UNM property? What about users who have an assigned duty station not on a UNM network? Is UNM prepared to offer an off site solution for Active Directory authentication? What is the time frame for moving to that so departments can be compliant with the requirements of this standard?

    “Must use the UNM IT enterprise Key Management Server license (KMS)”
    What about users who work off site? Will the KMS server be adjusted to allow connections from outside UNMs network? Currently activations are pulled after 180 days and if a user has a UNM device at home and doesn’t touch the UNM network, the license is pulled from their machine. IT Software Distribution has been instructed to not give departments individual license keys which would activate a perpetual license on that device.

    Antivirus Section:
    “Must use the UNM IT enterprise managed solution”
    Is this a requirement for OS X machines? Also, for UNM owned devices that are running a non Windows/OS-X operating system, is there an antivirus client available for Linux/Unix based operating systems?

    Support Plan Section:
    “Ensure secure connection and advise on personal firewalls”
    What is a personal firewall? Is this a “Host-based firewall”?

    in reply to: Mobile Device Service SLA #430
    ayoder
    Participant

    3.2 What is the process for retrieving a mobile device that was purchased through UNM IT? If an employee leaves a position and the department refills that position, will we be able to retrieve the same device assigned to the position or are we required to purchase a new device every time?

    in reply to: Master Hardware Contracts SLA #429
    ayoder
    Participant

    2.1.1 Would like to see some avenue/process for future disruptive devices. For example, it became increasingly difficult to purchase Surface Pro devices due to additional layers of approvals/exemptions/etc. for what we as a department see as a standard mobile device. This could extend to devices used in the classroom or those used in business units for non-standard use cases. 

    3.1 When the Workstation contract expires, will UNM IT engage IT Agents about developing and reviewing an RFP for UNM Workstations?

    in reply to: Identity Management – Net ID SLA #428
    ayoder
    Participant

    3.1 “Student NetID accounts will be set to inactive (excluding Summer session) after three concurrent non-enrolled semesters” Do you mean consecutive? 

    in reply to: Email and Calendaring SLA #427
    ayoder
    Participant

    Will we see a separate SLA for OneDrive? Or is that considered part of O365/E-mail because of its integration in the catalog?

    2 Fees associated with this service are not listed in the Service Catalog

    2.1.1.1 Internet Explorer is listed as a compatible browser but is not supported in other Enterprise SLAs published as part of this review. (A-Z Directory)

    2.1.1.2 Why do users have to login through myUNM? Why can’t they go directly to lobomail.unm.edu?

    2.1.2 “UNM Information Technologies will NEVER intentionally request user credentials in an email” Can the word intentionally be taken out? 

    9 Really like this section going into detail about the available reports. Can we see this level of detail integrated to other forthcoming SLAs?

    in reply to: Networking – DNS SLA #424
    ayoder
    Participant

    6.3 What priority would be assigned to an incident where DNS is unavailable for users on the UNM network? Is this driven on number of people affected? If DNS is unavailable there are many other services/processes dependent on this service which could impair student, faculty, or staffs ability to interact with UNM services. This is not limited to users on campus but external users such as students who need to submit information for Financial Aid or Admission to the University. I would suggest some specialized language in this section for covering DNS resolution issues and how priority will be assigned in those cases (Escalation to Service Owner, etc.)

    in reply to: A to Z Department Listings #422
    ayoder
    Participant

    2.1.1 No line item for A-Z

    2.1.2 The service desk has instructed many of our users that if they are using a browser besides Internet Explorer on a UNM Windows machine that it is unsupported. Is Internet Explorer no longer support for enterprise applications by UNM IT? What is the new enterprise browser that is compatible with all UNM IT supported enterprise applications?

    2.2.1 “…can take multiple business days to complete” This needs to turn into a number.

    3.1 Is UNM IT able to provide reports on how many hits each A-Z entry is getting? Departments might be interested knowing how many people are clicking on their A-Z entries.

    5.1 Service desk hours are not listed on the support page, there is a link that leads to FastInfo on the support page

    in reply to: Datacenter – Colocation SLA #421
    ayoder
    Participant

    2 What happens if a department is working with an external contractor? What is the process for UNM IT when interacting with contractors hired to implement solutions for UNM?

    2.1 Community is misspelled also “physical compute servers”? Physical Servers?

    2.1 Is 10 gigabit networking available in the colocation space? Is there an additional charge? 

    2.1.1 “Request access to the Data Center via Help.UNM, with a minimum of one (1) business day prior to visit” What happens in the event of an Incident? 

    7 Maintenance Window for Colocation servers is not listed? 

    If UNM IT needs the change the regular maintenance window, they should generate a new SLA to make sure it meets the business requirements of UNM

    in reply to: Datacenter – Backup Services SLA #420
    ayoder
    Participant

    2 Backup fees are not listed in service catalog entry. Data storage pricing is listed, is there an additional charge for the “Backup Service” license fee? etc.

    http://it.unm.edu/servicecatalog/asset_list.php?type=2&a_id=128&dept=247&origin=az

    There are also no add ons lists in the service catalog entry

    2.1 Should this section be under 3.1?

    2.1.1 “Notify security@unm.edu of any compromises or breaches” Why is this not a Help.UNM ticket?

    2.1.2 “Backup client is not capable of backing up databases. Native database tools are required” What backup product doesn’t support this? Should UNM IT be evaluating new backup solutions?

    3.1 “Basic up/down system monitoring” does this include storage monitoring?

    4.1 Where is the maintenance window listed for the backup service?

    5.2 “Requests will be fulfilled within fifteen (15) days” What happens in the event of an emergency for a department? 15 days seems pretty generous for responding to a service request for this service. Exception process seems overly complex with too many approvals, sounds like by the time all the approvals and sign offs were obtained we would be at 15 days for a normal service request.

    in reply to: Datacenter – LoboCloud SLA #419
    ayoder
    Participant

    2.1 Should explicitly define OS versions. What if I want a Server 2016 VM but it isn’t considered a supported OS by this service?

    2.2.2 “Firewall request can take up to 72 hours” is this clock hours? Business hours? Should this be converted to days?

    What happens if 99.9% availability is not met? Are customers refunded for the time services were unavailable?

    3.1 Reference to a forum.unm.edu website that doesn’t exist

    7 There isn’t a Maintenance window line item for LoboCloud. Other hosting windows are advertised but LoboCloud is not listed. Availability webpage should match services listed in IT Service Catalog

    in reply to: Datacenter – Database Hosting SLA #418
    ayoder
    Participant

    I had a couple questions about this SLA. Seems like at one point there were discussions about offering up VMs through LoboCloud with standard configurations. For Example, Server 2012 R2 VM with SQL Server preinstalled and appropriate firewall rules in place. Is that still the direction UNM IT is looking at going? Would that fall under the LoboCloud SLA or the Database Hosting SLA? As Rooney mentioned if this is going to be a hosted VM then it sounds like some sort of tie in with the LoboCloud/Virtual Hosting SLA is needed.

    I disagree that supported versions of the DBMS’s should not be in the Service Catalog, when reviewing vendor solutions departments need to be able to see what versions of DBMS’s are supported in UNM’s infrastructure. This should be tracked in the Service Catalog and even potentially this SLA. UNM as a customer of these services needs to agree that the versions of DBMS’s UNM IT is supporting meet the business requirements of the University.

    2.1.1 Assuming this is talking about the supported DBMS’s, shouldn’t UNM IT Security already know about security gaps identified by the vendor? Or is this talking about the actual application that the Database is supporting?

    5.2 Exceptions to service request response times should be explicitly defined. “Week before Fall semester starts” etc. Different UNM Departments may have different business needs.

    in reply to: Department Web Hosting SLA #131
    ayoder
    Participant

    @tbui

    The Department Web Hosting page has a pricing section but not “additional storage options and costs”

    “Pricing

    • 256 MBs (Default) – Free
    • More than 256 MBs – Please contact IT at Help.UNM (http://help.unm.edu) for specific costs”

     

    Charges associated with services originating from an Enterprise SLA should be in one spot. “Go to service catalog” “Contact IT”

    There is nothing that talks about the estimated business impact ($$$) caused by a loss of the service. If students are unable to fill out documents for their financial aid or apply to UNM there is potential impact for the University.

     

    The maintenance windows need to be defined in the SLA so they are agreed upon between Customer (University of New Mexico) and the service provider. A new SLA should have to be signed if the service provider wishes to change the planned maintenance window to make sure the new time meets the requirements of the business. “UNM IT reserves the right to modify the maintenance window” should be removed. If the window needs to be modified, a new SLA needs to be generated, approved, and signed.

     

    3.3 UNM IT Strategic Advisory Committee gets no mention as they do in other SLAs for Customer Responsibilities In Support of the Service

     

    5.2 “Campus priorities may require exceptions during certain times of the Academic year”

    Certain times needs to translate into actual times. For example, during the first week of the fall/spring semester and the week prior. Customer (University of New Mexico) needs to accept these exceptions and make sure they meet the requirements of the business.

     

    Thank you Tuan for responding to all our feedback! 🙂

    • This reply was modified 8 years, 9 months ago by ayoder.
Viewing 15 posts - 1 through 15 (of 15 total)