University Strategic Goals

Student Involvement Fair
A Secure Affair! OIT Project Management Lite (PML) student Vasudev Bongale and OIT staff member Madison Bell encourage students to protect their accounts and mobile devices with eduroam, mobile device security tips and two-factor authentication during the fall 2019 Student Involvement Fair.

Goal 1: Enhance the Success of Our Students Through Educational Innovation

  • Enhanced the Student Information System (SIS) to ensure that all financial aid hours met identified degree requirements. Developed new and modified SIS pages and reports to help the academic departments advise their students to maximize their aid eligibility while making progress toward a degree.
  • Implemented the first graduate degree audit functionality for graduate certificates. This allows certificate students to track their progress and graduate administrators to automatically clear the students for graduation.
  • Developed new graduate committee tracking functionality; it will be implemented along with a full graduate degree audit in 2020-21 upon completion of the new graduate planner. This will streamline the committee approval process and improve tracking of progress towards a degree for graduate students.
  • Completed the move of admissions processing for undergraduate, Agricultural Institute, non-degree, and veterinary medicine careers to the Slate platform, joining graduate admissions. Special admission processing for Intensive English Program (IEP), Global Training Initiative (GTI), readmissions, and university honors and scholars programs were also implemented using Slate.
  • Continued to grow the Project Management Lite (PML) internship program, which now has 45 students from the NC State Poole College of Management, the Department of Computer Science, the Department of Engineering, and the Department of English. PML provides students an opportunity to work on projects with experienced professionals and to build their strengths and increase their talents and knowledge. This year’s major project kickoff was the OIT Security and Compliance cybersecurity assessment project. Interns worked with small businesses to complete gap analyses and reporting on National Institute of Standards and Technology (NIST) compliance. They also worked on a number of OIT projects including security awareness, web page updates, the OnCampus App and the REPORTER registration system. One of the interns provided helpful feedback and short videos for the redesign of the Mobile Device Security procedures and then used this work for his class project. The team also continued to develop strategic and operational goals that govern the program’s business processes.
  • Integrated WolfBytes into the syllabi of three Parks, Recreation and Tourism classes and a Communications class, which provided students an opportunity to work in a broadcast environment.
  • Added features to the OnCampus app to provide COVID-19 information, accessibility information and new integration with the Division of Academic and Student Affairs (DASA) student app.
  • Partnered with DASA to support 46 student organizations’ websites.
  • Used the WordPress Blogs service for various class projects in: Communication 336; Curriculum and Instruction 201; Educational Psychology 304; English 317, 332, 491, 513, and 522; Foreign Language – Spanish 360; and Mechanical and Aerospace Engineering 200 and 416.
The Global Courtyard
Showing international diversity. Located between Primrose and Tompkins Halls, The Global Courtyard serves as a space to showcase how NC State strives to bring the world to campus. Photo by Marc Hall

Goal 2: Enhance Scholarship and Research by Investing in Faculty and Infrastructure

  • Continued support and maintenance of the Secure University Research Environment (SURE) to support sensitive research contracts and grants that require National Institute of Standards and Technology (NIST) 800-171 compliance and Defense Federal Acquisition Regulation Supplement (DFARS) clauses. 
  • Continued in collaboration with the Office of Research and Innovation (ORI) to complete the Plans of Action and Milestones to achieve 100% compliance with NIST 800-171.
  • Contracted the Research & Education Networks Information Sharing & Analysis Center (REN-ISAC) to perform a peer review and assessment of the university’s compliance with NIST 800-171, specifically for the SURE.
  • Provided project management services and significant infrastructure consultation for the Aerial Experimentation and Research Platform for Advanced Wireless (AERPAW) project, a $24 million multi-year National Science Foundation (NSF) grant to set up an advanced wireless platform for research. 
  • Engaged with the ORI Proposal Development Unit and researchers from the College of Engineering on the preparation and submission of a nearly $70M cooperative agreement proposal with the NSF, serving as a subject matter expert to ensure alignment with project management requirements from the NSF Large Facilities Manual and guidance from the National Defense Industrial Association Earned Value Management.
  • Worked with the NC State College of Agriculture and Life Sciences to develop a master plan for the Lake Wheeler facility and partnering on funding over the next three years to make substantial progress on network connectivity throughout the facility.
  • Completed implementation of the security, network, and research environment (SNARE) designed to segregate certain research traffic from the production network. This is a high priority for principal investigators researching cybersecurity.
  • Implemented the Conflict of Interest and Notice of Intent modules of the new Research Enterprise Data (RED) administration system to efficiently and effectively fulfill compliance requirements across the research enterprise. Also completed the majority of the work needed to implement the Proposal Tracking and Award Tracking modules, which are scheduled to go live this fall.
  • Developing service model to support Globus, which provides an easy-to-use mechanism for NC State researchers to share data with researchers at other institutions.
  • Deployed new research services web application that provides new individual researcher storage allocations, enhanced features for local IT staff to assist with research storage configuration, new project storage allocations, and life cycle management.
  • Expanded High Performance Computing (HPC) storage and moving HPC mass storage from outdated and unsupported array to new storage.
  • Enhanced HPC documentation, including the addition of many how-to videos.
  • Launched the Research, Scholarship & Creativity IT Committee, as part of the new IT Governance model. Transitioned HPC service to be one of the shared core research facilities, including the creation of new HPC Faculty Oversight Committee.
  • Working with HPC Faculty Oversight Committee to define a sustainable set of applications for HPC staff to maintain. Also defining processes for other applications to be maintained by IT staff or individual research groups.
  • Worked with the College of Engineering IT (ITECS) department to support Singularity containers on the HPC cluster and to move a number of Department of Civil, Construction and Environmental Engineering (CCEE) projects from individual research group clusters to the university HPC cluster.
  • Provided WordPress Blogs and Hosted WordPress services used for dozens of faculty, lab, workshop, conference, and research initiative websites. Some include Citizen Science Campus, Chemistry of Life Program, 15th International Symposium on Functional Pi Electron Systems, and the Bodies and Structures: Deep-mapping Modern East Asian History 2.0 Workshop.
NASA astronaut and NC State alumna Christina Koch
A special time in space. On Aug. 30, WolfBytes Video Services, a unit of OIT’s Outreach, Communications and Consulting, live streamed NASA astronaut and NC State alumna Christina Koch from the International Space Station to thousands of viewers. The 20-minute Q&A session highlighted the science and wonder of space exploration. Photo by Stan Martin. 

Goal 3: Enhance Interdisciplinary Scholarship to Address the Grand Challenges of Society

  • Assisted the College of Agriculture and Life Sciences in planning the implementation of next generation technology at the Central Crops Research Station. This will serve as a model to deploy next generation technology throughout the state.
  • Supported websites for the Chancellor’s Faculty Excellence Program interdisciplinary clusters: Genetic Engineering and Society; Forensic Sciences Initiative; Global Water, Sanitation and Hygiene; and Leadership in Public Science.
  • Consulted with multiple researchers on strategies to share data and other IT resources with external collaborators. 
Work group that oversees the NC State's EHRA conversion process
Competitive advantage. This fiscal year, the nine-member work group that oversees the NC State’s EHRA conversion process for IT employees, an effort to help to attract and retain talented IT employees, conducted information sessions about the process. Eligible IT staff have an option to convert from SHRA to EHRA non faculty positions. Work group members, pictured from left to right, are Gwen Hazlehurst of OIT, Donna Petherbridge of DELTA; Karen Horne of OIT; Susan West of OIT; Debbie Carraway of College of Sciences; and Lori Preiss and Julie Ricker of University Human Resources. Not pictured are Marc Hoit of OIT and Marie Williams of University Human Resources.

Goal 4: Enhance Organizational Excellence by Creating a Culture of Constant Improvement

  • Began the move of the McKimmon Center from the Destiny vendor-based system to the homegrown REPORTER system for non-credit course registration management. The move to REPORTER will save the McKimmon Center approximately $50,000 annually.
  • Served as a pilot institution to implement The University of North Carolina System Office Financial Data Mart, which will go live this summer.
  • Completed PeopleTools 8.57 upgrades to the Student Information System (SIS), the Financial System, the Human Resources (HR) System, and the MyPack Portal to maintain regulatory compliance.
  • Implemented the Sharebase platform to provide secure uploading and sharing of sensitive data. 
  • Extended the usage of the SAS Visual Analytics platform to units such as HR, the Budget Office and Purchasing and made significant progress on the creation of an enterprise analytics hub to provide easy-to-access analytics for improved decision-making.
  • Completed the assessment of the capabilities of the Persona and Grouper management systems for potential expansion and implementation across campus. This is in preparation for the implementation and expansion of a grouping system that will provide more timely, automated access control to online systems.
  • Began implementation of a Guest and Affiliate System that will enable better control and tracking of guest and affiliate access to online resources.
  • Developed a number of HR System enhancements to streamline HR processing across campus. Examples include: a new Job Action Request process for reappointments, support for the new Parental Leave benefit, and functionality to allow managers and timekeepers to override hours that are paid or banked as compensatory time. Completed the majority of the development for the Approval Center to provide “one-stop shopping” for approvals across systems.
  • Attested 100% compliant with Payment Card Industry Data Security Standard (PCI DSS) for the second consecutive year with all four merchant types in March 2020. University Dining merchant chain continued to attest compliant as a Level 2 merchant, which means it exceeded 1 million transactions. The university takes credit cards at 90 locations yielding 2 million transactions totaling ~$100 million dollars annually. These attestations were a collaborative effort with the Controller’s Office. 
  • Received 408 new applications for InCommon Certificates compared to 993 last year. This increases the total to more than 2,658 active certificates.
  • Helped more than 1,774 people to avoid further cybersecurity compromise — an increase of more than 450 people from last year — as detection and response systems were improved. 
  • Processed more than 18,433 ServiceNow tickets in support of security services including vulnerability scanning, file integrity monitoring and logging/monitoring of security events,  a 50% increase over last year.
  • Processed more than 265 ServiceNow tickets related to IT exceptions, implementation plans, Endpoint Protection Standard (EPS) attestation questions, and privacy-related requests such as data deletes, research security requests, and other data security questions.
  • Resolved at least 3,404 software licensing support tickets with an average resolution time of 3.78 hours.
  • Managed software licensing and maintenance contracts totaling more than $11.5 million in addition to the $1 million SAS grant. Managed licensing partnerships with colleges and departments totaling more than $1.3 million.
  • Reviewed 254 additional clickwrap agreements for risks — a total of 1,297 reviewed since inception.
  • Continued to enhance the IT Purchase Compliance process to review IT purchases over $5,000 along with the Health Insurance Portability and Accountability Act (HIPAA) and PCI DSS solutions for security and accessibility compliance. In the past year, we conducted 207 reviews. Requirements were for security (25.6%), accessibility (61.84%), PCI DSS (11.11%), and email integration (34.78%). The process is reviewed continuously for development and improvement to accommodate anticipated growth in demand.
  • Increased public record, litigation hold, and eDiscovery requests from 1 to 12. Litigation hold releases increased from 0 to 3.
  • Revised the Cybersecurity Awareness Team (CSAT) charter to refine the scope and focus of the team. The team is now a working group under the Information Security Advisory Group (ISAG). CSAT is also updating the mandatory data security training internally using Playposit, a new interactive tool available in Moodle.
  • Sponsored a successful 2019 Cybersecurity Awareness Month (CSAM) in collaboration with cross-campus CSAT team members. The theme was “Protect the Pack: Be a Cyber Hero.” Activities featured “Origin Stories: Rise of the Cyber Pack,” which included cybersecurity experts from the Research Triangle Park community; Android and iOS mobile device security presentations; and “Stay Safe Online: A Cybergame” that required participants to pair virtual cards with helpful security tips.  
  • Sponsored successful 2020 Data Privacy Month (DPM) activities to provide users with the tools and knowledge to protect their privacy and control their digital footprint. The campaign used Twitter and other OIT communication channels to promote tips about wireless security, phishing, password security, two-factor authentication (2FA), mobile device security, tax fraud, and electronic media disposal.  
  • Continued to work with all stakeholders to remediate the issues identified in the March 26, 2019 internal audit of controls associated with ultra-sensitive data. The audit report is from the NC State Internal Audit team.
  • Updated and prioritized the NC State Cybersecurity Strategic Plan with targeted activities and resource requirements to secure university information systems and data to meet university-wide compliance with rules, regulations, laws, standards, and contractual obligations.
  • Completed the development of the university’s Information Security Program website, which provides oversight and guidance for the security of the university’s systems and data.  
  • Conducted an extensive review of service offerings for OIT service catalog inclusion, which is based on the EDUCAUSE Higher Education IT Service Catalog Rev 2.0 (ECAR 2.0).  
  • Overhauled the Mobile Device Security website with a new redesign, including new detailed procedures centered around user advocacy and effective, innovative solutions.  In addition to offering three learning options for each procedure, the site provides four OS-specific site versions: Android, iOS, macOS, and Windows 10.  
  • Completed, in collaboration with the Human Resources Onboarding Center, a major revision to the System Access Removal For Separating Employees web page.
  • Continued expansion and implementation of security tools to improve the protection of university information systems and data: vulnerability scanning; web application scanning; file integrity monitoring; sensitive information discovery; logging and monitoring; security information and event management; a network intrusion detection and protection system; a PCI DSS change-management application for merchants within ServiceNow; and two-factor authentication (2FA), which includes Duo Security and Google 2-Step Verification.
  • Continued the planning for the rollout of mandatory 2FA for students.
  • Developed, initiated and communicated an attestation process for Phase 1 of the Endpoint Protection Standard with a deadline to be extended to a later date from March 31, 2020 due to COVID-19. Developed and published supplemental EPS documentation to enhance the attestation process.
  • Continued remediation in response to the 2018 third-party (Agio) HIPAA risk assessment of NC State’s covered entities: Counseling Center, Student Health Services, Sports Medicine, Psychoeducational Clinic, and Diagnostic Teaching Clinic. Expected completion of remediation project is June 30, 2020. 
  • Performed the Gramm-Leach-Bliley Act (GLBA) risk assessment for the Cashier’s Office and Financial Aid, and confirmed their operations are GLBA-compliant.  
  • Updated and improved the Data Management Regulation, formerly the Data Management Procedure. Data classification levels are less subjective and further defined based on risk and impact to the university, with regard to strategy, reputation, finances, operations, compliance, and hazards. Reduced the number of data classification levels from five to four, eliminating the “white” category. The revision addresses the entire data life cycle from creation through deletion; addresses training and compliance; and clarifies governance roles and responsibilities, including a new role of data manager.
  • Developed an updated version of the Information Security and Privacy Acknowledgement form. Changed the title to include privacy since many of the referenced federal and state laws and university Policies, Regulations & Rules cover both privacy and security. Provided more specific details of the relevant federal and state laws with links to more details. Included RUL 08.00.17 – Cybersecurity Incident Response Procedure for details regarding the reporting of cybersecurity incidents. Provided more details on the Data Management Regulation, as it was updated in September, 2019. Plans are to implement the process of acknowledging the form electronically within the MyPack Portal on an annual basis beginning October 2020.
  • Upgraded network wiring infrastructure in 12 buildings and multiple NC State-occupied, leased spaces throughout Centennial Campus.
  • Upgraded network electronics in 75 telecom closets in 43 buildings on campus.
  • Kicked off a project to ensure ubiquitous Wi-Fi in all 210 classrooms.
  • Developed new edge switch architecture including a competitive evaluation of multiple vendors resulting in approximately $3 million in savings over eight years.
  • Partnered with Verizon to roll out SpiderCloud cell phone repeaters in six buildings.
  • Continued migration of life safety phones to voice over internet (VoIP); completed construction of southern half of main campus, began construction on Centennial, began design for Centennial Biomedical Campus, and began cutover on northern half of main campus
  • Made significant progress with service management, particularly with having all network hardware tracked by the configuration management database (CMDB).
  • Began detailed inventory and documentation of outside fiber paths.
  • Began detailed design to provide power and cooling improvements for Data Center 2. 
  • Worked with Housing to transition to a new video streaming service augmenting traditional cable television.
  • Implemented 2FA for VPN clients. VPN users in the Student, Faculty and Staff, Student Health Center, and OIT Staff groups are now required to authenticate with Duo Security when logging in to the VPN service
  • Migrated server workload balancing to a new system.
  • Launched a new interface to the Physical Layer Administration (PLA Ground) system, which provides general information to all faculty and staff about the physical or Layer 1 infrastructure on campus.
  • Built and deployed a new studio to broadcast via Network Device Interface, allowing video production from anywhere on campus to be produced from the West Dunn facilities.
  • Provided a complete broadcast solution for the Atlantic Coast Hockey Association (ACHA) post-season tournament and ACHA regionals. Provided broadcast support for the ACHA national hockey tournament.
  • Provided capacity to provide 10TB/college storage allocation for administrative data storage
  • Significantly reduced annual maintenance costs by retiring old network-attached storage arrays. New storage has five-year maintenance included in the purchase cost. Overall, storage and server refreshes reduced maintenance costs by ~$275,000 this year.
  • Transition from OpenAFS to AuriStor, which is compatible with the existing Andrew File Systems (AFS) clients and applications, is nearing completion. 
  • Retired MajorDomo (MJ2) service. Replaced MJ2 lists with Google Groups and enhanced Google Group service to meet some of the special use cases that formerly were only available from MJ2. 
  • Changed tape life processes to provide an additional five years of service from the existing MCNC tape library.
  • Replaced high performance computing (HPC) tape library in Data Center 2 (DC2) to enable both progress on DC2 power and cooling updates as well as providing additional hierarchical storage capacity for HPC service.
  • Retiring SysNews. SysNews has more than 100 applications, and while many are obsolete or no longer being used, a large number provide critical functions for university IT including monitoring, paging and on-call scheduling. In summer 2020, many of these functions will be moved to ServiceNow and be supported by existing modules there. The Central Services Integration team is working on new monitoring, paging and on-call scheduling solutions. Some replacement products have been identified and are being evaluated with respect to other groups’ desired features; they are all open source products with substantial support bases.
  • Participating with other University of North Carolina institutions in a new VMware license agreement that charges based on active allocated memory usage. Worked with teams to hold costs to about the same as last year. Also worked strategically to reduce software license costs: 
  • Moving Virtual Computing Lab images based on the Windows operating system to Azure Windows Virtual Desktop (WVD) and dropping the site license for Microsoft Virtual Desktop Access.
  • Dropped Red Hat Infrastructure license and moved to Red Hat Linux + Satellite only license. Also using standard support based on analysis of past support calls.
  • Initiated investigation of Oracle Linux as a potential replacement for Red Hat or as a component of dropping Red Hat site license.
  • Implemented Sender Policy Framework (SPF) records for ncsu.edu email to reduce spam internally and externally.
  • Improved security of a Google generic account password by requiring a stronger, higher-entropy password and an annual password change. 
  • Replaced the Enterprise Puppet application formerly used for configuration management of Linux computers subject to the PCI DSS with open source Puppet.
  • Replaced Kaspersky Anti-Virus on Windows servers with CrowdStrike.
  • Enabled encryption on Data Domain backups.
  • Transitioned ftp service to Linux virtual machines from Solaris servers. Working to move all connections to use sftp in place of ftp.
  • Working in collaboration with other campus Linux IT staff to develop Linux build for EPS-compliant Linux desktops and laptops.
  • Initiated monthly security patching process for all HPC servers accessible from campus network.
  • Continued to serve on the campus planning team for the Exempt from the Human Resources Act (EHRA) transition project. The focus of the work for the fiscal year 2019-2020 year was to conduct information sessions for staff considering their options, as well as review requests for changes in proposed classification levels.
  • Upgraded the ServiceNow system to the New York release in December 2019.
  • Revised the OIT Managed Desktop cost model, and the new cost model is now in use for fiscal year 2020-2021. The cost model reflects changes in infrastructure technologies and costs.
  • Provided project management support for the audio video deployment in the new Fitts-Woolard Engineering building.
  • Went live with a new version of the WolfPrint website in October 2019. Additionally, significant upgrades were performed for the WolfPrint environment over the 2019 holiday break.
Cyber security event showing partnerships
Become a Cyber Hero. During National Cybersecurity Awareness Month last October, ordinary individuals, like Dr. Marc Hoit and Rennie Bidgood of OIT, learned how they can join the forces of good against cybercriminals and become cyber heroes in their own right. During the keynote event, “Origin Stories: Rise of the Cyber Pack,” OIT partnered with leading Triangle security experts Gina Yacone of Agio, Susan Paskey of DC919, Priya Gandhi of Fidelity Investments, Shelley Westman of EY, and Eric Olson of Microsoft who revealed their origin stories and how they are fighting cybersecurity threats.  

Goal 5: Enhance Local and Global Engagement Through Focused Strategic Partnerships

  • Developed a proof of concept of the REPORTER non-credit registration system for assessment by the NC Community College System to determine if it will meet its needs to manage non-credit registrations.
  • Continuing to provide Tier 2 and Tier 3 support of Voice over IP (VoIP) to multiple UNC campuses. These partnerships allow these universities to provide phone service at a much lower rate while providing NC State with additional staff resources to improve resiliency of skill sets. 
  • Provided VoIP consultation services for the North Carolina Department of Information Technology.
  • Continued to provide high performance computing for researchers at the University of North Carolina at Greensboro.
  • Provided virtual computing lab services to North Carolina community colleges. Expanded service offering to support expanded distance education due to COVID-19.
  • Continued partnership with Industry Expansion Solutions (IES)/NC Manufacturing Extension Partnership (NCMEP) by providing subject matter expertise, assessment services, and cybersecurity support to designated small manufacturing companies in NC — specifically as it aligns to NIST 800-171 and the NIST MEP Network Digital Supply Chain Project. This partnership is establishing collaboration between community colleges and NC State to train interns to provide these services.