Duke ITAC - February 27, 2003 Minutes

DUKE ITAC - February 27, 2003 Minutes

Minutes: February 27, 2003

Attending: Mike Baptiste, Pakis Bessias, John Board, Ed Gomes (for Paul Conway), Dick Danner, Angel Dronsfield, Lou Rutledge (for Brian Eder), David Ferriero, Nevin Fouts, Tracy Futhey, Alfred Trozzo (for Paul Harrod), Billy Herndon, David Jamieson-Drake, Scott Lindroth, Roger Loyd, Greg McCarthy, Melissa Mills, Kyle Johnson (for Caroline Nisbet), George Oberlander, Lynne O'Brien, Mike Pickett, Rafael Rodriguez, Mike Russell, Molly Tamarkin, John Carbuccia (for Fred Westbrook), Steve Woody

Guests: Ginny Cake, Jen Vizas, Dan McCarriar, Chris Cramer

Call to order: Meeting called to order 4:04 pm.

I. Review of minutes and announcements

John Board is filling in for Robert Wolpert as meeting chair.

Ginny Cake reminds members that OIT is working on contracts with both Time Warner and Intrex for broadband services for Duke affiliates. There are two committees: one on how to convert existing customers, and one on how to notify potential customers of the service. Both committees are working toward an April 1 completion announcing new services and how to convert.

John Board: What are you using to identify those who are current users and what they need to do to switch?

Tracy Futhey: There could be two phases to this: 1) we identify current users and how to switch; 2) we announce to others how to sign up.

II. Portal planning update

Presented by Dan McCarriar
Related url: www.oit.duke.edu/portals

Tracy Futhey: Let me remind folks that the group has been meeting since the start of the year, but we held off convening with ITAC until other groups had completed their tasks.

Dan McCarriar: The document passed out defines what a portal is, and what a portal is not. Our first goal was to get our arms around the idea of what a portal is. We wanted to get an idea of what we think a portal is and then we looked around the industry to see what others think a portal is.

We classify portals as either vertical or horizontal. A horizontal portal is like Excite with a lot of information covering a lot of topics. A vertical portal is like Dr Koop. The data is more focused.

Some of the next steps after our definitions is to come up with what other universities are doing and see where our portal effort might shake out, or where we might start. Another effort is to identify constituent groups and the services we might offer. We are going to try to map out what services can be delivered to what groups. That might give us another idea for where we can start a pilot. That is the main product of this group: where can we implement a pilot for a portal.

Tracy Futhey: Mention other people in group.

Dan McCarriar: The team is Nevin Fouts, Paul Conway, John Diaz and Melissa Mills.

Tracy Futhey: We said the group will come up with a plan and a vision, in the beginning we said we will chart off an area to explore rather than create a working enterprise-wide portal.

Molly Tamarkin: Is one aspect of the portal going to be to let the user decide how much of a vertical or horizontal they want?

Dan McCarriar: We got into that in the paper.

John Board: Is it part of your mandate to calculate costs for doing it different ways?

Dan McCarriar: Yes. One thing we know is the closer you get to the midpoint (the intersection of vertical and horizontal) the more it costs. We will probably start out on the edges.

John Board: Do we know if we are for or against them [horizontal or vertical] yet?

Dan McCarriar: We are for doing it properly.

Melissa Mills: Rob Carter gave a talk on the enterprise directory. What he is doing there is what I consider a huge amount of work for this already. We already have all the expense of all the people accessing all the information, and we are trying to take the investment we already made by getting people more focused?

Tracy Futhey: One of the formal pieces we need is what will determine the success? We need to have some notion of how we decide if the experiment was worthwhile enough to continue or extend the piece.

David Jamieson-Drake: Does this pre-suppose that global sign-on is already built into the enterprise system because currently it is not.

Dan McCarriar: We are not focusing on that level of detail yet.

III. Networking committee update

Presented by Mike Baptiste

We spent the first few meetings going through recent building projects and learning how we can improve. OIT has a list of infrastructure and wiring standards, and we are going through that list now with a couple updates.

The committee felt it would be a good idea to have some guidelines for wiring different structures—labs, research facilities. An in addition to having recommended guidelines, we also felt we should have points to consider—things to think about when going through a building design with your designer.

John Board: When we met yesterday Bob Currier and Keith Gentry gave us a great presentation of the current health of our cabling and infrastructure. We are in good shape, but we need to pay attention. For example there are knobs we can turn up and down that will greatly affect our network bandwidth capacity—like file sharing.

Steve Woody: Is this only intended for on-campus buildings.

John Board: No. We learned that Duke has done a bad job with off-campus sites in the past.

IV. Academic site license recommendations

IITAC Academic Technology committee
Presented by Mike Pickett and Jen Vizas

Related URLs: http://www.duke.edu/~picke001/ITAC/sitesurvey.html

http://www.duke.edu/~picke001/ITAC/SiteLicense02-26-03.html

Mike Pickett: We came up with a site license plan in 1996, and if you have been with ITAC since then this will sound familiar. We have a lot of things out there that are site licensed like SAS and Dreamweaver, but we don’t get a lot of requests for general kinds of software like McAfee and others.

We have recommendations that we send out, but one thing we’ve found is that faculty don’t know where to go to get a site license for software important to them, and our folks don’t know how to handle it if faculty do make requests for software. So faculty will often go out and buy software they need in ones and twos. Often they just don’t want to fight the system so they will go out and buy it on their own.

The question is how do we create a well-defined process that people know about and will use?

Further, how do we set up a flagging system in procurement so they can say, “don’t buy from there, we have a discount here.”?

Third, how do we set up a committee to negotiate with vendors for the license? Do we get faculty involved? Sometimes that can be leveraged because vendors want exposure in the classroom.

Fourth, how to we get funding for this?

Jen Vizas: What we envision is expanding the current site license site to spell out differences between academic requirements and IT or staff requirements.

If you go down the academic path, a request would be submitted to an ATS committee and we would go out and gather information. Lab packs, conferences, what do you want us to do to handle these? What about other universities? What are they doing? Once we’ve gathered all that information we bring it back to ITAC and present it to either make the case or provide anecdotal information. We assume the decision would be binding unless some flag was raised. Then we would begin the negotiation process. Basically it would be on a case-by-case basis.

Molly Tamarkin: It might be helpful to know what might be available in other schools on campus.

Jen Vizas: One of the things we look at is historical data and who is using what.

Mike Baptiste: Even if the subcommittee turns something down, but the faculty or school goes for it anyway, we still need to list that so others can join in if they choose.

Mike Pickett: Some of the things we talked about are:

  • Is it a broad use software, does it have broad appeal?
  • Do we already have something else that does the same thing?
  • Is it cheap (could we cover all of campus for $10 more)?

Ed Gomes: This isn’t that different than how we conduct business now on the site license committee.

Mike Pickett: We want to piggyback as much as we can on the existing process, the only new thing is the ATS committee.

Ed Gomes: Who decides how a request gets redirected?

Roger Lloyd: The difference is the ATS committee has faculty on it.

Mike Pickett: Maybe we should go around to the finance departments and ask?

John Board: In the procurement card area I don’t think it will work, how will someone know there are 2,000 people out there buying Photoshop like I am?

John Board: Basically we left the funding model vague. It depends.

Tracy Futhey: We earmarked funds for this.

Molly Tamarkin: Giving information to business managers is good, but also give them to the systems administrators because they are often telling people where to go.

Melissa Mills: Should there be someone deciding if there is support out there for the software? I see a strategic need to get ahead of some things and seeding for it.

Kyle Johnson: How do we think about how to cross academic and operations? A lot of the applications we use [in operations] have academic value.

David Jamieson-Drake: I like what Ed tried to do by being proactive and trying to determine what will be needed. I wonder if there are other places where this is working well?

Jen Vizas: We did reach out and do research at other institutions, and they grapple with the same things we do.

Mike Baptisted: A lot of our vendors have us over a barrel because their software is so unique. It would help to have alternatives available.

V. DCMA and fair use issues

Presented by Dick Danner

Dick Danner: I am a university administrator and librarian, which makes me a member of two groups that are inherently risk averse when it comes to copyright. Yet, I strongly believe that people in the academy need to be prepared to push the limits of fair use in support of scholarship.

In shorthand what fair use does is to allow you to make incidental use and copies of information. There are four factors that are looked at if someone challenges your fair use right:

1. the purpose and character of the use, including whether such use is of a commercial nature or is for nonprofit educational purposes;

2. the nature of the copyrighted work;

3. the amount and substantiality of the portion used in relation to the copyrighted work as a whole; and

4. the effect of the use upon the potential market for or value of the copyrighted work.

The fact that a work is unpublished shall not itself bar a finding of fair use if such finding is made upon consideration of all the above factors.

In 1998 Congress passed the DMCA. As far as fair use goes the DMCA does not change the fair use provisions, but what it does for digital media is make it illegal for someone to circumvent a copyright protections mechanism. That means that copy-protected digital media cannot be legally copied even for fair use. Many publishers of digital media are putting copy protection schemes in the media they produce.

What are some alternatives to copyright or copy protection? For many creators full copyright might not be their first choice. They may want to encourage as much use of their work as possible. The RIAA and the MPAA obviously do not follow this thinking.

The irony of having digital media is that you can do such wonderful things and make copies and the downside is that you can also use the technology to stop or prevent copying.

VI. US Patriot Act

Presented by David Ferriero and Tracy Futhey

Uniting and Strengthening America by Providing Appropriate Tools Required to Intercept and Obstruct Terrorism (USA Patriot Act) is basically a rewrite of several dozen existing laws. Concerns for us include, student records release if approved by a judge, business records including library circulation records and histories—and there is a gag order that we are not allowed to talk about this. The way our circulation system [Duke library] works is that the link between the patron and the book is broken when the book is returned

. We do have backup systems and that is where we have some exposure.

Another area deals with ISP responsibilities. This allows folks to come in and demand where we have been looking on the Internet.

Proposed changes include penalties for violating the aforementioned gag order, seeing what we have been looking at—the content—as well as the sites we visited, and more.

Lynn O’Brien: What does a library staff member do if an FBI agent comes in and wants to see circulation records? Do we just do it?

[several members respond] NO!

Chris Cramer: It is definitely the case now that we can contact a lawyer. Before turning over info about someone’s library files. There is an argument that you can talk up the management chain because the charge is not to you it is to Duke.

David Ferriero: The best site on this topic is Cornell’s. They have done a good job spelling out the law and its implications.

George Oberlander: Is there anything that requires us to maintain or track records?

David Ferriero: No. There is nothing currently in the legislation to start creating files or start tracking behavior.

David Jamieson-Drake: They are requiring institutions to start tracking the behavior of foreign nationals.

Mike Baptiste: We are responsible for a lot of information passing over our networks. Is anyone in here ready for an FBI agent to come in and say, “I want some file?” The answer is, “No.” We couldn’t do that. But, if someone comes in and says, “I need this information I know you have the root password in an encrypted form, I want it now!” What do I do?

Tracy Futhey: We might want a follow up with Kate Hendricks about what her suggestions would be for these kinds of things.

Dan McCarriar: We used to get a letter that said if this happens this is the procedure.

Chris Cramer: We don’t have anything written down and we need something written down.

VII. Other business

Kyle Johnson: To comply with HIPAA we have to completely erase/format hard drives. I recently sent over some Macintosh computers to have this procedure done, and I was told they could not do it. Not because the technicians did not know how, but because they were not certified to work on Macintosh computers. If we’re going to be required to do this then we need to be certified to do this.