Instructional and Research Information Systems

IRIS Annual Report FY04-05


Huapei Chen

Director of IT, EECS

Aug 18, 2005


§         Made policy and technical recommendations to mitigate EECS security risks based on the Risk Assessment report from PwC;

§         Conducted internal risk assessments for various groups, including ACG, ERL, BSAC;

§         Conducted EECS security scanning and shared these vulnerabilities with users;

§         Identified services needed;

§         Identified and recruit staff;

§         Initiated a project to develop an “automated purchasing system” that leverage existing applications, and ties into various backend databases and systems, including campus BFS, and allows finer control of reporting and reconciliation.  Efforts were made to enlist campus purchasing and BFS team for collaboration, with the initial sponsorship from BAS (business administration) office.


Instructional Support Group (ISG)



Engineering Support Group (ESG)



Helpdesk (help)



Computing User Support Group (CUSG)



Information Management Group (IMG)



Infrastructure Development and Services Group (IDSG)



§                     Reviewed and established appropriate policies and procedures to comply with campus Min. Std;

§                     Submitted requests for exemptions to campus CISC;

§                     Conducted internal EECS all-node security scanning;

§                     Recommended implementation of security “zones”;

§                     Deployed EECS border service port blocking;

§                     Strengthened EECS border firewall policies;

§                     Upgraded EECS Windows AD to 2003;

§                     Increased Windows AD security by installing and transitioning services to use a best practice security templates;

§                     Strengthen EECS password management (Unix, Windows, LDAP);