Select Page

Project Planning Team

Executive Sponsor: Anne Milkovich, CIO

Project Sponsor: Anne Milkovich, CIO

Project Managers: Victor Alatorre, Mark Clements, Laura Knaapen

Technical Team Members: Dan Petersen, Christian Beck, Eamon Bauman, Michael Brunn, Michelle Loker, Ricky Johnson, Michelle Loker

 Contact IT

  Hours: M-F 7:30AM - 4:30PM
  Phone: (920) 424-3020
  Email: helpdesk@uwosh.edu

Status: 6/26/18

  • UW System / Legislative Audit Bureau reviewing audit response.
  • Additional small projects identified to meet compliance expectations.
  • Projects identified to Chancellor’s Administrative Staff and IT Advisory Group.

Information Security Compliance

UW System has provided all UW campuses with five Administrative Policies and three Procedures on Information Security. These policies and procedures are mandatory for all UW campuses. The five policies and three procedures are listed on the IT Policies web page.

During the Spring semester IT completed the Authentication procedures regarding password requirements for the university NetID account. As part of the Legislative Bureau audit, several small projects were identified for IT to work on. The projects are listed below in priority order. Additional projects may be required based on the new UW System two-year Info Security plan.

Project/PolicyProject ManagerSemester to Start WorkStatusRecentNext
Enforce mandatory security training.Richard MontanoSpring 2018In ProgressEmployees out of compliance will have their accounts lockedImprove system automation
Remove administrative rights from desktop computers.Laura KnaapenSummer 2018In ProgressDrafting exception processReview with IT Steering Committee
Student employees cannot use generic, shared accounts.Laura KnaapenSummer 2018In ProgressWorking on automation and communicationSet account scheme
Immediate access removal upon employee separation from university or role.Laura KnaapenSummer 2018In ProgressWorking on process maps with HRCommunicate change to campus, especially supervisors
Auditing desktop computers for high risk data.Mark ClementsSummer 2018In ProgressWorking on audit automationDocument response for finding high risk data
Increase offering of security awareness education.Richard MontanoSummer 2018In ProgressDeveloping education materials and outletsFall orientations for employees and students
Require multi-factor authentication to access high risk data.Mark Clements and Victor AlatorreFall 2018PlanningProvide cost estimate to campus
Move all high risk data to encrypted storage.Victor Alatorre and Mark ClementsFall 2018Not Started
Bring Gmail into compliance for password policiesVictor AlatorreFall 2018Not Started
Re-establish emeritus status process to document ongoing relationship with campusAnne Milkovich and Laura KnaapenFall 2018Not Started
No longer allow physical, wired attachment of non-university devices.Laura KnaapenFall 2018Not Started
Auditing employee data access through formal approval and renewal procedures.Mark Clements2019Not Started
Desupporting local hard drive storage.Laura Knaapen and Victor Alatorre2019Not Started
Shift all full-time employees who maintained their student account to the employee account scheme.Victor Alatorre2019Not Started

Recent:

  • Reviewed and prioritized list of projects.
  • Identified projects to work on during Summer 2018.

Next:

  • Draft procedures and processes for Admin Rights and Account Removal.
  • Share procedures and processes with IT Steering Committee.
  • Program automation for student employee NetID and email account creation and removal.
  • Draft and send student employee account information email.