Strategic Goals
OIT supports the goals of the “Wolfpack 2030: Powering the Extraordinary Strategic Plan” through the following services:
Goal 1: Empower students for a lifetime of success and impact
- Continued the Project Management Lite (PML) Program, which has 45 interns from the NC State Poole College of Management, the Department of Computer Science, the College of Engineering and the Department of English. In light of the COVID-19 pandemic and the transition to hybrid learning and remote work, the interns continued to focus on OIT’s project prioritizations to foster technological innovation at NC State. They make it a point to reach across boundaries to collaborate with campus departments to host and participate in events such as the in-person 2022 Poole College of Management Spring Career Fair; they also supported OIT’s virtual events. The PML program set up an official LinkedIn profile to post aspects of their work projects and established an Instagram account to foster connectedness between current and former interns. Fifteen interns graduated in May 2022 and are a “howling” force in companies such as Verizon, RDU Authority, SAS, Nintendo, Cisco, Cloud Giants, General Motors, Fast Enterprises and Southwest Airlines.
- Made significant enhancements to the Integrated Care Referral process. Student Health Services and the Counseling Center use this process to refer students to Wellness and Recreation for assessment and delivery of required wellness coaching student services.
- Automated student schedule revision request workflow for college approvers. These requests include late adds and drops.
- Serviced via the OIT Walk-in Center more than 4,310 student computers, providing 354 hardware repairs and 305 loaner laptops.
Goal 2: Ensure preeminence in research, scholarship, innovation and collaboration
- Achieved 100% compliance with the Defense Federal Acquisition Regulation Supplement 252.204-7012 and the National Institute of Standards and Technology (NIST) 800-171 to use Department of Defense (DOD) Federal Contract Information and Controlled Unclassified Information in the Secure University Research Environment (SURE). Continued collaboration with the Office of Research and Innovation to conduct continuous monitoring of the SURE System Security Plan.
- Deployed separate Splunk instance in Amazon Web Services (AWS) to support SURE.
- Integrated Okta for SURE identity management.
- Deployed CrowdStrike instance in AWS for SURE.
- Provided required documentation to verify NIST 800-171 compliance.
- Expanded the staff of the Security Operations Center to three positions. Service expansion includes monitoring of events in the SURE environment.
- Implemented third-party assessment of the SURE environment. Through this effort, rebuilt the environment to meet all 110 controls for the DOD Supplier Performance Risk System attestation.
- Deployed new research storage system to meet requirement of data encryption at rest.
- Deploying a new high-performance cluster at the North Carolina Department of Information Technology’s Eastern Data Center, representing the largest one-time investment by NC State to enhance its research computational capabilities. The cluster is anticipated to be live this summer. Also working with the College of Sciences to move departmental HPC cluster users to the new university’s HPC cluster.
- Participated in planning efforts for the Plant Sciences Initiative to ensure adequate IT infrastructure capabilities.
- Continuing to provide project management, network support and expanded Wi-Fi capacity for the Aerial Experimentation and Research Platform for Advanced Wireless or AERPAW project — a $24 million multi-year National Sciences Foundation grant for setting up an advanced wireless platform for research.
- Partnered with the College of Agricultural and Life Sciences to further expand network capabilities at Lake Wheeler in anticipation of direct campus connectivity.
- Continued efforts to implement the Proposal Tracking and Project Administration Management modules in the new Research Enterprise Data system.
- Enhanced the College of Veterinary Medicine’s use of OnBase for research by designing a new process to load archived paper documents for access and search capability by CVM faculty.
- Communicating effective ways, such as leveraging Google Workspace and Globus, for faculty to collaborate on research with internal and external colleagues.
- Provided the university’s human-subject researchers with expertise in data security to assist them with the planning and execution of Institutional Review Board-approved research. Also provided cybersecurity consultation on the use of software and applications, including Rapid Access Biosecurity Application, a data-driven tool being developed by NC State.
- Collaborated with the NC State University Libraries to help researchers identify data security requirements for grant proposals during the pre-proposal and site-visit stages.
- Hosted with the Cybersecurity Awareness Team an FBI counterintelligence briefing for the research community as a followup to the campus memo regarding cybersecurity attacks and export control restrictions.
- Collaborated with the EDUCAUSE NIST 800-171 Working Group to develop a toolkit to share with the EDUCAUSE community.
- Became a sponsor of the Regulated Research Community of Practice to address the requirements of regulated research for higher education institutions.
Goal 3: Expand and advance our engagement with and service to North Carolina and beyond, defining the standard for a 21st-century land-grant university
- Leading the development of a coordinated eSports effort focused on building an arena and mobile arena with $16M in capital funding from the North Carolina State Legislature.
- Hosted, in partnership with the UNC System Office, the “Accessibility in the Classroom” online course, providing NC State and other North Carolina higher education instructors an introduction to digital accessibility and practical methods to incorporate accessibility into face-to-face, hybrid-online, and online classrooms.
- Partnering with the Industry Expansion Services’ Department of Defense Program to leverage student interns to continue the cybersecurity assessment of small business DOD grants.
Goal 4: Champion a culture of equity, diversity, inclusion, belonging and well-being in all we do
- Completed the Intercultural Development Inventory to use as a baseline to broaden and encourage staff to shift cultural perspectives. OIT leadership and members of the Diversity, Equity and Inclusion (DEI) Team participated in this effort.
- Developed a “lunch buddies” program to encourage opportunities for staff to get to know each other outside of typical working relationships.
- Published a hiring toolkit that includes information to broaden candidate search networks and reduce bias in hiring decisions.
- Launched, in partnership with several other units, a campus-wide DEI effort specifically for units that don’t have staff dedicated to advancing DEI-related initiatives.
- Continued to provide sponsorship and assist in leading the Women in Technology interest group.
- Co-hosted MCNC president Tracy Doaks, who spoke about digital equity and the importance of increasing and supporting individuals from underrepresented groups in STEM.
- Reinstated new employee orientation to welcome staff, introduce them to the campus and IT environments, and provide them with a better sense of belonging.
- Continued to provide grants to caption academic materials, ensuring all students, including those with hearing impairments, have full access to multimedia files.
- Conducted more than 160 reviews of IT services or applications to assess for compliance with the university’s Digital Accessibility Regulation.
- Continued to host the annual Web Accessibility Challenge, encouraging those responsible for campus websites to review and improve the accessibility of their sites, so all members of the university community can access technology, regardless of ability.
Goal 5: Improve university effectiveness through transformative technologies, cutting-edge processes and actionable data
- Continued work on a project to vacate the second campus data center and relocate equipment to the North Carolina Department of Information Technology’s Eastern Data Center and MCNC. Optimistic for a spring 2023 completion, although supply chain issues have greatly impacted the NC DIT in providing the necessary power and cooling infrastructure.
- Upgraded more than 10,000 network ports across campus, providing faster connectivity.
- Continued the transition of life safety phone lines to VoIP. Completed cutovers for Centennial Campus, so only the Centennial Biomedical Campus remains for the coming year
- Continued multi-year project to upgrade wireless bandwidth throughout campus. The past year included installation of over 1,400 access points in 18 buildings.
- Increased resiliency of key infrastructure services such as Domain Name Servers via cloud-based deployments.
- Upgraded campus internet connections to 100 gigabits per second.
- Developed a digital OIT Home Use Form to track equipment.
- Expanded dial plan to allow for VoIP support beyond the 919 area code to support the College of Agricultural and Life Sciences.
- Broke ground June 2022 on a main distribution hub to provide network capabilities to Lake Wheeler Field Labs at a level equal to Main Campus.
- Partnered with Facilities to launch a pilot project to maximize productivity and space utilization as a result of the university’s move to a hybrid-work environment.
- Continued enhancements for testing surveillance and vaccination tracking for managers via a dashboard and reminders for employees.
- Provided enhancements for Employee Emergency Loan and COVID-19 Paid Administrative Leave request forms to facilitate more timely human resources and payroll approval processes.
- Partnered with the Office of Research and Innovation, the Office of General Counsel and University Human Resources (UHR) to assess options and develop strategic recommendations for the Academic Visitors Compliance Initiative. This included defining business requirements and designing the processes and first phase of the Guest and Affiliate System to identify, register, provision and deprovision services for academic visitors. Pilot users for phase I will be on-campus research visitors.
- Worked with the Office of Finance and Administration and the Provost’s Office to prepare the Fiscal Year 2023 All Funds Budget for NC State that was submitted to the UNC System Office.
- Collaborated with Procurement and Business Services to implement Payment Works to provide a more secure and efficient mechanism to onboard suppliers.
- Implemented and integrated a new benefits administrator through the UNC System Office that will result in reduced costs for premiums for faculty and staff.
- Implemented the ePerformance module in the HR System for SHRA employees to make work plan and appraisal processes paperless and workflow and approvals electronic. Pilot departments will be using it for the fiscal year 2022-23 performance cycle. The implementation for EHRA employees is underway.
- Enhanced the HR System hiring process with more efficient workflow and integration using a new background check vendor for faster and significantly less costly processing.
- Worked with Institutional Strategy and Analysis to load legacy accreditation documents for UHR access in preparation for the upcoming accreditation initiative.
- Expanded ShareBase to provide secure file sharing and upload services of sensitive data for external users. Units implemented include: HR Information Management, HR International Employment, HR Employee Services Center, Enrollment Management and Services, the Office of General Counsel, Friday Institute, and the Department of Statistics.
- Expanded the use of the OnBase system to digitize and load Perkins Loan microfiche documents to support the University Cashier’s Office and the Student Accounts Office in their responses to the federal government.
- Completed enhancements to modernize and increase password entropy for the Self-Service Password Management service, implementing an industry-standard strength-based password, including a “strength meter” for end users.
- Migrated the System Access Request system to a Linux environment to extend the life of the service for campus until resources are available to migrate to a supported platform. Added firewall rules to isolate it from external access.
- Implemented DataGuard for Oracle databases associated with payroll processing to improve disaster response and business continuity.
- Implemented Transparent Data Encryption to maintain National Automated Clearing House Association compliance.
- Migrated MyPack Portal functionality to the Student Information System (SIS) environment.
- Significantly increased number of WolfBytes video productions provided to university partners, almost doubling revenue from 2020-21.
- Brokered an agreement with WRAL Sports+ to provide PackTV content for the new television station.
- Resolved 2,977 OIT Managed Desktop team incident tickets. This is one of the highest ticket counts on record since 2015.
- Assisted UHR in implementing the ServiceNow HR Module.
- Worked with the Onboarding Center to create updated content to orient new employees to the IT environment at NC State. Also provided extended IT orientation guidance to 87 employees via Onboarding’s Quickstart program.
- Continuing development of the IT Service Catalog. Updating all IT service offerings with a goal of publishing the catalog by the end of this summer so that campus can find available IT services.
- Developed and implemented the data classification framework within ServiceNow to support the UNC 1400.3 Regulation and other compliance efforts.
- Completed the migration from MediaSite to Panopto/Epiphan for recording classroom sessions.
- Implemented Panopto Touch Panel Controls on Crestron’s touch panels.
- Began the Secure Remote Work Assessment project, identifying 10 departments that use sensitive information as part of their operations. These departments will be assessed on their ability to do remote work securely.
- Implemented a Qualtrics customer feedback survey for the OIT Walk-in Center. Over 2,790 surveys have been sent out and 427 responses have been received. About 87% of responses were “very satisfied” or “satisfied” with their experience.
- Developed a “Quick Dial” number on all classroom phones to simplify faculty support requests. Worked to prioritize classroom support calls by automatically putting classroom calls to the front of the NC State Help Desk call center queue.
- Identified 1,403 audio/video problems before they impacted teaching activities through ClassTech’s daily classroom technology checks.
- Collaborating with the Controller’s Office, attested 100% compliant with the Payment Card Industry Data Security Standard for the fourth consecutive year with all three merchant types.
- Reported increase in public record, litigation hold, and eDiscovery requests from 12 to 42. Litigation hold releases increased by 2.
- Developed and delivered a successful 2021 Cybersecurity Awareness Month program, “Do Your Part #BeCyberSmart.”
- Provided continuity for university business and operations throughout the pandemic by assisting with the implementation and compliance of telehealth services for Student Health Services and the Counseling Center.
- Continued to work with all stakeholders to remediate the issues identified in a 2019 internal audit of controls associated with ultra-sensitive (Purple) data. The audit report is from the NC State Internal Audit Division.
- Updated and prioritized the NC State Cybersecurity Strategic Plan with recommended projects and resource requirements for securing university information systems and data to comply with university, state and federal rules, regulations, and standards. Also updated contractual obligations including but not limited to the International Organization for Standardization 27002, the Payment Card Industry Data Security Standard, Defense Federal Acquisition Regulation Supplement, National Institute of Standards and Technology (NIST) 800 series, Gramm–Leach–Bliley Act (GLBA) and the Health Insurance Portability and Accountability Act (HIPAA), employing the IT Risk Management process to determine priorities.
- Continuously improved the OIT change management process in ServiceNow and assisted other campus IT organizations with improving their processes.
- Initiated communication to campus as a warning to anticipate escalated cybercriminal activity resulting from the U.S. response to Russia’s attack on Ukraine.
- Updated the Endpoint Protection Standard Rule and its supplemental documentation to reflect recent changes to related NC State’s Policies, Regulations and Rules, resource references, technology changes, and implementation updates.
- Conducted an in-depth review of our security tools to improve the protection of university information systems and their data.
- Updated the Data Management Framework website. Clarified the purpose of the NC State Data Classification Table, provided help on how to classify IT configuration items within ServiceNow’s new Configuration Management Database, and added a Compliance Obligations section.
- Provided detailed, in-depth collaborative feedback to University Procurement to produce the new IT Procurement Training Moodle Course and supplemental training guide. The training is scheduled to be available for campus during the summer of 2022.
- Initiated the development of a Configuration Management Database (CMDB) with data inventory on IT resources, which continues as a work-in-progress.
- A pilot project with the OIT Financial System team and the Division of Academic and Student Affairs reviewed the inventoried assets and classified the them according to the university’s data classification levels. Expansion to the rest of campus to inventory their multi-user systems has a target completion of spring 2023.
- Deployed Amazon Web Services Control Tower to provide a centralized view of NC State AWS resources.
- Implementing the Service Graph Connector for Microsoft System Center Configuration Manager and Jamf Pro so client endpoints can be populated in the CMDB.
- Integrated the Lenovo and Dell vendor database API’s so that warranty data is now populated for CMDB Configuration Items.
- Delivered orientation regarding roles and responsibilities to data stewards, connecting them with resources and partners to help them determine data-protection requirements from a risk-based approach.
- Developing training for users who have access to ultra-sensitive (Purple) data.
- Required completion of the Information Security and Privacy Acknowledgement form in October of 2021.
- Continued development of the IT Governance, Risk and Compliance process using ServiceNow. All stakeholders completed the campus GLBA attestation. The HIPAA Security Rule and NIST 800-171 for the Secure University Research Environment are targeted for completion by end of this fiscal year.
- The Cybersecurity Awareness Team updated the mandatory data security training for employees to address the current threat landscape. As of May, 81% of the 22,000 employees and affiliates are in compliance.
- Implemented ServiceNow’s Vendor Risk Management solution to enhance management of vendor responses to required questionnaires and documentation requests that are part of the IT Purchase Compliance process.
- Enhanced a campus-wide IT risk management program in compliance with federal, state and UNC System Office requirements. Worked with a consulting partner to build out a multi-year, prioritized set of recommendations to mature NC State’s IT risk management program.
- Conducted a third-party assessment of PeopleSoft SIS for compliance with NIST 800-171 in preparation for this being required by the Department of Education. This will also satisfy the periodic GLBA requirement for IT risk assessment and management.
- Conducted a HIPAA Security Rule assessment with a third-party partner for the university’s HIPAA-covered entities.
- Established a maturity baseline level assessment against ISO 27002 using the Security & Privacy Capability Maturity Model. Conducted by MCNC, the assessment provided an overall maturity score that identified areas for improvement.
- Implemented TeamDynamix for Project Portfolio Management, providing strategic visibility to OIT portfolio project performance and a structured intake process to review and accept new projects.
- Transitioned from Nexpose to Tenable for vulnerability scanning. The move required extensive effort across multiple IT teams.
- Expanded use of CrowdStrike malware detection and prevention with move to MCNC-hosted solution.
- Retired use of Tripwire with the implementation of Tenable and CrowdStrike.
- Achieved SIRTFI certification for Shibboleth, Oracle Identity Management and Active Directory to meet Research and Education FEDerations group security standards.
- Completed transition of enterprise servers to Red Hat Enterprise Linux 7 to maintain compliance.
- Deploying FortiADC web application firewall in front of critical web applications.
- Decommissioned MIT Kerberos, replacing it with WolfTech Active Directory Kerberos.
- Standardized on GitHub, allowing the decommissioning of Subversion.
- Moved Google authentication for Unity IDs to Shibboleth. Unity IDs now have a single multifactor authentication source.
- Significant progress in retiring the Andrew File System AuriStor and migrating to Network File System Version 4. Scheduled to be completed by Dec. 31, 2022.
- Significant progress toward moving from Lenovo GSS storage to NetApp storage.
- Network file systems for enterprise applications now fully replicated between Data Center 2 and the Eastern Data Center, providing significantly shorter recovery time should a primary Network Attached Storage array encounter issues.
- Implementing significant changes to research storage and virtual machines to improve service and increase resiliency.
- Increasing automation related to network provisioning and maintenance of life safety lines, backing up network configurations, switch provisioning, firewall reporting, UPS management, and additional network tools for campus IT support staff.
Goal 6: Lead in developing innovative partnerships, entrepreneurial thinking and applied problem-solving
- Partnered with UNC-Pembroke’s School of Education to provide a version of our System of Assessments Guiding Education (SAGE) application for their campus. Used to manage teacher licensure processing, SAGE is now live and serving UNC-Pembroke’s students and faculty.
- Continued to provide leadership to the UNC system campuses in support of the federated Jamf Pro configuration management environment.
- Consulted extensively with North Carolina Agricultural and Technical State University for a major new iPad deployment.
- Continued partnerships with four other UNC System universities and the North Carolina Department of Information Technology to provide phone system support. This included rolling out new call center applications over the past year.
- Provided IT staff support for the Poole College of Management and the College of Sciences to backfill staffing shortages.
- Participated in the the NC State Staff Senate Development Fair, the university’s Staff and Faculty Appreciation Event, and the Sustainability Office’s Earth Fair to share information about IT services and safe computing procedures.
- Continuing to provide leadership and support for UNC CAUSE, the IT organization that promotes and facilitates cooperation, information exchange and shared technology use among UNC System campuses.
Goal 7: Elevate the national and global reputation and visibility of NC State
- Presented NC State’s approach to data inventory and classification at an international EDUCAUSE conference, garnering significant interest in our processes by other universities across the country.
- Shared the university’s experiences with the use and advantages of network capable power conditioners in classroom audio/video racks in a Legrand case study.
- Partnered with Deloitte and The Wall Street Journal to publish the article, NC State Forms Cloud Enclave to Guard Research Data, on the university’s Secure University Research Environment achievement.
- Earned the Multi State Information Sharing and Analysis Center (MS-ISAC)’s Best of the Web Public Education Cybersecurity Website Award for the second consecutive year.
- Nominated by the Center for Academic Excellence (CAE) Community of Practice for Cyber Defense Regional and CAEs Outreach Competition for excellence in cybersecurity awareness outreach. NC State is designated as a CAE having met the requirements of the National Security Agency and the Department of Homeland Security. It is part of the Southeast CAE Regional Hub.