- Academics & Research
- Security & Privacy
- Accounts & Access
- Get Help
The project list contains the current work in progress. For more information about the projects, contact the project manager.
BYOD Core Capabilities
This project is part of the Bring Your Own Device (BYOD) program. The BYOD trend on campus has been increasing and presents opportunities and challenges that need to be addressed in order to meet the evolving technology needs of faculty, staff and students. This project focuses on increasing faculty, staff, and student productivity by Enabling and optimizing core applications, such as printing and access to U-M storage, on personal devices.
Campus Wide WiFi Upgrade
The purpose of this project is to replace and/or enhance the Ann Arbor campus (excluding the Medical Campus) WiFi network so that there is a consistent, reliable, robust, and higher capacity WiFi network in university buildings. The project will upgrade a minimum of 15 million square feet of academic, student housing, and administrative buildings.
CITP: Cloud Decision Framework and App Roadmap
This project will fulfill an important need in ITS, which is to assist service owners and service managers in identifying a cloud adoption strategy and a tactical migration plan for their applications. The project will also provide ITS executive leadership with a master cloud migration roadmap that includes timelines, captures application interdependencies, risks, and budget requirements.
CITP: Virtual Data Center
Design and build a “Virtual Data Center” containing a set of core technical capabilities inside AWS. These capabilities are seen as prerequisites for migrating ITS systems and services to AWS and will be available to systems and services that operate within this Virtual Data Center.
DART ESB - Integration Layer Project
The DART team and its sponsors agree that a sound, sustainable, expandable, reusable data exchange hub to allow system of record data to be seamlessly exchanged with other systems is a long term strategy need as DART continues to evolve to meet the fundraising needs of the University.
In addition, a critical part of the ITS strategy to utilize cloud solutions requires integration tools that allow efficient data exchange between applications. Currently, ITS does not have the message queue or publish-subscribe tools this proposal satisfies.
The launch of DART in 2012 has largely satisfied the needs of the University fundraising business function. However, significant gaps remain. Additionally, other areas of the University that utilize alumni and donor data require specialized functionality not inherent in a fundraising system.
With the gaps noted above, the need for data integration is imminent. The DART team spent the better part of 1 ½ years building a data integration with Alumni Association’s Salesforce implementation. While the integration was built in a way that exchange of the minimum data components, significant problems are occurring due to its inefficient architecture. Current state problems are:
-Files are constructed in a fractured csv format, which is difficult to expand upon as data exchange needs grow.
-The increase in data scope along with the 2-way exchange resulted in several stress points and bottlenecks imposed on AAUM staff and introduced performance challenges for Salesforce.
-The creation of multiple files requires an exorbitant amount of manual staff time to process and is not sustainable.
-The current integration only serves data exchange between DART and Salesforce, and is not structured to be available for other systems data exchange. -Additional requests for data exchange are coming in from the College of Engineering and the Ross Business School, to name a few. The pent up demand for this information causes units to find less efficient methods for pulling data that lead to data stagnation and inaccuracies. This poses a risk to alumni and donor satisfaction when the university appears to be uncoordinated in its efforts
DB Security Hardening, Password Strength, Vaults
In the past two years DBA team, as a part of Database Security Hardening project:
- Deployed as proof-of-concept several Oracle security products, in particular key vault and audit vault,
- Implemented encryption for majority of critical databases hosting PPI or other sensitive information,
- Explored possibilities for deploying stronger passwords for ITS hosted databases, as well as mandatory password expiration.
The next step in the hardening database security is to:
- Productionize key vault and audit vault by working closely with the vendor (Oracle) to resolve current operational and general functionality issues these products have
- Deploy strong password policies for new and changed Oracle passwords
Develop CUI Compliance Strategy
Develop a controlled unclassified information (CUI) compliance strategy. Develop in partnership with University of Michigan Office of Research (UMOR), Michigan Medicine Compliance, Office of General Counsel (OGC), and Information Assurance a compliance program to support the university’s CUI compliance through the delivery of policy, process, security templates and training. Develop a CUI Public Cloud Strategy, and proof of concept, that maps out the technical and financial requirements including architecture, performance, roles and responsibilities, workflows, IT security controls, and costs. Includes collaboration with the implementation of Yottabyte Research Cloud (YBRC) for CUI Compliance and associated systems.
EIAM: Access Standards Alignment Project (ASAP)
We will categorize our data and applications based on level of sensitivity. For example, applications that are generally open to the public require no or minimal access credentials, such as www.umich.edu. Applications that contain sensitive data, such as SSN, require 2 levels of credentials such as uniqname and password. Other applications with highly sensitive data, such as research animal location, require even more levels of credentials, such as 2 levels of login and a token.
EIAM: Account Lifecycle Optimization (ALO)
While many EIAM program efforts are laying the foundation for bigger things to come, the Account Lifecycle Optimization project is focused on identifying the university’s current pain points with IAM-related processes and tools—and improving them wherever possible!
Improvement initiatives are rolling out in waves and will conclude in January 2018. The number of waves will be determined, in part, by input provided by campus and Michigan Medicine partners.
For more information about this project and the EIAM Program, visit http://cio.umich.edu/eiam-program.
EIAM: Enterprise Identity & Access Mgmt Program
Launched in January 2017, the Enterprise Identity Access Management (EIAM) program at U-M coordinates and unites IAM efforts for all U-M campuses - Ann Arbor, Dearborn, Flint, and Michigan Medicine - to improve the technology and administrative processes that allow authorized individuals to access U-M resources. The initiative is jointly funded by the Office of the Provost and Michigan Medicine through the end of June 2018.
By summer 2018 and through multiple projects, the EIAM Program will:
* Lay the foundation to set universitywide IAM priorities with a single program office and steering committee.
* Prepare for future improvements by piloting new services and identifying universitywide requirements.
* Deliver quick wins to improve the current state for the entire U-M community.
For more information, visit the program's website at http://cio.umich.edu/eiam-program