Committee on Information Technology
Annual Report 2003-2004

Recommendations from previous year and/or current charges:

1. Continue to monitor and discuss campus network security and spam e-mail issues,
2. Promote campus awareness of campus network security spam e-mail issues,
3. Monitor the form and content of the University web site,
4. Assist in the development of a cohesive plan for technology in case of emergency as well as electronic recovery,
5. Armstrong's acceptable use and security policies should be reviewed and revised. The committee should participate in the review and possible revision.

Accomplishments:

1. The committee sent forward to the administration a new committee description driven by its change in name from the Committee on Computing, Information Service and Computer-Mediated Educational Technologies (CISCMET) to the Committee on Information Technology (CIT).
2. The committee conducted a formal review of six security policies and an informal review of a seventh security policy/procedure. These seven policies are:
   1. Internal Network Equipment Policy
   2. Internet DMZ Equipment Policy
   3. Password Policy
   4. Server Security Policy
   5. Wireless Communication Policy
   6. Audit Policy
   7. How are root level passwords secured procedure
3. The committee conducted an informal review of four policies related to acceptable use.
   1. AASU Acceptable Use Policy for Computers
   2. AASU Acceptable Use Policy for the Network
   3. AASU Accountability
   4. AASU Password Policy
   Note that item 2c is distinct from item 3d.
4. The committee briefly discussed the form and content of the university web site.

Recommendations for the next year:

1. Conduct a formal review during the fall semester of 2004 of the four policies related to acceptable use (described above).
2. Promote campus awareness of campus network security by assisting CIS in promoting the roll out of the revised policies and procedures described above.
3. Monitor the form and content of the University web site.