We’re now three weeks into LSCR’s reorganization, and things continue to move along. It seems like most people have gotten used to using their new email addresses for support, and the feedback I’ve gotten from customers has been positive. Internally, we’re still figuring out some of the coverage and escalation responsibilities. We’re doing fine with our current workload, but we anticipate a few glitches when things get busy at the start of the semester. We hope you’ll be patient with us as we work on our new procedures.
Next Wednesday, July 29, we’ll be getting our whole group together for a team-building exercise, which I think is an important thing to do at this point in our process. We’re forming a completely new teams, and need to get them to be as functional as our old teams were.
So, for the afternoon of 7/29, we’ll have only limited coverage for customer calls. We will have a skeleton crew available to handle emergencies; non-emergencies will likely be deferred to Thursday morning.
Let me know if this poses a problem for you or your department. Thanks for your continued support.
Last month, Susan Tobes of IST’s Technical Account Management (TAM) group announced that IST-TAM would be sponsoring one or two internship positions within TAM. I’m pleased to announce that Jeanette Robinson has been selected for one of the positions. She’ll be helping IST develop consistent Service Level Agreements and doing comparative analsyes for the services they offer. The internship is a 40% position, running through the end of April.
Jeanette is the head of our “Tilden” desktop support team, and also manages our Windows servers, among other responsibilities. While Jeanette’s LSCR time is reduced, Farnaz Stosik will be helping out with day-to-day management issues on the Tilden team, and we’ll be identifying other folks to assist with Windows server issues.
This is a great opportunity for Jeanette, and it will help us build a closer relationship with the TAM group and with IST in general.
Congratulations to Jeanette!
A customer forwarded this article from the New York Times, on new authentication mechanisms. The author is cheerleading a bit for “information cards” which would act a little like your ATM card; the idea would be that each computer would have a reader where you would insert your card and type in a PIN; after you’d done that, you’d have access to all of your sites.
Authentication can have three factors: something you are (fingerprint, retinal scan), something you have (your ATM card or these information cards), or something you know (your password or PIN). Security experts recommend two-factor authentication for important stuff; you use two-factor authentication when you go to the bank, insert your card and use your PIN. Two-factor authentication means that the password can be a lot simpler, because one of the other factors is acting as a second check.
However, two-factor authentication is not foolproof, either; there have been sophisticated ATM scams where thieves installed a magnetic stripe reader over the normal slot, with a video camera to record the user’s PIN as they type it. One of the things about information cards is that you may have to use them in untrusted environments; if you’re traveling and want to check your email, nothing will protect you from the hacked machine at the internet cafe where you put in your card.
On campus, IST is developing what they’re calling “second level authentication” which can be used for security-sensitive web-based applications. This would augment the security of your CalNet ID; for a sensitive application like HRMS, you would log in with your CalNet ID, but then also input a PIN using an on-screen keypad. This does not qualify as two-factor authentication, because both authentication tokens are “things you know,” but it should make those applications somewhat safer.
There is also a significant effort underway on campus and at UCOP to set up an “identity management” (IdM) system. IdM attempts to combine authentication (verifying who the person is) with authorization (verifying what the person should have the rights to access). Right now CalNet is basically an authentication system; each application which uses CalNet ID must maintain their own list of which CalNet IDs are allowed to access the application. IdM would provide a central place to store information about each user’s access rights, and also provide a way (through “federated identity management”) to communicate authorization to external entities, like UCOP or a third-party vendor. UC Davis recently did a pilot to see if GMail could provide email for students; in the pilot, students were able to use the UC Davis equivalent of a CalNet ID to log in to their UC Davis GMail account. Federated IdM has come a long way in the last year or two (mostly through the Shibboleth project), and I expect we’ll start to see many more of these kinds of arrangements.
Mary Wielski wrote an article this spring on Daylight Saving Time issues within CalAgenda. The issue mentioned in that article is coming back this month; because of the change to the dates of Daylight Saving Time, any repeating meetings which were created before December 29, 2006 are off by one hour in CalAgenda, for meetings scheduled between October 28 and November 4.
There is no way to automatically fix this issue, because the CalAgenda server doesn’t know what time period you originally intended to schedule the meeting for. So, make sure to check any standing meetings that have been in place since 2006 to see that the times are correct for this time frame. You may also want to look forward to 2008 and 2009 and check the same March and October time frames for accuracy.
