Duke ITAC - October 26, 2006 Minutes
DUKE ITAC - October 26, 2006 Minutes
October 26, 2006
Attendance sheet unavailable
Start time : 4:03
I. Review of Minutes and Announcements:
- Comings and goings:
Tracy Futhey: I’ll start with the goings.: Michael Gettes has decided he will seek his fortunes elsewhere after being with us for nearly four years. He will be here through the end of this calendar year.
On the good news side of things, there are two imminent arrivals: Nov. 1 Bob Price will join us as the director of Academic Services, under Julian Lombardi. Joining us in mid-November is Klara Jelinkova as director of Systems.
II. An introduction to and conversation with our new University Counsel, Pam Bernard - Data retention rules, federal guidelines, and other topics
John Board: We would like for our IT staff to be isolated from legal issues, but we know our staff is increasingly concerned about these issues. We’ve asked Pam to come for a general discussion about the legal frontier and how Duke copes with this dynamic environment.
Pam: Before I turn it over to Kate Hendrix, I want to thank you for having me here to meet you. I’m the new university counsel, I came in formally on July 1, and I’m very pleased to be here. I did want Kate Hendrix to talk about particular issues, things IT people and lawyers need to collaborate on closely. For me, one of the things I think is the biggest change in the information technology area as it relates to my field is that the days where we work independently are gone. Because of the importance of technology in our society, we’re going to find that technology increasingly impacts almost everything everyone does. Also, after 9/11 we now have security issues that are even more different. Privacy issues are more realized by the average person, and there are policy issues that aren’t just legal that can no longer be done in isolation. We would like to get to know you better, work with you more, and instead of us in isolation, make sure that we work together so we can come at this from the same vantage point. We are here to empower you, to help you understand what the legal issues are to help you do your jobs. The only thing we ask in return is that we be involved in the type of things you’re doing.
Kate is the person in our office who has generally worked with technology issues. One we’ve had facing us are changes to our federal court rules that will require us, as an institution, to know where we’re keeping data of all kinds, and will make it possible for us to put holds on data if it’s under investigation so it is not inadvertently destroyed. Kate is going to discuss what changes we see happening.
Kate: Back when I started practicing law more than 20 years ago, there came a point in a case where parties exchanged information, and you had paper files. Now we have not only email files, but records of when someone logged onto the Internet, cell phones, text messaging, etc. In litigation, parties have been feeling their way through how they’re going to deal with that. There have been some cases in the past several years where parties have tried to respond to requests and the party hasn’t really understood what kind of discovery was available, and the responding party has been sanctioned severely for failing to produce that information. That is one of the biggest concerns in this kind of situation. A couple of years ago we had a lawsuit in the health system where if a technician would make a mistake on paperwork, he would white it out. A plaintiff’s attorney said, “Look, you’re trying to alter documents.” I see this as the new white-out issue.
A couple of provisions: When we get into a lawsuit and get requests for electronic information, our responsibility is to give information reasonably accessible without undue burden or cost. One of our concerns is subpoenas for third party information. We’ve been concerned about if we have enough information. In some issues I’ve talked about this with Chris Cramer. As attorneys we don’t really understand what you guys do. We’re going to have to figure out where the line is drawn for undue burden or cost. One issue we have had to deal with is that we’ve got routine data processing systems so that we recycle our information every so often, and certain information will be deleted. The rules deal with that. They say if you lose potentially discoverable information as part of normal operations, a plaintiff can say we should have stopped our routine processes. Those are the key issues we’re going to be looking at, and I think we’ll need to start a group that really looks at these. These laws go into effect Dec. 1.
Pam: I know there is a push-pull. On the one hand, people want you to be able to retrieve things for disaster recovery, even if they don’t figure out they’ve pushed the wrong button a month later. On the other hand, as responsible managers of resources we have to think about what it makes sense to keep. Given the amount of volume, how much are we really going to keep, and what makes sense? If we’ve made no choices and have no programs about what we’re going to be deleting, we’re going to have everything. It’s going to be more costly to produce documents.
John Board: I didn’t hear anything in the new policies that require us to retain more information; this is purely documenting the procedures for what you do and don’t have.
Pam: The only exception is if someone issues a litigation and says we’re about to sue you, and we want you to suspend your normal write-over policies. But on a regular basis, we need to figure out what our routine policies are so we can show plaintiffs our policy to explain why something was deleted.
John Board: There are some schools whose archiving systems allow them to produce files from 5 years ago, and schools where on purpose they don’t back up emails.
Pam: We need to be thinking about not just email, but calendars. There are all kinds of things that are going through my head.
Robert Wolpert: You speak about data as if it were uniform, and of course they aren’t. Am I to understand that there are no obstacles to us having a policy, for example, that email backed up is deleted after two months institutionally?
Kate: Absolutely. We need to engage in policies that make the most sense for our institution.
Pam: One strategy plaintiff lawyers use in class-action type lawsuits is they send out enormously onerous discovery requests. It’s so overwhelming that defendants can’t defend it. If we position ourselves where we know that less is more, and we know where to find things, it’s a great position to say “no problem.”
Kate: The worst thing that could happen to us is we could get a request for electronic information we provided, and later on the plaintiff finds out there is something we didn’t produce.
Joseph Meyerowitz: I have a question about the less is more question: Do we make ourselves more of an attractive target by retaining data, more than just an issue of having to retain data?
Pam: Whatever we decide to keep or not keep should be deliberate. We should make deliberate decisions based on what our university needs. What hurts is when we just let anything go, and we have information available that doesn’t serve Duke’s purposes. I’m not saying we should hide things that might indicate we’re doing something wrong; if we’re doing something wrong we should fix that.
George Oberlander: Are there any requirements for retaining specific kinds of data?
Pam: Yes, grants and financial aid require retaining data, particularly in NIH and funding areas.
Question: There seem to be different requirements from public institutions and private institutions for sharing information.
Pam: Yes. I come from a public institution, and if I were to send an email that says, “Can you send me information on a particular issue?” my email and your reply would have to be printed and saved or put in a particular electronic file and put in data retention for seven years, and anyone who wanted it could come and ask for it. Private institutions are in much better positions for determining what they want to save.
Rafael Rodriquez: In this environment, there are a lot of things out there that aren’t university business, like personal email. One of the challenges is, how do you protect information from a university standpoint, versus what someone may be using that system for and gets tangled in? It seems like we’ll have to protect the university, not the individual.
Pam: Bingo. We may need to let employees know that incidental personal use of computing facilities is not prohibited, but that there may be consequences. If we got a discovery request, we may not be allowed to separate those out.
Kate: We had precisely that scenario. We got a third-party subpoena on a couple of employees’ email, and it was for personal emails, and we had to produce it.
Pam: And maybe as an employee, I should know that.
Guven Guzeldere: Is there any information on a national level on data retention practices at educational institutions? Do we know where Duke is situated, or do we have a target?
Pam: The answer is, I don’t know. I expect there is, but I’m not sure. One of the things I need to learn as your new lawyer is exactly what our retention policies are. I see my job as protecting our assets and protecting our autonomy. I am probably more attuned to helping Duke understand its risk, but I hope I also think, “I work here, and I’m sensitive to privacy.”
Kate: In the instance I described about the third-party subpoena, we made sure the employee’s attorney was aware of that request for information, and we provided all that information to their attorney, even though we were not obligated to do so.
John Board: We’ve talked about the “knock on the door” scenario. What should someone do if they get a knock on the door from a person with a badge?
Kate: We’ve had for several years a policy to call internal audit if that happens. That still applies.
Pam: And if you can’t get in touch with them, contact us.
Bob Newlin: I’m a network manager, and on the network I’ve got mail, financial aid data, all kinds of other stuff. I’m still backing up to tape, but I back it all up at once. How do we balance that with the idea that we need some things for different lengths of time?
Pam: My response would be that if that’s what we have to do as a business necessity, that’s what we have to do. But we lawyers have to know that, and people using our systems have to understand that things they are storing electronically may be discovered.
Tracy: To me, Bob, that is a classic case of the reason you are backing it up together is because it’s more efficient for you to do it that way, and the question is, do we save more by doing it efficiently, or do we lose more by discovering that we’ve been keeping a lot more around that is discoverable?
Robert Wolpert: Do you see a role for yourself as representing Duke and higher ed in talking with lawmakers, in judicial fora, etc., to promote the interests of higher ed?
Pam: I certainly have been in the past. I’m not sure that lawyers are always the most beloved messengers. I’m happy to always help a person in Congress understand something better. I also think it’s tremendously helpful when I or one of my lobbyists takes one of you to tell people about the issues. I’m never afraid to talk with congressmen or state legislators, but there’s something lost. We are involved through national groups to help these things quite a bit.
III. Networking at Duke - conversation with Kevin Miller - 802.11n, DHCP, running out of IP addresses, IPV6, WiMax, network security, monitoring wireless coverage, wireless multicast, wireless IPTV, options to use NLR, DNS and Stanford
Kevin Miller: First, we’ve been negotiating with our home broadband providers, and we’ve gotten some better rates. The Intrex rates went into effect last week. It required a six-month agreement, we sent an email to all our users, and we didn’t hear from any of our users that they didn’t want the cheaper rates. Time Warner did commit to doubling the uptime, so that will improve for most folks. The new rates aren’t yet in service, and we’re expecting a December time frame.
I want to talk a little about IP addressing, particularly the issue of running out of IP addresses. We have two blocks of addresses, as you can see a small portion is delegated out of that. The larger block of assigned addresses are those we think are actually machines on the network. The unallocated are those we don’t think are in active service. The free ones are those we can assign.
For the last two years we’ve been aggressively allocating addresses in more efficient blocks. Before two years ago, we’d assign 200 at a time, even if they only needed 10. We’ve assigned blocks more appropriate to use. We’re preparing to obtain 16,000 to 32,000 additional addresses that could be used on campus. We’ll be doing a little analysis on our current allocations. I know there are some blocks that for historical reasons don’t have much use or have only a few machines we can renumber to gain some space.
John Board: Do you have a sense of over-committed blocks?
Kevin: Engineering is the only case we know of. We do keep track. There was another block that was getting close and we bumped it up a little bit recently.
We had used private address space for things that don’t need an off-campus connection. For projectors, DDRs, and other facility systems that don’t require off-campus access we do that. We haven’t discussed private addressing for public systems. With wireless, we are using the DH3 pools, we have more than 20,000 machines registered on wireless, and the total space is probably 3,000 addresses.
Robert Wolpert: Would it be possible to move some dorms onto private address space? I guess that would prevent people from posting websites from their own rooms.
Kevin: We could. On the other hand, we need to think like commercial groups. We need to think that we can use projects as leverage to get additional address space.
Talking a little about DNS, we’ve been dong a lot of work recently trying to cleaning up the Duke.edu DNS because there’s a lot of history there. In the process we have been separating the DNS functions: one has been to provide the recursive DNS (Duke local) from the authoritative (local and worldwide). We’re seeing a surging demand; every email we receive has a lot of DNS demand, and we’re doing around 100 million queries a day. The other interesting thing to know is we have recently shared services with Stanford. That is much more beneficial for Stanford right now, because they don’t do a lot of third-level domains.
We’re now in our fourth generation of wireless access point deployment. We’ll probably be going to a fifth generation that will be capable of supporting 802.11n. Base standards: 802.11b is still used heavily, but because it operates in the same band as 802.11g, as usage declines, we might consider disabling it to reduce slowed speeds in shared airspace. 802.11g is widely used, and there’s a lot more bandwidth there. At the Computer Store, a lot of defaults go to “b”/”g” standard when “a” is $10 or $15 more.
John Board: The new access points do all three.
Kevin: Correct, all new deployments do all three.
Kevin: For 802.11n: The current expectation is 2008 ratification. We’re now seeing pre-n and “n-ready” products. In terms of the fifth-generation access points, those, as we start to deploy them probably next year, won’t have 802.11n capability, but it may be something to put in down the road to get a couple extra years of life out of them.
Multicast: that is something turned on in the current generation we’re deploying. It actually works as a true multicast. It’s been used in Hudson for some classes there. We’re interested in feedback; anything you do that works or doesn’t work we’d like to hear about it.
George Oberlander: Part of this conversion to fourth-generation implies certain parameters need to be systemwide.
Kevin: Yes, in particular, the preamble. The preamble configuration currently is effectively global, but the preamble has to be set across the board, we can’t change it for individual access points.
Another aspect of wireless is overall improvement of how we communicate and document. In some of the tools we have with new system we can get better data out of the system when we have a problem.
Robert Wolpert: Do you see WiMAX playing a role in the enxt couple of years? Will it affect our policies?
Kevin: The first WiMAX didn’t address mobile technologies. Now there’s WiMAX mobile. I’m not counting on WiMAX to provide anything we’re not providing with our wireless access points.
John Board: Do we know how we’re going to experiment with “n” internally as it becomes available?
Kevin: We don’t have any particular experiment plans, probably pick a location, upgrade, and analyze what kind of improvements we see. In general I’m interested in testing something as soon as we can get our hands on what is likely the final product.
Robert Wolpert: In my experience, 802.11b had considerably longer range than “g” and “a”, which has an effect on how densely you have to install. Do you know anything about “n” in this respect yet?
Kevin: I think the nominal range was 50 meters.
Mike Pickett: That does raise a question for access point density.
Kevin: With the new plan we are deploying many more access points per square foot than we have previously.
Tracy: We experimented with Belltower a year ago. The last I heard we found that we didn’t have to go quite as dense, but denser than the older configurations.
Kevin: Right. In some buildings we’re going denser because we need to cover outlying areas in public spaces.
Daron Gunn: As far as residential space, students put up their own access points.
Kevin: There are obvious concerns about students. We’re working to resolve the residential wireless access problem right now. It’s basically a funding issue, about coming up with the numbers and finding the funding. It’s equal or more than what we’ve done this past year, which is on the order of 1.2 million. One of the other problems we have had in res halls is rogue HPC servers. Most are caused by Linux boxes being plugged in backward, plugging the LAN into the LAN. We’re working on a feature on the switches to block that, so if it’s not coming from our server it will drop onto the floor.
Network authentication: Do we want to provide differentiated network profiles, access authorization, and possible influence of CALEA. The other use case is guest access and how to go about provisioning that.
Security: We see our role as providing infrastructure. We’re not providing policy. There’s a lot of possible infrastructure, firewalling, etc. Something we don’t have at all is a tool to assist with log file analysis of this type of stuff. As we’re installing the new core, we will have the possibility of a virtual firewall. We’re looking for feedback from you or others about what you need and what you’re for looking us to help facilitate.
Robert Wolpert: Anything with IPv6.
Kevin: I don’t see a driver for IPv6 right now. We’re reaching a point where it’s going to be v6 or something that addresses the problems in a completely different way.
Robert: What about guest access in general?
Kevin: As we get to new architecture, it should be easier to roll out. Once this work is settled down, this is the next thing to think about.
John Board: What is your time scale?
Kevin: By this time next year, we should have something for desktop.
NLR: There was post on IT@Duke with a few more details. Any NLR services can be delivered at Duke with relative ease. Raleigh to Atlanta is the most-used link because of things going on in the Triangle. The primary three services are WaveNet, which gives 10Gbps point to point, and is the most expensive. FrameNet is 1Gbps/10Gbps point to point. This is one I’m really excited about, it uses VLAN. It can do point to point or a multipoint approach. Pricing is based on distance but is much more reasonable. PacketNet is a 10GB nationwide IP backbone. Traffic is routed there automatically, and there is no cost.
VI. Other Business
John Board: It become clear that spam has gotten really worse very recently in the last few weeks. At Pratt, 84 percent of inbound messages were spam. This is a heads up that we plan to devote most of one of the next two meetings to this topic, probing into what various groups have been doing and what has been working better than others. If you have specific concerns or insights about spam, let me or Tracy or Mike know.