IT@Brown: News & Resources

By and for technology-minded folks at Brown

DCC Meeting Notes – December 2017

without comments

DCC MEETING NOTES – 12/13/2017


  • There are still some issues with the surplus process. We are still trying to validate that drives are being sanitized after being sent out – in the meantime please try and sanitize or crush drives yourself.
  • New Project – Backing up computers to Isolon. If your department is interested please contact don rogers.
  • Zoom is back at full service with no communication issues. If there are issues please email
    • Zoom rooms are coming close to becoming a packaged service. Keep an eye out for this in the new year.
  • Web services are going to be pushing web upgrades to departments over the next few years. If you are planning on updating or creating any web content for your departments please contact the communications group to get this started.



  • Welcome David Boyd to the endpoint engineering group.
  • EE has been getting Brown up to date by updating the dev/prod JAMF servers. They are expanding support for High Sierra and iOS 11.
  • Starting in January 2018 MacOS and iOS devices purchased through the brown bookstore will be DEP’d and will land in the pre-enrollment stage in JSS.
  • Windows patching bug has been squashed and machines should now be patching consistently. December patches have just been released and are being rolled out shortly.
  • Endpoint is working on the functionality of rolling out BIOS changes and updates for Dell Optiplex and Latitude machines. TPM changes/wake on LAN are features that can be configured and pushed remotely.
  • Dell has fixed the Dell asset tag issues and future orders should have asset tags. If you are still missing tags please contact Chris Grossi and he will make sure you receive tags from previous orders.




  • Replaces current data classification model
    • Policies are all being updated on Browns Webpage to reflect all of the changes being made. You may want to check your links to these policies if you use these in your departments.


  • Working with IT Audit and OGC
  • Initial focus
    • High-risk data (e.g. Banner and Workday)
    • Centralized services
  • Long-term process
  • Will eventually include departments

ISIRT – Information Security Incident Response Team

  • Formed in the fall of 2016 – Consists of key IT staff representing 15 areas in CIS
  • Newest ISG member:  Phirum Peang

For more information please see Mark’s full presentation





Written by Colin D Johnson

December 14th, 2017 at 2:52 pm

Posted in Uncategorized

DCC Meeting Notes – OCT 11 2017

without comments

DCC Meeting Notes – OCT 11 2017


Mike Gallino – National Cyber Security Month


Link to Presentation

If users from your departments enroll in Google two-step for Brown email, they will be entered into a contest for a Google Home assistant.

There are weekly quizzes that if aced will enter you into a drawing for an Amazon Fire HD 10 tablet.


Don Rogers – ENDPOINT and ITSC News


Endpoint News

Keyserver Apps still in production – keyserver apps will all stop launching soon. DCC’s should be updating these apps to current versions, but more communication will be sent out before shutting these applications down for good.

Cloudpath – Windows 10 / Cloudpath has had some issues. If you are on windows 10 cloudpath will not work – however, this is being worked on by both us and the vendor and should be resolved shortly. In the meantime, you can use the built-in manual wifi connection on cloudpath’s documentation. If this still doesn’t work please contact the service center for the workaround. Highly managed machines bound to AD will connect to wifi automatically and are unaffected.

Highly managed windows updates are being worked on – there is a forced update Friday morning where windows updates are automatically applied. There is now a 24-hour wait on Friday morning instead of a 3.5-hour wait.




Zoom – There are quality & connection issues with the new campus teleconferencing service. Everyone is currently working towards a solution at this time. Please continue to report zoom issues to or use the google sheet to log your issues.

Zoom Meeting Issue Reporting

Service and Repair – Techs are having a harder time sourcing parts directly from apple and dell. Parts are shipping later than they used to, however, equipment is breaking less and less. Please keep department’s expectations in check and offer realistic timeframes when sending equipment to S&R.

Warranties – The brown warranty is 1 year past the warranty that you buy with your machine. If you bring the computer to S&R within 4 years they will cover and repair the computer. As a reminder, if a Dell computer is purchased as a “Standard Issue machine” you will receive a 3-year accidental warranty as part of the brown standard package.

Surplus – In the past when computers were surplussed the drives were sanitized but this may no longer be the case. It is currently being advised that you sterilize the drive yourself either by using the drive crusher at CIT or by using DBAN if the drive is still operational. Don will be providing more information on this in the near future. 

Deskpro – Soon all DCC’s will be allowed to be a Deskpro agent. Please reach out to the service center if interested.

Ricoh – Canons are still being serviced by NECS. The phone number is still the same, Mark is still going to be the brown NECS tech.


Written by Colin D Johnson

October 11th, 2017 at 2:48 pm

Posted in Uncategorized

DCC Meeting Notes – September 13th, 2017

without comments

IT Auditing at Brown

IT Audit at Brown – Presentation

Presentation by: Beltus Ikechukwu – IT Auditor


  • Objective
    • Risk Management
      • Solution oriented approach – the three lines of defense
        • 1st line – Management Controls, Internal Control Measures (Example: Endpoint engineering/DCC’s)
        • 2nd line – Financial control, security, risk management, quality, inspection, compliance (Example: Mark Dieterich)
        • 3rd line – Internal Audit
    • Internal audit at brown
      • Independent, objective(does it make sense), assurance and consultative activity designed to add value to the organization.
      • Mission at Brown – Help the Corporation protect University resources and enhance the achievement of enterprise-wide strategies by evaluating and monitoring risks, processes and policies significant to the University’s mission.
      • Vision – Excel as value-added service that is committed to your goals.
      • Authority – Has free, full and unrestricted access as necessary to all and any University information, activities, records, property, etc
      • Process- Risk based approach, Project Planning and Risk Assessment, Test Work, Reporting-Draft and Final, Follow-up
    • It audit at brown
      • Focused on risks that impact
        • Organizational Units – Centralized and Decentralized IT Processes,
        • Infrastructure – Networking, Compute, Storage.
      • A simple control Model (SANS 20) -See slide show page 15


  • Potential Risk – Insider threat, Point of Sale intrusions, Cyber Espionage/phishing/ransom ware


  • FAQ
    • How is my department selected for an Audit?
      • Risk assessment or your request
    • How long does an audit typically take?
      • Depends on size, complexity, and strength of internal controls
    • How much of my time will the audit require?
      • We are considerate
    • How can I prepare for an audit?
      • Have key documents ready.
    • How confidential will the information I provide to you and my audit report be?
      • All info received and managed by the Office of Internal Audit Services is held at the appropriate level of confidentiality.


  • Common Findings
    • Lack of formalized policies and procedures
    • Inappropriate access management
    • Segregation of duties
    • Mis-configurations
    • Change management
    • Data Security



  • Most of us have our first encounter with IT Audit due to an incident, what is the threshold for when an IT audit will take place
    • Answer – Auditing can take place during an incident to bring in an outside perspective like another set of eyes. It can be used as a time to help solve the issue while knowing the risk has been lowered or removed. There is no specific threshold.

Chris Grossi – Announcements

  • Mary Salvas has announced retirement
    • Licensing issue’s will go through Chris Grossi
  • Remotes Apps have been rolled out to everyone
  • PPrint upgrades were overall successful
    • Over 700 queue’s
  • Looking for interest in Adobe Stock software
    • The software provides a library of stock images.
  • Keyserver – Users should be seeing messages notifying them to upgrade to newer non-keyed software.
  • Google Drive app – being deprecated


Link to audio :

Written by Jason T Jacques

September 18th, 2017 at 9:35 am

Posted in Uncategorized

DCC Meeting Notes – August 9th 2017

without comments

Chris Grossi –  Announcements

  • The Endpoint Engineering Team is hard at work developing PXE Boot for OSD. There will be more information coming on this in the near future.

Don Rogers – A Brief Introduction 

  • The new Associate Director for the IT Service Center Don Rogers came to say hello, introduce himself and speak a bit about the departments and people he now manages. Don will be managing the IT Service Center, the IT Support Consultants as well as the IT Helpdesk.

Stephanie Obodda & Gillian Bell – Zoom

  • The campus has recently signed an exciting new agreement to allow everyone on campus access to a Video Conferencing Service called “Zoom”
  • For more information about the features and implementation of zoom please check the link below.

Meeting Audio

Meeting Audio – August 2017 DCC Meeting

Written by Colin D Johnson

August 15th, 2017 at 10:46 am

Posted in Uncategorized

7-12-17 Meeting Notes

without comments

Jeanne Spinosa

  • Phone training available for the new Cisco phone system

Chris Grossi

  • Mathematica – Late for renewal, but continuing work on licensing. Currently in the grace period, but expect renewal by Friday.
  • Dell continues to be issues for the University
    • Still working with Jason to get things fixed
    • Pro Support Plus is included, but requires a custom quote
    • Property of Brown University label not always being applied, attempting to rectify
  • Desktop Management Working Group –
    • Drive Mapping Conversation this Friday
      • H: (home)
      • S: (shared – DFS)
      • Q: (classes)
    • Making progress with PXE boot. The following Tuesday DMWG meeting should have a demo.
    • Encryption – Working on key retrieval updates
      • Machines coming out of OSD are ready for encryption
    • RemoteApps – On track to offer to to everyone for the fall
    • Project landing for Papercut and RICOH at South Street Landing with possibility of expansion

Mike Connetta

  • Cannon fleet transition – from Graphic Services to CIS
    • Billing will be changing, details still being worked out
    • NECS is still the acting company for service
    • Price will not be changing
    • CIS will be providing Canon printer/copier recommendations

Ron Dunleavy

  • Tech Updates
    • Zoom web conferencing – coming down the pike (instead of WebEx)
      • More stable and easier to use
    • Personalized classroom experience
      • Occupancy sensor in rooms and auto detect for projectors and screens.
      • Room will automatically shut down without signal detection after a certain period of time
      • Tweaking GUI for touch panels to simplify the experience
        • 85 Waterman 015 (check room schedule in 25Live and test during open block)
        • Also upgraded 2 BioMed rooms
          • Laser Projector
            • Instant on and off
            • 20,000 hour lifespan (vs. 2000 hours for lamp)
            • Quiet
    • Panopto/lecture capture added to some event spaces
    • Lost 19 classrooms from Wilson Hall
      • New swing spaces are being provided with repurposed equipment
    • Services that Media Services offers
      • A/V Consultations
        • Quotes to installation
      • Event Planning
        • 10 day minimum requested
        • Flat labor rate of $85/hour of technician
        • Free technician setup provided
      • Production
        • Flat rate for video recording
      • Ambient Sound and Shanix are preferred vendors
        • Local with quick response

Written by

July 12th, 2017 at 12:39 pm

Posted in Uncategorized

DCC Meeting Notes – 5-10-17

without comments

Chris Grossi – Announcements

  • Dell is taking longer than anticipated updating the Premier Page with the Standard Configurations
  • Looking at PXE boot for OSD
  • Matlab TAH renewal is in process
    • May need to authenticate with Matlab account when using Matlab in public labs
  • SAS renewal is in process
  • Filemaker 16 has just be released, working on packaging and updating
  • Working on obtaining licenses for Scrivener

Stephanie Obboda – Virtru FAQ

  • Encrypted Email Solution – Nearly ready to roll out (hopefully in June)
    • End to end encryption
    • Does not protect against Gmail password hacks
    • Virtru detects SSN’s and recommends encryption
    • See FAQ at following link
    • Training Service Center to determine if Virtru emails are real or phishing to assist University questions

Josh Lamont (Telecommunications) – CISCO Phone Conversion Schedule

  • All infrastructure deployed
  • 35% of phones are deployed
  • 2200/6600
  • Call Centers
    • IT Service Center
    • Financial Aid
  • October 2018 Completion Date
  • Challenges
    • Are buildings PoE/UPS ready
    • Building verification confirming switch ports and tap IT’s
    • Populating 911 info
  • What we’ve learned
    • General Users
      • Single line
      • How to change wallpaper/ringtone
    • Power Users
      • Multiple lines
      • Significant difference in multi-line/multi-appearance
      • Forwarding of individual lines vs entire phone
      • Color phones, high contrast, huge text
    • Users shouldn’t move phones without the assistance of Telecom
    • Simple reboot of phone generally resolves basic issues
  • Additional info can be found at

Pat O’Leary – Network Group

  • Network Outage Review
    • Network Architecture (Core, Distribution, Access)
    • Control Plane versus Data Plane
    • High CPU
    • Control Plane Policing
    • Loop Detection
    • DPDU Guard
    • Broadcast Packets
  • BC Pod was having issues
    • Control Plane vs Data Plane
    • High CPU
      • When CPU gets too high, drops in services occur
    • Control Plane Policing (CoPP)
      • Issue with Dell NIC cards when machines were going to sleep
      • Categorizes and limits traffic destined for the CPU of a router/switch
      • “Helps” prevent against DoS attacks
      • Is customizable by protocol or access list policy
      • Allows the router/switch to continue doing it’s job over heavy loads
    • Cisco EEM Scripts
      • Embedded Event Manager
      • Allows NOC to capture traffic being received by the CPU during taxing periods
      • Tells which processes are using the most CPU
      • Allows us to have more visibility as to what is happening in the network and take corrective action
    • Loop Detection
      • Layer 2 networks must be loop free
        • Problem for redundant networks
        • Spanning Tree is the protocol used to prevent loops putting some points in blocking mode
        • BPDU’s are sent every 2 seconds
    • BPDU Guard
      • Bridge Protocol Data Units are only sent from switches participating in spanning tree
      • User ports should never see BPDU’s. If they do, then they are either connected to a  spanning tree switch
      • When this happens, tap is dialed for 15 minutes
    • Storm Control
      • Samples frames over the course of one second
      • If broadcast rate exceeds 20% of bandwidth, the port is error-disabled for 15 minutes
      • NOC receives a trap indicating this and can take corrective action
    • Residential halls are now under firewall blocking inbound

Doug Wilkinson – Network Group

  • Extending the network?
    • Switches and hubs – What will break?
      • Dot1x
      • Performance
      • BPDU guard and MAC address limits
    • Wireless routers?
      • Potential for interference
        • Home router defaults can cause issues
        • Has Brown-Guest ever prompted for a password?
      • Open Wifi (no password)
      • Tried Brown-Guest?
        • What doesn’t work?
  • Automated vlan/subnet selection (aka dot1x)
    • Why do this?
      • Security for networks with elevated access
      • Seamless access regardless of wired, wireless, or VPN
      • Alignment with Network Security Zones
    • Testing
      • Using Cloudpath to configure clients
      • MAC authentication for devices unable to use “credentials” to login
      • Fingerprinting device types as alternative

BBQ during June DCC Meeting

Written by

May 10th, 2017 at 1:03 pm

Posted in Uncategorized

DCC Meeting Notes – March 2017

without comments

DCC Meeting Notes – March 2017







This meeting is all about Dell and the new Products that they are offering this year.

All new Dell products released this year are releasing with the new Kaby Lake Intel Processors. These new processors ONLY work with Windows 10. Brown as a whole is pushing the windows environment to Windows 10. M and U are the new processor labels. M is a low power, low heat processor and leads to fanless notebook models. The U based processors are higher performing processors better suited for high level computing and research


  • All new notebooks released by dell this year will need to be coupled with the new dell docking system. It is USB Type C Docking.
  • Touchscreen Devices are now available in Full-HD (1920×1080) previously touch on these models required an upgrade to a QUAD-HD screen. The new touch screens have new Wacom digitizers (which increase accuracy when using touch and pen)
  • 5000 Series – Offers more internal components, processing power. Usually heavier and bulkier. The 5000 series also offers discrete GPU’s for higher graphics computing and rendering.
  • 7000 Series – Thinnest and lightest computing machines. Ethernet port “flaps” open to preserve the “thinness” of the ultrabook.
  • Wireless docking and wireless charging are coming to the new dell 7285 coming june this year. This coupled with the wireless dock and wireless charging mat make for a completely wireless computing solution. 5000/7000 notebooks will all work with wireless docking. You have to order your system with wireless docking.
  • New dell tablet (5485) solutions are openable and repairable. Unlike the Microsoft surface pro/surface book. Some models also offer Micro SD cards for expandable storage. The stylus/pen is sold separately.
  • Precision workstations are meant for high end users. They include high end graphics cards and fast storage.



  • WD15 – This is what most people will be using. Comes with HDMI and VGA. USB 2.0/Networking
    • There is a mounting bracket available for this dock as well.
  • Thunderbolt Dock – Drives 4k Displays and Has USB C as well as all of the other supported ports. This is the best option for future proofing.



  • 3000/5000/7000 are all smaller form factors
  • All in Ones are now offering 4k Displays
  • nVME storage is incredibly fast and are starting to be offered through dell.
  • Precision Towers are recommended for the power users on campus. They have certified graphics cards for business (nVidia Quadro) these are best for business/adobe/CAD applications.
  • Dell Canvas 27 is Dell’s answer to the new Surface Desktop. 27” Touchscreen with Wacom digitizer.


For more information about products and services please reach out to Brown’s Dell Representative. 


Written by Colin D Johnson

March 13th, 2017 at 10:39 am