Workday Student

As I mentioned before,  the Claremont Colleges have decided to participate in Workday’s Strategic Influencer program for the Workday Student product.   This initiative is now taking more shape.  The following people have been appointed to the Workday Strategic Influencer Project Team:

  • Margeret Adorno (Registrar, Pomona)
  • Mark Ashley (Registrar, HMC)
  • Andrew Dorantes (Treasurer, HMC)
  • Robert Goldstein (CIO, Pitzer)
  • Elizabeth Morgan (Registrar, Claremont McKenna)
  • Joseph Vaughan (CIO, HMC)
  • Chris Waugh, (Director, Smith Campus Center, Pomona)

The Project Team will visit Workday headquarters in Pleasanton, CA on February 24 for the first meeting of Strategic Influencers and Design Partners.  These meetings will be broadcast so that you can listen in from home.  Workday will be conducting interviews with functional groups as well.  If you have views on what a Student System should do, now is the time to speak up!

Claremont Colleges will use Workday Financial Management

I hope you all saw the announcement about Workday Financial Management.  This wd-logois big news for lots of reasons.

Last year, the intercollegiate Budget and Financial Affairs Committee (BFAC) began looking for a replacement for the aging Datatel financial system that is run by the Claremont University Consortium (CUC).  The BFAC narrowed its requirements down to four or five “show stoppers”, two of which will be of great interest to our faculty.  The first was the ability easily to report across fiscal years, which is often very important to grant holders. And the second was support for all modern browsers. (You can read more about Workday’s  philosophy on user interface design).

The BFAC and the consultant they worked with (a former treasurer at Scripps College) reviewed all the market leaders and finally settled on Workday, a relative newcomer with a strong pedigree (it was founded by the founder of Peoplesoft, Dave Duffield and the former chief strategist of Peoplesoft, Aneel Bhusri).  The Presidents Council signed off on the BFAC choice in August and the target for implementation of the new system is July 1, 2015 (yes, 2015!).

One interesting aspect of this for me, as CIO of one of the participating Colleges, is that Workday is only offered as software as a service (SaaS): there is no on-premise version. We will not be making any local customizations.  This is one more example of systems moving to the cloud, with all the implications that carries for IT units and for the Colleges.

Also extremely interesting from a Claremont perspective is that all of the Treasurers have agreed to “hold hands” and use one system, including changing and aligning business practices across the Colleges.  This includes Pomona College returning to being on the same financial system as the other colleges.

A further related aspect of this is that Workday have begun developing Workday Student, a new student information system.  They invited the Claremont Colleges to participate in the development of this system as “strategic influencers”.  The intercollegiate Academic Deans Committee (ADC), Business and Financial Affairs Committee (BFAC) and Information Technology Committee (ITC) made a joint recommendation to the Council that we should take Workday up on their offer.  But at the same time the committees recommended a market review of Student Information Systems, with a view to replacing Jenzabar CX (including, potentially, with Jenzabar JX). The Presidents agreed.  Andrew Dorantes, Mark Ashley and I will all participate heavily in the Strategic Influencer work.  Workday will also conduct interviews with different groups of users, starting this week with the Registrars.

So in the near future (July 2015 or soon after) we will gradually bid a fond farewell to OnBase RFCs and the CUC Connect financial reports. And in the medium future (late 2015) the Claremont Colleges will investigate alternatives to Jenzabar CX.
There is a lot more to say about this, and as the Dude said “It’s a complicated case, Maude. Lotta ins. Lotta outs. And a lotta strands to keep in my head, man”. So I will post individual news items on it as we move forward.



Summer 2014 update from the CIO

beanoWhen I was a kid growing up in Ireland, I loved reading the Beano and the Dandy.  Every summer, they would announce a “bumper edition”, which was packed with extra stuff for those long summer days out of school.  This is the bumper edition of updates from the CIO!

The summer was a very busy one in the realm of IT infrastructure. We oversaw a major rewiring of the Parsons structure; which set the building up to host a modern wired and wireless network that should serve us well for the foreseeable future.  The major points of emphasis in the architecture of the new network are:

  • Assume an increase in the use of wireless devices (to support this we increased the number of wireless access points from nine to sixty seven).
  • Build a high capacity wired network that requires fewer physical cables (cat 6A throughout the building, fewer physical ports, but higher capacity)
  • Improve switching closets and reduce their number (from six to two).

I am very grateful to our partners in Facilities and Maintenance who worked with us to make the wiring project a success, and were supportive of our idea of carrying out our project in parallel with the vacated space project.  The new Clinic space in the basement is just beautiful!

We planned the new dorm wired and wireless network and, taking advantage of the construction work, have laid the groundwork for a “north campus loop” that will enhance the resilience of The Claremont Colleges network by providing alternate (redundant and diverse) networking routes to the second CINE core switch.

We bought new switches for east and south dorms, as well as the Linde Activity Center. We placed a new UPS in Kingston and new wireless access points in the LAC.

A new fiber run from Claremont to downtown Los Angeles is about to be completed, connecting with the Claremont network at the CUC building on First Street. This will increase the resilience of our connections to the internet.  As you can imagine, this is ever more important with the increased use of software services that are hosted elsewhere.

IAM@HMC (Identity and Access management)
We worked closely and intensely with our project partners from Fischer Identity during the summer, meeting every day for many weeks.  This let us push through to get several big wins:

  • We eliminated the distinction between LDAP passwords and Active Directory passwords — it’s all HMC Credentials from now on.
  • Automatic Account Creation (“provisioning”) went live. This meant that we could bring all the new students on board in record time, without manual account creation.
  • We brought the portal ( into the Single Sign On environment. It uses HMC credentials now and you won’t be challenged to log in if you have already logged in and established a session in another application that is part of Single Sign On.
  • We added payors to the HMC portal so that they can view and pay bills on line.
  • We worked with other consortium members to bring up CAS, which will provide single sign on for other systems and, in our case, increases the usefulness of your HMC Credentials. In a new phase of the IAM@HMC project we hope to integrate CAS with Fischer Identity and get even more single sign on in place.

IT Assessment by BerryDunn
During the summer, representatives from consulting firm BerryDunn were in Claremont working on a Claremont-wide IT Assessment at the request of the Presidents Council. Some of you took the opportunity to meet or talk with them and give your views on the quality of IT overall at the Colleges.  I understand that the BerryDunn folk will be coming back again in the Fall, so there will be additional opportunities to meet with them.  I will try to send a bit more advanced notice, so please keep an eye out.  If you are particularly keen on talking with them, please just get in touch with me and we can set up a telephone call. They are very eager to provide the Colleges with a high quality actionable report and would greatly appreciate your input.

IT Policy
During the summer, I completed updates to the HMC Password Policy and finalized the policy on incidental personal use of IT, both of which are now linked on our IT policies page on the HMC website.  Both are the result of extensive discussion with various instances of the Computing Committee, the Presidents Cabinet and other stakeholders.  I believe that policies should be realistic and should interfere as little as possible with your day to day experience, while at the same time achieving institutional goals.  I have found that a good way to achieve that is to have extensive discussion with stakeholders, including college counsel and to be willing to wait until the policy is well cooked before releasing it.

Next up is a policy on safeguarding confidential and sensitive information.

Speaking of passwords, on October 27th we plan to turn on the password expiration function in the Fischer system.  If your password is over 365 days old, you will need to reset it. The prompt at login will just say “invalid credentials”, as we don’t want to give hackers any clues.  But you will receive a notice via email when your password is seven days away from expiring. When we first released the HMC Password Policy, the advice of the Computing Committee at the time was that August would be a good time to remind people to reset passwords, since everyone is coming back and doing housekeeping tasks for the new year.  The timing of your annual reset is up to you though, since you can change your password at any time by visiting the Password and Account Management Kiosk.  If your password is getting old, now might be a good time to change it.

When we moved to the new HMC website last January, we vowed that we would work hard to ensure that only accurate and relevant information would appear on our pages. We continue to work on that goal and have been enhancing our Service Catalog page and keeping on top of updates to the IT Projects page.  Our goal is to make it valuable and effective to turn to the CIS web page whenever you are looking for a solution or are curious to know what we’re up to.

We have also set up for people who wish to host static html pages outside of any of our content or learning management systems.  I wrote about this in the April update, but it is worth mentioning again as we work towards decommissioning older systems such as thuban (www2), odin (www3) and www5.  www4 has already been decommissioned and replaced by

Educational Technology
Thanks to our restructuring that placed AV operations under the wing of User Support,  Educational Technology Services had become even more focused and productive under Elizabeth Hodas’  leadership. Elizabeth is paying special attention to the question of how to relate technology tools to the goals of faculty and students.  I hope you will notice this emphasis in the roster of workshops available during our Week of Workshops, which started on Monday.

Over the summer, there was a surprising amount of interest in trying out Google Glass. Jeho Park described our experiments in his article OK Glass,shoot a laser beam!.  I found the star mapping app really compelling, even though the night on which I had Glass was a cloudy one!  It was the first time I really felt for myself the potential of augmented reality applications and I will never forget my daughter’s exclamation “oh wow” when she donned the Glass and went outside to conquer her fear of the dark.

Also over the summer, Deb Mashek set up a Google Apps Learning Community that several of us participated in.  It was a quiet success and I heard from a number of the participants about how they liked the hands on and interactive approach of these sessions, so we’re thinking of other possibilities.   We are also exploring the possibility of subscribing to campus edition through a Claremont wide agreement. This would give faculty, students and staff a large number of online professional development and learning opportunities.

Unfortunately, Corey LeBlanc left us for Pomona College, where he is now the Computer Science Dept System Administrator. We wish him the best of luck, and were very sorry to see him leave us.

Taylor Calderone will be helping to fill in as we search for a new DTA. Taylor has been with us for a while in a temporary capacity, particularly with AV support for events, so he knows the ropes.

In other hiring news, we are having more success in the search for a Sr. Network Engineer and have interviewed a couple of really promising candidates in recent weeks.  Stay tuned for news on that front.

As I completed writing this update, I had a feeling of exhilaration.  It is just so pleasing to see so much progress in so many areas!  And, once again, my hat is off to the hardworking staff at CIS who just keep on working at a very high level.

Welcome back every one (and welcome, first years).  At CIS, we missed you and are looking forward to supporting you for yet another great year at Mudd.




Data Privacy Month (with a painful story about the students-l list)

Today is Data Privacy Day. See

To celebrate, here is a true story culled from the vaults of HMC server administrator lore. Read it, weep… and then change your passwords.

Once upon a time there was a moderator of the students-l list. She was diligent and hard-working, devoted to the task of saving other students time by only approving messages that she judged to be of interest to students, and collecting together announcements about events at the other Colleges so they could all be included in one message. She worked on this most days, using the students-l list software.

The students-l list system is very old and resides on a Linux machine called Odin. The list system is so old that it may have been created when “GUI” was only a railway code for a station on the Glossop Line and graphical user interfaces were figments of fevered imaginations at Xerox PARC.

Now one day our diligent moderator (let’s call her Agnes) logged in to the system and noticed it was really slow, slower than usual.  At first, Agnes thought that maybe the list system was on the blink or even that Odin was finally giving up the ghost.  She couldn’t moderate messages or send anything out to students-l. Agnes quickly reported it to the CIS Help Desk.

The server admins were soon busy examining Odin as it lay there on its sheets of Irish linen. Little did they know that they were entering their very own long dark teatime of the soul, not working on high priority HMC projects, but just trying to figure out what was going on.

Bit by bit (was that pun intended?), they discovered that Odin was sending out tons of spam and then getting back tons of bounce messages.  So many that poor Odin was choking, unable to give any attention to Agnes’ plaintive login requests. Even worse, Odin was failing to recognize Agnes’ user name and trying to send error messages about that.

“But why?” said the server admins, pulling at their hair (long dark teatimes can have that effect).  “Why Odin?  Why now?  Why spam?  …Why us?”.

Now you just have to sit there and imagine time passing. Slowly.  No students-l messages are getting through.  Spam is spewing.  The server admins are ignoring other things. “Educational Technology?…no time for that”.   Are you imagining that?

OK. In the end, they figured it out.  Another user account on Odin  had been hacked and the hackers were using it to send their spam. And how did they hack it?  You guessed it. A weak password on the user account….  Sigh. Once they figured that out, the server admins had to spend several hours cleaning up the mess and then let Agnes know she was back up and moderating.  Lots of time lost and all because of a weak password.

Data Privacy Day. It’s everyone’s responsibility to ensure data privacy. And it can start with a better password. For tips on creating a better one, maybe even creating one that meets HMC requirements, take a quick look at the HMC Password Policy.

Held annually on January 28, Data Privacy Day encourages everyone to make protecting privacy and data a greater priority. DPD is an international effort to empower and educate people to protect their privacy and control their digital footprint. It kicks off Data Privacy Month (

Thanks for reading. Now go forth and change your passwords.

Update on Portal Advisory Group

Screenshot from 2013-03-14 17:30:10I’ve written about the Portal Advisory Group before.  Affectionately known as PAG, it’s a group that will assist us with setting priorities for the Portal, starting from the premise that the portal is a tool which we know HMC has not used to its full capacity. The group will guide CIS and the College in improving and expanding use of the portal.

The following people have all agreed to participate and I am grateful to them.

Mark Ashley (Registrar, Chair)
Lauren Kim (Assoc Registrar)
Susan Selhorst (CIS)
Cindy Abercrombie (CIS)
Paul Steinberg (HSA)
Vatche Sahakian (Physics)
Tim Hussey (OCA Communications)
Jennifer Greene (OCA Communications)
Guy Gerbick (DOS)
Scott Martin (BAO)

We are also seeking one or two students to help with this initiative.

The first meeting is being scheduled for just after Spring break.

I look forward to good outcomes!

Faculty Computing Survey Results

survey-300x224In late Fall 2012 the computing committee ran a survey of faculty, asking three questions about information technology at HMC.

About 50 faculty responded to the questions, and almost everyone wrote a few lines of comments in response to each question – in addition to giving scores.

Question 1: How satisfied are you with the current teaching services provided by the CIS (e.g. Sakai, portal, classroom support, labs, etc…)?

– Average letter grade: B- (2.57/4.00, 54 respondents)

Question 2: How satisfied are you with the other services offered by the CIS (email, research related services, laptop/desktop support, etc)?

– Average letter grade: B- (2.69/4.00, 55 respondents)

Question 3: How satisfied are you with the current computing services offered by your own department (e.g. email, website, lab, course support, etc)?

– Average letter grade: C+ (2.35/4.00, 49 respondents)

The spread of each score was roughly 0.50/4.00, with a bigger spread for the third question.

The committee summarized by saying that things have improved and are going in the right direction, but that there is still work to be done.

The computing committee members this year are:

Vatche Sahakian (Chair)
Alfonso Castro
Weiqing Gu
Jacob Bandes-Storch ’14
Joseph Vaughan

The committee made four recommendations of its own and added more recommendations coming from the Faculty Executive Committee. You can read the full report, with my responses to each recommendation at the following URL (HMC Credentials required to access the document):

Portal Advisory Group

I have been discussing the portal with a number of people around campus over the last few months. Improvement and expansion of the portal will be a key initiative for the next two years.

There are several reasons for this:

  1. The portal plays a key role in many important areas of the College’s activities.  Grades, Registration, Advising, Student Billing and Alumni Directory are just some examples.
  2. We know that other institutions have more attractive and functional installations of the same portal software (JICS), so our instance of the portal can be made better too.
  3. Because of the fact that we collaborate with the other Claremont Colleges to provide cross-registration for students, moving to a completely different portal is not a simple proposition.
  4. Both Jenzabar, the company that provides the portal software, and AISO, the Pomona College unit that manages the underlying student information system, are committed to making improvements to the system, and we can build upon those.  For instance, Pomona recently informed us that the back end database was handling 60 million transactions per day during the Fall pre-registration period.  They have recently migrated the system from HP Unix to Linux, and are anticipating improvements in response times.

We have already taken the first steps in the portal improvement initiative. We are planning to create a Portal Advisory Group, with the following vision statement:

The portal is a tool which we know HMC has not used to its full capacity. This group will guide CIS and the College in improving and expanding use of the portal.

Registrar Mark Ashley has agreed to chair this group, which will include representation from the many areas that use the portal, as well as faculty and students.  Among the tasks we will ask the group to undertake is to advise on the queuing of CIS projects related to the portal. They currently include:

      • HSA Advising application
      • 40+ Portal improvements suggested by Registrar
      • Electronic Billing
      • OCA requests
      • Student research portlet and forms
      • Single Sign On
      • Adding a staff tab to the portal

John Trafecanty has recently taken over responsibility for the portal, as his duties related to Sakai were much reduced when we moved the Sakai service to Pomona College.  John always bring talent and persistence to programming tasks, so we anticipate great work on the portal.

Watch for more updates on this initiative and do get in touch if you’d like to be involved.

Sakai Service changes coming

Harvey Mudd College has been the “Lead College” for the Sakai service since its inception in 2006.  This means that we provide the service to all the Claremont Colleges and receive some funding from the other Colleges to do so.

About two years ago I began to explore the option of contracting with rSmart for Sakai hosting.  rSmart is a company dedicated to hosting Sakai and other Higher Ed applications for a long list of higher education customers.  Hosting the service with them would take advantage of their expertise and the scale of their operation, which is based in Arizona and housed in one of the largest data centers in the country. On almost all dimensions of the comparison — cost, architecture, functionality, infrastructure, expertise — rSmart looked to be an improvement over what HMC could provide alone. Exploration of this option took many months, and then in August 2011 I made a formal proposal to the Information Technology Committee (ITC) that we should host Sakai with rSmart.  A series of monthly discussions took place, including a visit by the rSmart team in December.   However, I did not manage to persuade my CIO colleagues from the other Claremont Colleges and so the ITC voted to accept an offer from Pomona College to host the service.  The ITC is now moving forward to bring that recommendation to two other Intercollegiate committees, the Business and Financial Affairs Committee (BFAC) and the Academic Deans Commitee (ADC).  Assuming those committees endorse the idea, the Sakai service will be provided by Pomona College effective July 1, 2012.

If the service does move to Pomona, end users will not see any real difference in how the service is delivered. Pomona has offered to continue to subsidize the service and to augment and strengthen the infrastructure, which are good things.  Over time, they may install the rSmart version of Sakai which would provide some nice additional functionality over the “vanilla” version of Sakai that we have been running.

User support for Sakai questions will continue in the same way as it does now.  You can contact the Help Desk for help with issues and if you need advice on how to use a particular tool, you could contact Elizabeth Hodas.

For CIS, the change means a return of time and resources that were being dedicated to supporting the intercollegiate service.  During the analysis of the rSmart option, I discovered that we were subsidizing the service by about $50k per year. We were indeed investing time and resources in an important service and received praise from the other Colleges for our work.  But we are now looking forward to investing time and energy in other projects that will benefit the College, while confident that the Sakai service will be delivered in the ways we were familiar with.


Google’s new privacy policy and Google Apps for Education

On March 1, 2012 Google introduced a new privacy policy that applies to their consumer products (gmail, picasa, youtube etc).   There was a huge amount of coverage of this in the media.

Discussion with the HMC Computing Committee made it clear that we should remind you that the HMC contract with Google is for the Google Apps for Education (GAE) service, which is a separate suite of products, covered by a separate contract.  The new privacy policy does not apply to the core GAE service.

Among the key differences between GAE and the consumer service is that GAE includes a FERPA clause.  This clause stipulates that Google is subject to FERPA in the same way as the college is, and must process educational records (such as emails to students) accordingly.

In our discussions within CIS, we were struck by the fact that what Google is doing seems so much part and parcel of the tracking we are all subject to, both on and off line.  Retailers have been doing it for decades, as we learned from a NY Times article about how companies learn your secrets. I find it fascinating which practices and policy changes get noticed, and which don’t.

So, again, the GAE contract is separate from the Google’s consumer product privacy policy. If you have concerns or want to learn more, you should read the Google Apps for Education contract.

You may also find these Chronicle, Educause and Campus Technologies posts of interest.

Presentation to PPCPC on Campus Network Infrastructure

At the September Board of Trustee meetings, Cindy Abercrombie, Mitch Shacklett and I presented some information about our work in the area of network infrastructure review.  We are working toward a long term plan for the network infrastructure and wanted the Physical Plant and Campus Planning Committee (PPCPC) to be aware of the issues we are seeking to address.

Below is a reconstruction of the presentation, which I recorded afterward. If you want to look at the full size screen cast, you will find it here.