IFAS COMPUTER COORDINATORS
NOTES FROM September 11, 2003 REGULAR MEETING
A regular meeting of the ICC was held on Thursday, September 11th, 2003. The meeting was chaired and called to order by Steve Lasley, at 10:00 a.m. in the ICS Conference Room.
PRESENT: Fourteen members participated. Remote participants: Mike Armstrong, Jack Kramer, and Harry Trafford. On-site participants: David Ayers, David Bauldree, Jenny Brewer, Dennis Brown, Joe Hayden, Dwight Jesseman, Mike Kanofsky, Chris Leopold, Steve Lasley, Mark Ross, and John Sawyer. Someone signed in as "Wild Bill" from IT.
STREAMING AUDIO: available here
Bill Cope of IFAS IT Business Systems was welcomed to his first meeting. Helena Niblack from Ag Engineering participated after a long absence. We were very pleased they could make it.
Steve Lasley recapped IT events since our last meeting by reviewing the ICC homepage news list.
Steve Lasley noted that the ITPAC website now lists the ITPAC Policy Recommendations, including those from the August meeting. ITPAC endorsed the ICC recommendations passed at the ICC May and June meetings, as well as two more items that Dan Cromer raised.
Mike Kanofsky, Joe Hayden, Mark Ross, and other discussed the issue of controlling network access under UF AD for employees that basically wear two or more hats--i.e, work in more than a single department or location. It was noted that there will be an ICC-AD Subcommittee meeting on the 17th, beginning at 2PM in Entomology, Bldg. 970, Room 1014. More details on these AD issues can be discussed then.
Chris Leopold reported that he needs more time before his staff is ready to address certain security issues that have been under discussion (personal firewall use policy, assuring the "health" of network connected computers, router filters, etc.). It is hoped that the ICC will eventually develop an active Network Security subcommittee. Until someone steps up to fill the role of chairman of that committee, however, that important activity remains in limbo.
Chris Leopold also reported that there WILL BE some patch management solution forthcoming. He asked for input on what package met our needs and suggested that an agent-based solution may be preferable due to the distributed nature of our network. Two such packages are BigFix Patch Manager 3.0 and PatchLink Update 5.0. Mike Ross mentioned that he really needs something that can handle more that just Windows hotfixes, such as Office updates. One thing that is not completely clear is at what level this push is being made from, but the Soda Shoppe is definitely involved as is Kathy Bergsma, the UF Security manager.
Jack Kramer raised the issue that end user education and cooperation is a very important component in addition to the managed patching approach that we are seeking. The need for better end-user instruction materials on patching was mentioned. Responsibility issues were also discussed regarding desktop security.
There was some discussion on how to handle email attachments, including size limits and alternative methods for folks to distribute files (public folders or websites).
Chris Leopold outlined plans to implement GFI Mail Essentials as an anti-SPAM solution. He diagrammed the current and proposed relationships among the various mail servers. Mark Ross voiced his concern about any black-list solution, noting that his department depends on being reached by e-mail from legitimate sources around the world that might not necessarily have the most trustworthy ISP.
Dwight Jesseman made a motion that a recommendation be brought to ITPAC to remove all "gnv.ifas.ufl.edu" email addresses as of January 2004. As meeting time was short and the next ITPAC meeting will not be until December, Dwight's motion was tabled to be revisited at the next ICC meeting when a formal recommendation can be developed.
The meeting adjourned shortly after noon.