Wrap Up #USGRockEagle13

Now that I am back at work… And apparently was photographed and did not know it…

WordPress.com’s Jetpack publish feature pushed my prior Rock Eagle related posts about sessions I attended to some of my social media presences. Guess I could +1 them for Google Plus? Looks like the last time I blogged as much about Rock Eagle was 2007? Sad.

Also, I gave out only three business cards and received three new Twitter followers. @TBrow01 and @TylerWatts and @technicalissues There was some good activity on the #USGRockEagle13 Twitter hashtag.

What I like most about Rock Eagle is the conversations that happen outside the formal sessions. Friends and even bosses from my last job come, so we get to catch up. Even total strangers end up talking to me about things.

  • Last night a student worker who graduates in December. Hiring him full time fell through, but they will hold on to him as casual labor through February. As other staff left, he picked up some of their responsibilities to the point of having too much that can be completed by March.
  • A web developer who appreciated the conference for providing the big picture of how he fits into the 40,000 employee cog that is our university system.
  • A developer who moved to a school in the Technical College System of Georgia working on implementing a learning object repository with potential to be a system wide implementation.
  • Informal conversations with people who work in the same building. Guess people rushing off to the next meeting or sitting quietly in their cubes never really talk.

Plenty more happened.

Guess I will post the video of the fireworks later. It has been at 6 minutes remaining the last hour.

Institution Analytics #USGRockEagle13

Janice Hill, Columbus State University

  • Process:
    • Define KPI’s : grades,  starting degree, ending degree, and many more.
    • Design and Implement : ODI integrator
      • Subject area example : summation helps reports only pull one row per student.
      • Updating : degrees awarded only loaded at end of term.
    • Validation of data : Work with Institutional Research to figure out where wrong. Consulting with individuals who think data did not look right.
    • Production release : Start a new cycle.
  • Data elements:
    • Banner, PeopleSoft, Excel spreadsheets
    • student head count, student attempted credit hours, and about 30 others.
  • Dashboards : 8 in production, 2 in completed validation, 2 subject areas ready to be built. Changes to a dashboard not saved across sessions, so users need to export to a file.
  • Structure of Dashboard : Level prompts : College, department, program, major, term. Analysis. Footnotes.
  • Users with access : President, VP, Deans, Dept heads.
  • Export types : PDF, Excel, Web,
  • Errors: BI data loaded at 6am, so local data pulled at 9am WILL result in very small differences.
  • Progression dashboard : credit hours by term, avg GPA by class, avg GPA vs credit hours earned, demographic breakdowns, grades by academic level, grades by section
  • Retention and Graduation dashboard : after 1 year, after 6 years. Use both counts and percentages.
  • Talk with faculty about their data needs so can show it exists or build it into a report.
  • Individualized training. Understanding how to filter is a challenging concept.
  • User tracking enabled, so know how long they stay on a dashboard, filters used, the SQL used.
  • Try to use as little filters as possible. Her job to get the data. User’s job is to interpret.
  • Decisions and policy affected by this data.
  • Trying to get grade data to improve early warning.
  • What are the products for which they want analytics?
  • Using University System of Georgia requirements for retention, so pegged to Fall enrollment. “Some times you have to go past what makes sense to you and implement the rule.”

Excellent session!

Integrating D2L-Drupal Via LTI #USGRockEagle13

Tom Boyle, Kennesaw State University

  • Half Drupal and half Desire2Learn interest.
  • Request to determine how to decrease time it takes for an online student to go from application to orientation to advisement to registration.
  • Orientation took place in Desire2Learn.
  • Script looks for applicants in Banner and creates the user in Bulk User Management. Registrar enrolls them in the course.
  • Student takes the quiz.
  • Learning Tools Interoperability (LTI) is a way to integrate systems parallel to an LMS without the need for separate custom integrations. Custom output module  uses D2L external learning tools and LTI.
  • Drupal link is not world readable and users do not have to login. D2L configuration familiar. Open source allowed to write custom code to output to Banner. Sometimes the user does not click the button within Drupal so nothing gets captured. Maybe they should automatically click the button for them?
  • YAY!! Tom is using his test instance of D2L to demo instead of production. Love it when our clients use our services right.
  • URLs are not usable unless sent over by Desire2Learn ELT. Yay, for security.
  • Added LTI Tool Provider and OAuth-PHP libraries to Drupal.
  • Got to explain to Tom what some of the values he sees in the session variables.

Discussion:

  • Alternative method:
    • Intelligent agent emails an address to inform them the orientation is complete.
  • KSU going to use similar method for putting staff into course(s) for Ethics test. Really anything where Tom needs to get new users into D2L fast.

Security Inside Out #USGRockEagle13

Eddie Carter and Orrin Char, Oracle

    • Identity management and security and access management.
    • Eddie wore a UGA shirt. Guy in front of me made fun of him obviously not wanting to sell to Georgia Tech. Turns out he’s from  Kennesaw. The GT-UGA rivalry knows no bounds. Love it!
    • Handout: Database firewall more auditing and ACLs than enterprise firewalls access to many hosts.
    • 67% records breached from servers. 76% breached through weak or stolen credentials. Discovered by an external party. 97% preventable with basic controls. Source: 2013 Data Breach Investigations Report.
    • Pre-1997: security issues mistakes. 1998-2007: Privilege abuse. Curiosity. Leakage. 2008-2009: Malicious. Social engineering. Sophisticated attacks. Business data theft. Loss of reputation.
    • Can be fined. Buy services for people affected by the breach.
    • DBAs are the targets. Phishing to get credentials.
    • Change is where gaps are opened. Being more available means more highly privileged users. Consultants and vendors claim they need DBA level access.
    • 80% of IT security programs do not address db security. They address outside computers such as with firewalls. More and more attacks exploit legitimate access applications and user credentials.
    • Supports SQL Server and MySQL.
    • Preventative
      • encryption : If data stolen in encrypted form, then do not have report the breach? Application should not even know it is encrypted. Network encryption now free to us. Autonegotiates with destination. No application changes. Little overhead. Integrated with Oracle technologies. Key management 2 layers. Master in hardware module or in a wallet. Wallet can be tied to hardware and accessed at restart. Data encrypted with table or column key. Table and column keys encrypted with master key.
      • redaction : Use ACLs to determine who can see. It will replace text such as on credit card numbers, SSNs, so can only see a full, partial, fixed.
      • data masking for nonproduction use : copy of production data in test with test being less secure. Masking means no longer valuable data. Finds sensitive columns through templates and convert the data so meaningless. Shuffle salaries. ID numbers randomized even partial. Randomize all but first two characters of last name. Can be two way so change for sending to a partner for process but then revert back when returned.
      • privileged user controls : Compartmentalization of commands. Prevent consultants from querying certain tables. Creates protective zones around schema objects.
    • Detective
      • activity monitoring :
      • database firewall : sits on the network. Parses SQL to determine the intent. Whitelist and Blacklist and exception list. If none, then alerts security to it and potentially added to a list. Have a learning and blocking mode. Can return empty result list to a hacker so thinks there are no records.
      • auditing and reporting : analyze audit-event data. Central audit repository so hacker unaware. Default and custom reports.
      • conditional auditing framework : if-this-then-that
    • Administrative
      • privilege analysis : privilege capture mode. report on what actual privileges and roles that are used. Revoke unnecessary.
      • sensitive data discovery : scan Oracle for sensitive fields. data definitions.
      • configuration management : discover and classify databases. scan for secure config.

Minimal Downtime #USGRockEagle13

Marc Pare, Oracle

    • Why work on weekends or late at night? (For us because of director policy because accidents during the day changes untenable with clients. But this is targeted to Banner to not GeorgiaVIEW.)
    • Weblogic High Available Topology (Maximum Available Architecture)
      • Client > Apache Server or OHS > WLS Cluster (> Admin Server) > RAC Cluster (> Oracle DB)
      • Why is this not being used?
    • Impressed someone from Oracle is so in touch with problems of Banner on Oracle and solutions.
    • Use Oracle Enterprise Manager to monitor middle tier. Uses mBeans and exposes most items except for some provisioning.
    • Cloning. Template builder. Add new nodes or setup test instances.
    • Rolling upgrades: Bring down first, patch, bring back up; find second, bring down, patch, bring back up. If it encounters a problem, then it rolls back the patch and brings it back up.
    • When experimenting, bring back up with end user access blocked, test and verify. Only when happy, enable end user access. We should consider giving campus administrators access to our direct nodes for testing so they can verify before release. Or even better really knock out the automated testing.

D2L Tips and Tricks 10.2 #USGRockEagle13

Terri Brown and Louise Fechter, Georgia Southern University

    • Upgraded to Desire2Learn 10.2 in July 2013. (Actually from 9.4.1 to 10.0 earler then later to 10.2.)
    • Support plan: revised training, more documentation, briefed support team, wrote “tips & tricks”.
    • When get calls, walk through the task then follow up with a document. If no doc exists, then that is a trigger to create one.
    • Left navigation panel expandable. Drag and drop such as from Google Drive. (Requires Google App integration.)
    • Kaltura is where they have faculty place multimedia files.
    • Document viewer OK. Not as fully featured as desktop equivalents, so students probably will have to download many documents to use them. Binder not much better?
    • D2L Community site has templates for download. Organized templates into a folder. Then enable them.
    • Discussion “Must post first” option to make the student start a thread before they can respond to others.
    • Rubrics cannot be graded in discussion tool. Use two browsers.
      • Fort Valley: Open rubric in grade item. Grade topic.
    • Posts marked read automatically.
    • Deleted topics can be restored without outside intervention? TOO COOL. Am I out of a job now?
    • Reading view promoted instead of grid view. Maybe grid going to disappear soon?
    • Pager lost sound. Just an icon notification.
    • Dropbox enter grades for no submission so students see the item on their grades and better calculate their grades. Ungraded items not calculated as zero unless change Grades setting. Restore deleted folders. Bulk upload files.
    • Student was able to submit after the end date. Not able to replicate.
    • If due date AND end date set to the same value, then neither date shows in the calendar. Use only an end date. Serious bug.
    • View student progress is new. Graph of logins. Progress meter.
    • Quiz matching type improved. Recalculation requires clicking on the TRASH CAN icon (does not delete) to recalculate.
    • Lessons learned:
      • Set user expectations.
      • Communicate.
      • News widget.

 

GA Southern’s D2L Journey #USGRockEagle13

Eric Floyd and Terri Brown, Georgia Southern University

    • Real-Time Ellucian integration not cross-listing. Lack of quality control for release just before start of term. Hotfix soon after resolved.
    • 10.2 released late (June not May) so missed between terms window. Upgrade broke real-time again, but because delayed until August got the fix before upgrade.
    • Tried cloning from production to test, but decided better to copy 10 courses. (BCE, BCC tools)
    • Lessons learned:
      • TEST! Complexity grows with complexity of the system.
      • Familiarize changes in updates. Do not rely on D2L documentation. Listen to community. heug?
      • Be careful of encouraging third party tools. They can be bought and die.
    • Plan to move to D2L hosting? “Right now we are the tip of the spear… When GeorgiaVIEW’s functionality catches up, then that might be a possibility.”