GEORGIA INSTITUTE OF TECHNOLOGY

THE EXECUTIVE BOARD

 

MINUTES

Meeting of June 22, 2010

Held in the Poole Board Room of the Wardlaw Building

(See also a record of business conducted by email after the meeting.)

 

 

Members Present:        Bafna (Architecture), Baldridge (Grad. Student), Bishop (GTRI-ELSYS), Bohlander (Secretary of the Faculty, GTRI), Bowman (Vice-Chair, INTA), D’Urbano (OSP), Fox (Library), Henry (Chair, ORC), Jenkins (GTRI), Leggon (Public Policy), Marder (Chemistry), Millard (GTRI-ITTL), Schuster (Provost), Williams (USGFC Rep., ECE)

 

Members Absent:        Bennett (Mgt), Boone (U’Grad. Student), Buck (ECE), Ingram (ECE), Morley (Math), Michael Perdue (EAS), Peterson (President), Rossignac (CoC-IC), Tavares (Provost Office), Whiteman (ME)

 

Visitors:                       Baines (OIT), Ferri (IUCC), Herazy (Provost’s Office), Johnston (CoA), Laros (Registrar’s Office), Mullin (OIT), Paraska (Program Review & Accreditation), Pikowsky (Registrar), M. Smith (IGCC), A. Smith (SVPAA), Yezzi (ECE)

1.      Ms. Barbara Henry (Chair) opened the meeting at 3:00 P.M.  She introduced Anthony Baldridge as the new President of the graduate student body.

2.      She directed the Board’s attention to the Minutes of the April 6, 2010.  Executive Board meeting (Attachment #1).  These were approved unanimously.

3.   She next called on Provost Schuster to comment on matters of interest to the Georgia Tech community.

a)      Provost Schuster explained the budget preparations in progress for Fiscal Year 2011.  There were four significant budget factors: 1)  The first was the plan on the part of the University System of Georgia to increase tuition, both to raise revenue and to bring in-state tuition in line with studies of market valuations.  He reminded the Board that students who have participated in the fixed-for-four program would continue until they completed but new students would not have this option.  He also reported that Georgia Tech was no longer held to the old rule that out-of-state tuition would be four times that for in-state students.  Out-of-state tuition that high was no longer justified nor a good market fit.  He commented that several prestige universities had a listed tuition much higher than Georgia Tech’s out-of-state tuition of $26,000, but he said that these prestige tuitions were often discounted.  2) Next factor was the State of Georgia contribution to Georgia Tech’s cost.  While states nominally received two years of federal stimulus money to support higher education, there was flexibility in utilizing it and Georgia has used most of it in FY 2010.  State support for the University System of Georgia would then be dependent in FY 2011 on the State collecting sufficient tax revenues.  3) The third factor was overhead recovery from research grants and contracts, stated by Dr. Schuster as the strongest component.  Faculty and staff at Georgia Tech have earned a steadily increasing amount of research grants and contracts in a very competitive environment.  4) The final factor was earnings from Georgia Tech endowments.  Although the stock market has been recovering, the Georgia Tech Foundation has always reacted with restraint in withdrawing money in a recovering cycle.  Thus earnings transfers to Georgia Tech for operating purposes would be down somewhat in FY 2011.

Allocations of budget to operating programs have not yet been made as decisions remained about how much to hold back for uncertainty.  Dr. Schuster predicted this would be completed in about 6-8 weeks.  If state revenues did improve as projected, then the budget situation would likely be somewhat better than in the last two years, and if not, then it would be another difficult year.  He said he did not expect that Georgia Tech would institute any furloughs unless it was specifically instructed to do so.

b)      Dr. Schuster provided updates on the search for his successor.  He also noted that two new Deans would be starting soon.  Dean Zvi Galil would begin his service as Dean of the College of Computing about July 1, and Dean Jacqueline Royster, would begin her service as Dean of the Ivan Allen College around September 1. 

4.      Ms. Henry then called on the curriculum committees to review minutes and action items from their recent meetings.  Ms. Henry explained that the committees and the administration were requesting the Executive Board to review and approve curriculum changes on behalf of the faculty in place of the Academic Senate.  This would allow preparations for new curriculum arrangements to stay on schedule and would support collaborations in joint programs with other universities.  The Executive Board was empowered under the Georgia Tech statutes and bylaws to take such time-critical actions on behalf of the Academic Senate.

Dr. Marilyn Smith  represented the Graduate Curriculum Committee in beginning the presentation of curriculum matters based on Attachment #2 [revised to reflect corrections made during the presentations].  She reviewed the Graduate Curriculum Committee’s meetings of May 13 and June 10, 2010.  Reference was made also to the minutes posted at http://www.facultygovernance.gatech.edu/CommittMin009-010.htm.  Dr. Smith thanked Ms. Susan Paraska for her support of new curriculum initiatives such as the joint doctoral program with Politecnico di Milano. It was moved, seconded, and passed unanimously to approve the minutes and action items of the Graduate Curriculum Committee that were presented.

Dr. Al Ferri represented the Undergraduate Curriculum Committee in continuing with the presentation of curriculum matters from Attachment #2, as revised.  The same URL reflected minutes of meetings of this committee on May 11 and June 8, 2010, but only the latter had action items.  It was moved, seconded, and passed unanimously to approve the minutes and action items of the Undergraduate Curriculum Committee that were presented.

Dr. Bohlander thanked the curriculum committees for their dedicated service often requiring very careful detailed work.

5.      Ms. Henry asked Mr. John Mullin, Director of the Office of Information Technology (OIT) to tell the Executive Board about plans to provide better email service to faculty members and staff holding security clearances.  He presented his briefing using the slides contained in Attachment #3a.  Mr. Mullin introduced some of his staff, in particular, Mr. Herb Baines, Director of Information Security, and Victoria Anderson, Associate Director of Information Security and Program Manager for the initiative described in the attachment.  Mr. Mullin emphasized that the incidents prompting the change were not due to employee mistakes.  Emails had been sent or received which contained material that was unclassified at the time they were sent but later became classified due to government agencies changing their assessment of the content.  There was then a need to clean out the classified information from Tech’s email system.  This was a complex process and one was expected to use certified processes for such cleaning.  Unfortunately the Zimbra email system used by academic units at Tech did not have preapproved cleaning methods.  The Microsoft Exchange email systems used by GTRI did have approved methods, so the decision was taken to move any cleared personnel anywhere at Georgia Tech onto the Exchange system.  This would affect about 120 persons outside of GTRI.  As soon as transfers between email systems were completed, efforts would be undertaken to provide linkages between the two systems to support mutual calendaring.  Mr. Mullin indicated there might be reasons to consider outsourced or cloud computing solutions to provide part of Tech’s IT infrastructure in the future.  However, any such proposals would have to meet security standards and in-sourced solutions seemed likely to be required for personnel with security clearances.  Note this was not to say that classified information was ever handled intentionally on systems like the MS Exchange email system, but only that it was a more controlled environment in which to address clean up after data spills.

Q. For those faculty members moving to a new email service, would their email addresses change?  Ans. No.

Q. Were there additional costs in this changeover? Ans. No new servers would be needed and the academic departments impacted would not receive a bill for this.

Ms. Henry then called on Dr. Ron Bohlander to provide some reflections on the work of the Data Security Task Force who made a final report to the Executive Board on April 6, 2010.  He made use of the slides shown in Attachment #3b.  Dr. Bohlander said that his purpose was to review the work of the Task Force and to suggest some next steps.  Chartered by the Executive Board in January 2009, the Task Force was asked to “identify best practices [in data] security], recommend guidelines, and help craft messages that resonate with faculty.”  Once organized, the Task Force recognized that this was a bit open ended and so they resolved to do whatever they were going to do for only awhile and then recommend to the Executive Board what should be done after the Task Force came to an end.  Thus, a major feature of their final report to the Board in April 2010 was a recommendation to create a standing faculty committee on data security.  Dr. Bohlander noted that there had been a concern voiced by those participating in the April Board meeting that there was little in the final report about the matters contained in the charge to the Task Force.  If the action was to form a new elected standing committee, then the soonest it could be inaugurated would be August 2011.  If it was important to “identify best practices [in data] security], recommend guidelines, and help craft messages that resonate with faculty,” then it would be best to get that underway in the interim in some fashion.  One possible course of action for implementation prior to any possible elected committee would be to appoint a prototype committee in the interim.

Dr. Bohlander reviewed the minutes of the Task Force and said that there had been some discussion of security guidelines presented by various data stewards, but no distinct conclusions were reported.  Dr. Bohlander noted that OIT has a formal process for the review of IT policies but it did not yet include a formal role for faculty input.  He observed that it was difficult to focus faculty feedback on policies because operating units across campus used widely different implementation processes, leading to considerable diversity in experiences and outlooks on how IT policies and procedures work.  Furthermore what remained to be achieved in data security was often in the realm of what happened on each individual’s computer.

Dr. Bohlander painted a big picture of what was needed to support data security through a diagram in slide 4 of the attachment.  He said solving the problem started with awareness that there were problems and threats.  Then technology (firewalls and the like) was brought to bear.  Policies were constructed for how the tools available were to be used.  He said generally the campus had made considerable progress with these first three steps in the cycle.  The opportunities for improvement were in steps 4-6.  Better communication was needed of the expectations on all who used IT resources.  It has been said that a reason for a faculty committee was to promote better communication to faculty.  Dr. Bohlander agreed that would make a contribution but that ten or so people on the committee would not effectively   reach the much larger number of operating units.  Beyond communications, there was the need to have a disciplined response to policies.  Some members of the Task Force had expressed the feeling that there wasn’t really a lack of policies but rather a lack of following the policies.  Methods needed to be found by which discipline could be steadily improved and verified.  Finally, rewards and consequences needed to be tied to outcomes.  Dr. Bohlander recalled the discussion in April in which someone asked if any employees were held accountable for inappropriate data releases when they could have been prevented.  The answer appeared to be that accountability had not been demanded.  If something that demonstrably could cost the Institute millions of dollars and considerable reputational hurt did not have consequences for those who could have prevented it, then it was real easy for undisciplined activities to continue.  Dr. Bohlander wound up by saying that if all six steps on this slide were in good shape, then there would be a better framework in which a faculty committee could make important contributions.  Were this not the case, were steps 4-6 not robust, then Tech’s response would tend to be confusing and lack commitment.

Since then the issue was having an institute-wide commitment to the full cycle of things needed, Dr. Bohlander recommended that the Executive Board work with the administration in taking steps forward and for the Board to monitor progress.  He recommended that the administration develop or use existing communications channels to make sure that data security communications regularly reach every operating unit.  Such communications would include a) setting expectations, b) demonstrating tools and procedures (with feedback if they are not meeting needs), and c) measurement of actual progress.  He further recommended that the Executive Board and the administration work together on closing the loop with rewards and sanctions to underline that performance in data security matters.  Finally, he recommended that the Executive Board ask for an annual report on progress and risk assessment.  This would be analogous to the annual report on matters of concern in intercollegiate athletics that has become a tradition.

Q Do employees of the institute enter into any written agreement on how they would handle sensitive data? There was such a thing that persons receiving a security clearance would sign. Ans. John Mullins said, no, there was nothing like that in place, yet.  Reta Pikowsky, Registrar, said there were some FERPA forms that were sometimes used.   

General discussion was supportive that this was an important problem needing the sort of attention that had been recommended.  Mr. Mullin said that while much progress had been made on data security, what had been done so far was in some ways the easy part.  Remaining challenges were deeply embedded in culture.

Dr. Bohlander indicated that Executive Board leaders would follow up with the President and other senior leaders to make definite plans.  Dr. Schuster said that there was always the challenge in matters of this kind to balance remedies and risks, so as to select appropriate but not over burdensome processes.  Compliance would need to involve the faculty in a serious way in commitments to implementation of reasonable controls.  He recommended caution concerning penalties for what could truly be inadvertent, accidental security breaches.  He felt an emphasis on education should be the main thrust.

6.   Dr. Bohlander then discussed the draft calendar of faculty meetings shown in Attachment #4.  He discussed the guidelines that were followed based on rules in Georgia Tech’s statutes and bylaws and constraints imposed by other meetings, such as of the Board of Regents.  Proposed schedules were also coordinated closely with the President’s and Registrar’s offices.  Dr. Bohlander said that a venue had not yet been identified for the October faculty meeting and so this draft schedule was not ready to approve.  He invited further feedback and indicated he would send an email ballot for the Board’s approval when arrangements were firmer.

7.      Ms. Henry asked for reports from task force leaders and standing committee liaisons.    Notable highlights included:

·         Dr. Doug Williams reported that the Board of Regents formally recognized the University System of Georgia Faculty Council in May 2010.

·         Dr. Bohlander reported that he received information from the office of VP of Student Affairs about recommendations for changes in the Student Code of Conduct and the Student Organization Code of Conduct and these would be referred to the appropriate faculty committees (Student Regulations, Academic Integrity, and Student Activities).

8.   Hearing no further business, Ms. Henry declared the meeting adjourned at about 4:30 p.m. 

 

Submitted by Ronald A Bohlander, Secretary

August 29, 2010

Attachments

1)      Minutes of the April 6, 2010 meeting of the Executive Board

2)      Reports of the Graduate and Undergraduate Curriculum Committees
Minutes of these committees.

3)      Data Security presentations

a.       Email Service for Cleared Personnel

b.      Reflections on Faculty Input on Data Security

4)   Draft calendar for faculty meetings in 2010-11.

________________________

Addendum #1

The Secretary sent the following electronic ballot to the Executive Board on July 16, 2010:

The Proposed Calendar for 2010-11 is attached.  There are three out of the ordinary dates or times:

The calendar has been approved by the President’s Office and the Registrar.

 

I want to find out:  Do you approve the calendar of meetings as proposed?

________ Yes                   ________ No,  the problem is: _______________________________________________

Please let me know if possible by the end of this coming Tue., July 20.

 

 

A quorum of Executive Board Members answered yes without dissent.