- Academics & Research
- Security & Privacy
- Accounts & Access
- Get Help
The project list contains the current work in progress. For more information about the projects, contact the project manager.
A La Carte Service Creation and Implementations
The goal of this project is to create and release several new end user computing services: Windows platform as a service, Mac platform as a service, MPrint platform as a service, iOS platform as a service, Engineering consulting and development as a service, Desktop Support consulting and development as a service. These new services are designed to meet campus needs with at-scale, flexible, and self-managed end user computing products and services in order to lower overall service cost and empower unit IT on focus differentiating technology.
Big Data Platform Expansion
Cavium is providing U-M with a hadoop cluster. A Hadoop cluster is a special type of computational cluster designed specifically for storing and analyzing huge amounts of unstructured data in a distributed computing environment. This project covers the installation of the hardware, connectivity and power, and the installation of hadoop.
BYOD Core Capabilities
This project is part of the Bring Your Own Device (BYOD) program. The BYOD trend on campus has been increasing and presents opportunities and challenges that need to be addressed in order to meet the evolving technology needs of faculty, staff and students. This project focuses on increasing faculty, staff, and student productivity by Enabling and optimizing core applications, such as printing and access to U-M storage, on personal devices.
Campus Wide WiFi Upgrade
The purpose of this project is to replace and/or enhance the Ann Arbor campus (excluding the Medical Campus) WiFi network so that there is a consistent, reliable, robust, and higher capacity WiFi network in university buildings. The project will upgrade a minimum of 15 million square feet of academic, student housing, and administrative buildings.
Cloud Decision Framework and Application Roadmap
This project will fulfill an important need in ITS, which is to assist service owners and service managers in identifying a cloud adoption strategy and a tactical migration plan for their applications. The project will also provide ITS executive leadership with a master cloud migration roadmap that includes timelines, captures application interdependencies, risks, and budget requirements.
M Cloud currently only supports enablement of Amazon AWS which includes:
- Access to Enterprise agreement (includes egress waiver)
- Optional shortcode billing
- Training opportunities and limited consulting
- Current Audience: Faculty, Staff and Students
Future Service Description/Scope:
M Cloud Azure v1 will target enable and integration of -
Microsoft Azure which includes:
- Access Provisioning and shortcode billing
- Azure AuthD/AuthZ (shibboleth integration for authentication),
- Security guardrails for accounts that house HIPAA data
- Initial Network Range Configuration with Optional VPN
- Current Audience: Faculty, Staff and Students? Alumni?NO
M Cloud GCP v1 will target enablement of Google Cloud Platform which includes:
- Enterprise agreement
Is there a process for Onboarding “projects” to EA if so we will want to do “project” creation
- Add script to only enable project creation for
Optional Shortcode Billing
- VPN included (revisit if it becomes larger issue, or talk to campus
Current Audience: Faculty, Staff and Students? Alumni?
M Cloud AWS v2 will target campus integrations which adds the following features to the current offering:
- Security best practices
- Shibboleth integration for account management
- Reporting: reports listing AMIs, public IPs, EC2 inventory, average spend, EC2 status checks, IIA security concerns, -
- VPN Connection report, etc.
- DNS Recommendations
- Network/VPC setup with optional VPN
- Security log retention through splunk
- Linux/Windows Managed AMI’s
DART ESB - Integration Layer Project
The DART team and its sponsors agree that a sound, sustainable, expandable, reusable data exchange hub to allow system of record data to be seamlessly exchanged with other systems is a long term strategy need as DART continues to evolve to meet the fundraising needs of the University.
In addition, a critical part of the ITS strategy to utilize cloud solutions requires integration tools that allow efficient data exchange between applications. Currently, ITS does not have the message queue or publish-subscribe tools this proposal satisfies.
The launch of DART in 2012 has largely satisfied the needs of the University fundraising business function. However, significant gaps remain. Additionally, other areas of the University that utilize alumni and donor data require specialized functionality not inherent in a fundraising system.
With the gaps noted above, the need for data integration is imminent. The DART team spent the better part of 1 ½ years building a data integration with Alumni Association’s Salesforce implementation. While the integration was built in a way that exchange of the minimum data components, significant problems are occurring due to its inefficient architecture. Current state problems are:
-Files are constructed in a fractured csv format, which is difficult to expand upon as data exchange needs grow.
-The increase in data scope along with the 2-way exchange resulted in several stress points and bottlenecks imposed on AAUM staff and introduced performance challenges for Salesforce.
-The creation of multiple files requires an exorbitant amount of manual staff time to process and is not sustainable.
-The current integration only serves data exchange between DART and Salesforce, and is not structured to be available for other systems data exchange. -Additional requests for data exchange are coming in from the College of Engineering and the Ross Business School, to name a few. The pent up demand for this information causes units to find less efficient methods for pulling data that lead to data stagnation and inaccuracies. This poses a risk to alumni and donor satisfaction when the university appears to be uncoordinated in its efforts
DB Security Hardening, Password Strength, Vaults
In the past two years DBA team, as a part of Database Security Hardening project:
- Deployed as proof-of-concept several Oracle security products, in particular key vault and audit vault,
- Implemented encryption for majority of critical databases hosting PPI or other sensitive information,
- Explored possibilities for deploying stronger passwords for ITS hosted databases, as well as mandatory password expiration.
The next step in the hardening database security is to:
- Productionize key vault and audit vault by working closely with the vendor (Oracle) to resolve current operational and general functionality issues these products have
- Deploy strong password policies for new and changed Oracle passwords
Develop CUI Compliance Strategy
Develop a controlled unclassified information (CUI) compliance strategy. Develop in partnership with University of Michigan Office of Research (UMOR), Michigan Medicine Compliance, Office of General Counsel (OGC), and Information Assurance a compliance program to support the university’s CUI compliance through the delivery of policy, process, security templates and training. Develop a CUI Public Cloud Strategy, and proof of concept, that maps out the technical and financial requirements including architecture, performance, roles and responsibilities, workflows, IT security controls, and costs. Includes collaboration with the implementation of Yottabyte Research Cloud (YBRC) for CUI Compliance and associated systems.
Develop Michigan IT Staff Development Program
Develop a new program to provide professional and skill development for all 2700 Michigan IT professionals.