Penn Information Systems & Computing
ISC Progress Report, October 2018
New Chief Information Security Officer
Please join us in welcoming Nick Falcone as the University’s new Chief Information Security Officer, succeeding Joshua Beeman after years of outstanding service to Penn. Nick joins us from the Einstein Healthcare Network where he leads their Information Security and Privacy program, and served as interim Chief Technology Officer in 2017.  Prior to Einstein, Nick was the Enterprise Information Security Officer at Thomas Jefferson University and Hospitals.  Nick has also worked for Children’s Hospital of Philadelphia, Protiviti Risk Consulting, and the Defense Information Systems Agency. Nick received his Bachelor’s degree in Computer Science and English from Case Western Reserve University, and is a Certified Information Systems Security Professional (CISSP).

Here’s a brief report on many of our major activities,
organized by our three strategic themes.

Modernize the IT environment that supports the University
Client Care: ISC’s Client Care is continuing its partnership with Penn Libraries to provide a wide range of support and services to students through the Tech Center.  The Tech Center’s total ticket volume for the 2017-2018 academic year increased by more than 1000%. This dramatic increase is largely due to the Tech Center’s more visible and central location on the ground floor of Van Pelt Library.

Client Care launched the Two-Step Verification Code Hotline last year. The primary purpose of the hotline is to provide an additional recovery method for Two-Step users, but Client Care staff also provide users with enrollment help and support with other Two-Step related issues. ISC has supported more than 750 people with their Two-Step usage since the hotline launched. 
Burden Reduction Initiative: Penn initiated a Burden Reduction Initiative (BRI) aimed at reducing the amount of time required for faculty to accomplish administrative requirements associated with their research. BRI consists of three primary systems:
  • Research Portal, which will serve Penn’s 12 Schools, providing improved systems access and the consolidation and presentation of information
  • Grant Financial Management reporting system, which will standardize the use and manipulation of financial information
  • Conflict of Interest and Extramural Disclosure System, which will serve both faculty and researchers
Data Center Migration: The Pennovation Data Center Expansion Program is migrating all ISC and client systems hosted at 3401 Walnut to an enhanced location. To date, 684 assets have been removed. The migration and closure effort has remained on target and under budget throughout the duration of the program. Additionally, all locations that house ISC and client devices are now supported by backup generator power, significantly lowering the risk during power outages. ISC and Hosted (FM) clients took the opportunity to refresh physical equipment or transition to virtualized or cloud environments. The current 3401 Walnut location will continue to serve as a home base for support of the Huntsman Data Center and our six NAP locations.
HireIT: HireIT is piloting a new tier of service called Certified Desktop, which provides commodity services to Schools and Centers with an existing local IT infrastructure. Services include image creation, software and operating system patching, encryption key management, and administration of desktop and laptop backup storage solutions. The pilot will launch with DRIA as the first customer in the coming weeks. Once the pilot has successfully concluded, the service will be available to qualified Schools and Centers on campus.
Next Generation Unified Communications: The Next Generation Unified Communications Project is evaluating and selecting the next generation of voice and communications services at Penn. Three current services will be considered for refresh: PennNet Phone, Contact Center, and Traditional Telephony (Centrex). The team is currently evaluating seven RFP responses from vendors.
Next Generation Student Systems: On August 30, the Next Generation Student Systems (NGSS) program held a vendor summit at which representatives of the program’s three major external vendors (Ellucian, LeepFrog, and Infosilem) met with program owners and team leads to validate program assumptions, timelines, and interdependencies. Approaches for optimal design of processes and elements common across applications were confirmed, along with integration, conversion, and security strategies.
Since then, design-phase activities have focused on detailed business-process designs and some initial functional specifications. Team members are actively meeting with representatives of Schools and their curriculum committees to determine how each School can best take advantage of the Curriculum Management software piloted in the College of Arts and Sciences, while preparations for adding professional master’s program information to the University Catalog continue.
Technology Services Strategy Review Board: ISC’s Technology Services Strategy Review Board (TS-SRB) was formed to re-evaluate ISC’s technology strategy and to ensure that our strategy meets the evolving technology needs of the University. Since the inception of the SRB earlier this year, 17 strategy documents have been published. A review of the six newest strategies was held with ISC and ITR constituents in October. Topics included: Wireless, Unified Communications, Network Segmentation, Internet Protocol Address Management, Enterprise Single Sign-On, and Next Generation Backup and Recovery.
Human Capital Management: The Human Capital Management (HCM) program aims to increase Penn’s HR and Payroll work efficiency, enhance response to changes in regulatory and compliance issues, improve the user experience, and strengthen information quality and access. Visit the new Workday@Penn and Penn Employee Solution Center websites.
Cloud First: ISC’s Cloud First program continues into FY’19, moving more than 45TB of client storage to the cloud. ISC recently kicked off a project to make PennGroups more resilient in the event of a campus challenge. A team has been formed, current architecture has been documented, and a plan has been drafted to move the current PennGroups software to the cloud. ISC has also been conducting a proof-of-concept exercise with the new VMWare Cloud on Amazon Web Services.
PennO365: The PennO365 advisory team has been upgrading the service across campus:
  • Advanced Threat Protection & Central Mail Routing: The recently hired ISC PM for this project is currently working with procurement on the RFP process using the identified requirements. Three vendors have made proposals for implementing this technology.
  • Splunk Integration: We are integrating PennO365 message tracing and authentication logs into the Splunk service in order to enable the Security team to have better insight into threats to the Penn community.
  • Licensing: All of the licenses in the PennO365 tenant were upgraded from the old “E3” license package to the “A3” license package for academic institutions. This change was finished mid-July.
  • Multi-factor Authentication: ISC is working toward providing multi-factor authentication for PennO365. This is in the early stages of evaluation.
Secure Penn’s operating environment while maintaining open and free sharing of information and ideas globally
Two-Step Verification: Nearly 30,000 people across campus are now using Two-Step Verification, including more than 16,000 staff and contractors, 7,000 faculty, and 2,500 students. ISC is currently working with Schools to enroll all faculty in Two-Step, and will be kicking off an enrollment campaign for students this fall. 
Identity & Access Management Program: Please see the latest IAM update regarding new web content, the External IAM Project pilot, related initiatives, and what’s next.
Transform the culture of Penn’s approach to IT management, funding, and governance
ISC Shared Services: ISC’s Shared Services Group provides the core business services that support the administration of ISC, including IT Governance, Finance and Budget, Contract and Vendor Management, and Billing. Our Apptio billing migration project is now complete, and we’re focusing on improving Technology Business Management (TBM) practices at Penn. In addition, Shared Services is working with IT@Penn leadership and Vice Deans to heighten transparency and foster collaboration around IT investments across the University through our work promoting TBM and the Penn Technology Investment Committee (PTIC).
Penn IT Academy: We are piloting the new Penn IT Academy, designed to promote individual career development for all Penn IT staff by offering a consistent and comprehensive set of training programs across a variety of disciplines. 
Priorities Program: Our September IT@Penn SUG presentation included an update on our Priorities Projects: Billing, Finance & Funding (BFF), Client Intake, Follow‑up & Reporting (CIFR), and Services.
Business Impact Analysis: This year, the University’s Mission Continuity Program (MCP) was asked to expand to include a Business Impact Analysis (BIA), determining Penn’s critical priorities and dependencies, and the potential impact on our ability to do business if critical components became unavailable. Over the course of six months during 2018, the MCP collected information from all Schools and Centers about Penn’s critical processes, functions, and systems. All this information has been loaded into the MCP database, called Shadow-Planner, and is being analyzed. This analysis will help leadership make decisions about where to deploy University resources in the event of any outages or disruptions.
Mission Continuity Tabletop Exercises: For the sixth year in a row, the University’s Mission Continuity Program has launched a campus-wide Tabletop Exercise. These exercises help to ensure the University is resilient and can continue its crucial operations in the event of an outage or emergency. ISC’s Information Security Group drafted the scenario for this year’s program (a hypothetical cyberattack) to specifically test the new BIA component of the Mission Continuity plans. Schools and Centers will run exercises to test their Mission Continuity plans, including both Business Continuity plans and Business Impact Analyses. We expect 60-70 separate exercises will be held across campus before the end of the Fall semester.

Thank you for your support!
The ISC Leadership Team
Subscribe to our email list.